Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/Tyspww2y1IE3jEFg_fEN6fKHbPg.roa
File: Tyspww2y1IE3jEFg_fEN6fKHbPg.roa (raw, json)
Hash identifier: LVW7XE8N/dJqd69+RWHNrE+j/855svrPMP4rM3pyB/0=
Subject key identifier: 4F:2B:29:C3:0D:B2:D4:81:37:8C:41:60:FD:F1:0D:E9:F2:87:6C:F8
Certificate issuer: /CN=1b6f07474f12f7a33e5c21bc2ffbb075a17bd13f
Certificate serial: 018CC3B69925E374FECC6667CDADD9AA4F6E
Authority key identifier: 1B:6F:07:47:4F:12:F7:A3:3E:5C:21:BC:2F:FB:B0:75:A1:7B:D1:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G28HR08S96M-XCG8L_uwdaF70T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/Tyspww2y1IE3jEFg_fEN6fKHbPg.roa
Signing time: Mon 01 Jan 2024 06:29:32 +0000
ROA not before: Mon 01 Jan 2024 06:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29549
IP address blocks: 195.177.206.0/24 maxlen: 24
195.177.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:99:25:e3:74:fe:cc:66:67:cd:ad:d9:aa:4f:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b6f07474f12f7a33e5c21bc2ffbb075a17bd13f
Validity
Not Before: Jan 1 06:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f2b29c30db2d481378c4160fdf10de9f2876cf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:29:35:68:83:44:77:bd:3d:64:2b:86:62:f1:
9f:8c:49:49:a0:0f:5e:d1:e2:83:96:77:12:6d:7b:
8b:8d:24:7d:e7:2f:cf:5e:19:70:d5:fe:b5:e7:4f:
41:c0:e6:73:cc:57:d2:3d:45:61:48:94:3e:96:e5:
e6:42:79:a3:74:56:c5:bc:be:e9:f1:21:ac:25:0e:
8f:24:7a:15:4b:ad:e9:79:85:1f:fe:4c:bf:6e:01:
8b:2f:27:48:d1:17:7f:db:0d:e2:b4:ee:67:ea:16:
d0:f3:7e:02:e6:1a:ee:7d:24:b8:6b:0c:a0:ed:63:
4e:86:ce:93:4c:75:59:0d:7c:cf:fc:53:f3:dc:a5:
e1:13:3f:af:19:c4:96:53:eb:39:07:ab:60:e9:d2:
df:9f:19:ee:2b:59:0b:c5:fe:8d:63:03:df:89:3e:
53:92:7a:79:2a:cf:45:69:bf:b7:0e:e3:36:38:cf:
28:d6:69:bd:40:d8:83:70:36:66:f1:99:2c:90:2c:
d7:60:85:23:cd:15:eb:cb:af:a0:b8:65:47:4e:c1:
a9:da:95:62:4d:3c:f1:67:eb:8f:ae:a8:d7:29:78:
c9:16:fe:17:2a:7b:23:24:92:41:55:9f:f8:dc:7f:
45:ea:64:a1:cc:71:bd:a0:58:31:d2:08:0e:1a:49:
96:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:2B:29:C3:0D:B2:D4:81:37:8C:41:60:FD:F1:0D:E9:F2:87:6C:F8
X509v3 Authority Key Identifier:
keyid:1B:6F:07:47:4F:12:F7:A3:3E:5C:21:BC:2F:FB:B0:75:A1:7B:D1:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G28HR08S96M-XCG8L_uwdaF70T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/Tyspww2y1IE3jEFg_fEN6fKHbPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/655006-6275-4d24-b3db-02c47b9ea49d/1/G28HR08S96M-XCG8L_uwdaF70T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.177.206.0/23
Signature Algorithm: sha256WithRSAEncryption
2a:22:b6:a8:f4:dd:79:98:b9:2f:c4:bf:b0:2f:a7:1f:09:94:
b4:72:b5:b0:2e:97:28:19:e8:0b:1a:e9:7f:7a:22:b8:43:43:
8f:95:83:eb:57:6d:7f:b0:15:97:6d:a4:82:07:00:48:3e:aa:
dd:02:5a:50:d8:58:21:05:3d:ab:9f:23:97:0a:a3:7e:7a:59:
13:30:7d:26:f3:f3:9f:4c:e0:c0:2c:61:d3:07:a7:79:2d:d2:
a2:7e:ba:38:a9:5b:c0:21:e5:36:3f:13:a3:f0:01:26:c2:ad:
de:d5:7c:df:28:4f:59:37:ad:42:6c:40:61:2a:1e:50:e3:03:
73:b8:06:56:48:4c:57:27:53:17:9a:90:46:53:cb:07:06:7f:
37:e8:2a:ee:ef:61:f5:fc:14:ff:a6:6e:94:b3:a2:7d:22:33:
3c:83:15:31:77:9a:61:0d:85:79:e0:88:ca:78:c6:16:67:27:
31:f4:a2:08:a9:a6:62:d3:f4:08:75:51:e3:5d:3b:ab:aa:2a:
3e:73:e2:eb:c0:2f:e7:4d:2c:26:c8:8d:b3:df:d8:c9:82:89:
91:aa:88:6e:31:8b:29:75:82:de:06:a9:ac:44:b8:60:25:83:
07:24:fd:f6:92:93:36:0f:0b:37:60:82:f2:a8:75:df:bb:f6:
2f:0f:f8:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtpkl43T+zGZnza3Zqk9uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiNmYwNzQ3NGYxMmY3YTMzZTVjMjFiYzJmZmJiMDc1YTE3
YmQxM2YwHhcNMjQwMTAxMDYyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjJiMjljMzBkYjJkNDgxMzc4YzQxNjBmZGYxMGRlOWYyODc2Y2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnik1aINEd709ZCuGYvGfjElJoA9e
0eKDlncSbXuLjSR95y/PXhlw1f61509BwOZzzFfSPUVhSJQ+luXmQnmjdFbFvL7p
8SGsJQ6PJHoVS63peYUf/ky/bgGLLydI0Rd/2w3itO5n6hbQ834C5hrufSS4awyg
7WNOhs6TTHVZDXzP/FPz3KXhEz+vGcSWU+s5B6tg6dLfnxnuK1kLxf6NYwPfiT5T
knp5Ks9Fab+3DuM2OM8o1mm9QNiDcDZm8ZkskCzXYIUjzRXry6+guGVHTsGp2pVi
TTzxZ+uPrqjXKXjJFv4XKnsjJJJBVZ/43H9F6mShzHG9oFgx0ggOGkmWMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8rKcMNstSBN4xBYP3xDenyh2z4MB8GA1UdIwQY
MBaAFBtvB0dPEvejPlwhvC/7sHWhe9E/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzI4SFIwOFM5Nk0tWENHOExfdXdkYUY3MFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC82NTUwMDYtNjI3NS00ZDI0LWIzZGIt
MDJjNDdiOWVhNDlkLzEvVHlzcHd3MnkxSUUzakVGZ19mRU42ZktIYlBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC82NTUwMDYtNjI3NS00ZDI0LWIzZGItMDJjNDdiOWVhNDlk
LzEvRzI4SFIwOFM5Nk0tWENHOExfdXdkYUY3MFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw7HOMA0G
CSqGSIb3DQEBCwUAA4IBAQAqIrao9N15mLkvxL+wL6cfCZS0crWwLpcoGegLGul/
eiK4Q0OPlYPrV21/sBWXbaSCBwBIPqrdAlpQ2FghBT2rnyOXCqN+elkTMH0m8/Of
TODALGHTB6d5LdKifro4qVvAIeU2PxOj8AEmwq3e1XzfKE9ZN61CbEBhKh5Q4wNz
uAZWSExXJ1MXmpBGU8sHBn836Cru72H1/BT/pm6Us6J9IjM8gxUxd5phDYV54IjK
eMYWZycx9KIIqaZi0/QIdVHjXTurqio+c+LrwC/nTSwmyI2z39jJgomRqohuMYsp
dYLeBqmsRLhgJYMHJP32kpM2Dws3YILyqHXfu/YvD/iA
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:13:51 2025 by rpki-client