Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/201763-176c-4e78-9bc0-496f30ac5275/1/TFBmP2FW9mxeaeuFmA5kG5ps3ms.roa
File: TFBmP2FW9mxeaeuFmA5kG5ps3ms.roa (raw, json)
Hash identifier: NhYGI3CkdR9S3ORjDyJBI9M8Vaspm49gxcta1uRsBsM=
Subject key identifier: 4C:50:66:3F:61:56:F6:6C:5E:69:EB:85:98:0E:64:1B:9A:6C:DE:6B
Certificate issuer: /CN=88652fe652966d728a527aee6e43c485c6939f45
Certificate serial: 018CC6B7CBEA243D4A53B84AE8BC4C360B89
Authority key identifier: 88:65:2F:E6:52:96:6D:72:8A:52:7A:EE:6E:43:C4:85:C6:93:9F:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iGUv5lKWbXKKUnrubkPEhcaTn0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/201763-176c-4e78-9bc0-496f30ac5275/1/TFBmP2FW9mxeaeuFmA5kG5ps3ms.roa
Signing time: Mon 01 Jan 2024 20:29:43 +0000
ROA not before: Mon 01 Jan 2024 20:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29663
IP address blocks: 195.149.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:cb:ea:24:3d:4a:53:b8:4a:e8:bc:4c:36:0b:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88652fe652966d728a527aee6e43c485c6939f45
Validity
Not Before: Jan 1 20:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c50663f6156f66c5e69eb85980e641b9a6cde6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:39:5c:d2:fc:09:ce:cc:86:85:0f:f2:ef:1d:
78:0c:2a:4c:58:9c:49:19:fc:17:8f:b1:c6:c1:76:
ba:c8:3e:d8:9c:47:17:4b:c4:97:8d:3d:cf:e0:84:
4f:61:12:af:70:9b:cc:92:8f:35:0f:72:cb:5a:46:
f5:26:f7:eb:e4:ff:4c:84:bc:0f:44:f2:54:cb:db:
ff:37:23:04:1e:8a:c8:04:b2:b0:de:a6:05:03:64:
04:0d:89:44:24:43:89:37:30:54:1b:b1:7b:51:c0:
41:a3:cc:c5:62:c3:e4:f1:fb:69:13:7c:08:6c:1d:
32:f3:2d:7e:a8:59:c7:8d:b7:88:63:b7:bd:bc:dc:
bb:3a:7e:ad:39:35:0b:ec:51:36:c4:a4:90:12:15:
d2:ba:52:8e:78:7f:b2:78:a0:2e:8f:4a:ec:f1:ab:
d4:97:da:c6:a0:d0:0b:9d:01:84:3b:38:a8:74:11:
41:82:dd:02:9c:21:e5:bc:22:8b:a9:cf:46:9f:3b:
c7:e1:ce:45:f7:bf:f8:87:a5:9a:51:ee:1d:31:fd:
c9:2d:d6:39:d1:32:55:b4:2a:ce:ec:67:16:4c:28:
6a:aa:00:e1:a5:50:10:c3:7a:ca:bb:1d:15:2d:8a:
c4:db:b9:2a:5b:cd:de:e5:f4:36:8e:54:16:46:b3:
9d:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:50:66:3F:61:56:F6:6C:5E:69:EB:85:98:0E:64:1B:9A:6C:DE:6B
X509v3 Authority Key Identifier:
keyid:88:65:2F:E6:52:96:6D:72:8A:52:7A:EE:6E:43:C4:85:C6:93:9F:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iGUv5lKWbXKKUnrubkPEhcaTn0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/201763-176c-4e78-9bc0-496f30ac5275/1/TFBmP2FW9mxeaeuFmA5kG5ps3ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/201763-176c-4e78-9bc0-496f30ac5275/1/iGUv5lKWbXKKUnrubkPEhcaTn0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.149.112.0/24
Signature Algorithm: sha256WithRSAEncryption
87:e6:29:99:a4:45:d2:21:8d:5c:e8:66:66:8f:b9:5c:19:00:
dc:be:06:4a:45:8a:b3:ef:62:37:9f:c3:e7:6a:d6:11:e8:8b:
78:65:75:42:33:0d:b9:d3:9e:f0:6e:02:ed:82:71:56:3a:93:
5d:81:a7:bc:7c:c9:9c:10:16:f7:69:79:28:42:c3:ad:39:94:
40:63:21:4e:b5:a4:e7:aa:5f:5a:26:c7:2b:49:47:97:36:a3:
8e:b7:49:20:46:4b:e9:84:c3:46:94:69:26:21:01:5a:d4:bd:
0c:8d:9b:21:f5:21:fa:e4:cd:ab:1f:de:d6:c3:f1:78:96:32:
b7:b9:d4:11:e5:76:7c:7a:b7:27:06:fa:53:f6:f2:61:f3:18:
c5:91:b8:3e:90:be:f3:5e:b0:3a:7d:42:11:8b:9d:d9:fd:dd:
cf:39:d3:33:56:e8:e7:d5:67:0b:fd:09:84:eb:b8:0c:2a:75:
64:76:13:e9:84:23:d5:9c:ac:83:98:70:2b:46:e6:8e:26:86:
6e:0b:05:92:bf:a9:86:6f:b0:ca:54:ca:86:0a:1b:2d:28:78:
8a:cc:08:7d:a2:d8:18:d6:dc:d6:10:c8:af:c7:63:8a:d9:f6:
48:08:3a:3e:2f:d8:c1:81:46:5d:fd:2a:5b:40:74:fc:fe:40:
6a:5f:f8:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt8vqJD1KU7hK6LxMNguJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NjUyZmU2NTI5NjZkNzI4YTUyN2FlZTZlNDNjNDg1YzY5
MzlmNDUwHhcNMjQwMTAxMjAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzUwNjYzZjYxNTZmNjZjNWU2OWViODU5ODBlNjQxYjlhNmNkZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmTlc0vwJzsyGhQ/y7x14DCpMWJxJ
GfwXj7HGwXa6yD7YnEcXS8SXjT3P4IRPYRKvcJvMko81D3LLWkb1Jvfr5P9MhLwP
RPJUy9v/NyMEHorIBLKw3qYFA2QEDYlEJEOJNzBUG7F7UcBBo8zFYsPk8ftpE3wI
bB0y8y1+qFnHjbeIY7e9vNy7On6tOTUL7FE2xKSQEhXSulKOeH+yeKAuj0rs8avU
l9rGoNALnQGEOziodBFBgt0CnCHlvCKLqc9GnzvH4c5F97/4h6WaUe4dMf3JLdY5
0TJVtCrO7GcWTChqqgDhpVAQw3rKux0VLYrE27kqW83e5fQ2jlQWRrOd/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFExQZj9hVvZsXmnrhZgOZBuabN5rMB8GA1UdIwQY
MBaAFIhlL+ZSlm1yilJ67m5DxIXGk59FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUdVdjVsS1diWEtLVW5ydWJrUEVoY2FUbjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yMDE3NjMtMTc2Yy00ZTc4LTliYzAt
NDk2ZjMwYWM1Mjc1LzEvVEZCbVAyRlc5bXhlYWV1Rm1BNWtHNXBzM21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yMDE3NjMtMTc2Yy00ZTc4LTliYzAtNDk2ZjMwYWM1Mjc1
LzEvaUdVdjVsS1diWEtLVW5ydWJrUEVoY2FUbjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw5VwMA0G
CSqGSIb3DQEBCwUAA4IBAQCH5imZpEXSIY1c6GZmj7lcGQDcvgZKRYqz72I3n8Pn
atYR6It4ZXVCMw25057wbgLtgnFWOpNdgae8fMmcEBb3aXkoQsOtOZRAYyFOtaTn
ql9aJscrSUeXNqOOt0kgRkvphMNGlGkmIQFa1L0MjZsh9SH65M2rH97Ww/F4ljK3
udQR5XZ8ercnBvpT9vJh8xjFkbg+kL7zXrA6fUIRi53Z/d3POdMzVujn1WcL/QmE
67gMKnVkdhPphCPVnKyDmHArRuaOJoZuCwWSv6mGb7DKVMqGChstKHiKzAh9otgY
1tzWEMivx2OK2fZICDo+L9jBgUZd/SpbQHT8/kBqX/i9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:44 2025 by rpki-client