Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/Tr80KqMo3KqVq1KOVYwovupZaZY.roa
File: Tr80KqMo3KqVq1KOVYwovupZaZY.roa (raw, json)
Hash identifier: DNIEOmUpNvmXFkG0eyLv5mDqRCgBfssDkqz3nBlucNw=
Subject key identifier: 4E:BF:34:2A:A3:28:DC:AA:95:AB:52:8E:55:8C:28:BE:EA:59:69:96
Certificate issuer: /CN=7afb5441d8ef8e41aa28dd51cdde925943aef7fa
Certificate serial: 0192D89CF1DBD0071DEB87C85394FCF19254
Authority key identifier: 7A:FB:54:41:D8:EF:8E:41:AA:28:DD:51:CD:DE:92:59:43:AE:F7:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evtUQdjvjkGqKN1Rzd6SWUOu9_o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/Tr80KqMo3KqVq1KOVYwovupZaZY.roa
Signing time: Tue 29 Oct 2024 14:10:17 +0000
ROA not before: Tue 29 Oct 2024 14:10:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 116.199.224.0/21 maxlen: 21
116.199.232.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d8:9c:f1:db:d0:07:1d:eb:87:c8:53:94:fc:f1:92:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7afb5441d8ef8e41aa28dd51cdde925943aef7fa
Validity
Not Before: Oct 29 14:10:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ebf342aa328dcaa95ab528e558c28beea596996
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:eb:81:d7:99:41:0f:80:76:2e:cc:a9:5e:1c:
60:96:64:a2:68:17:58:03:c9:8c:5d:05:43:c6:30:
b2:08:a4:32:ca:f4:3e:cc:38:63:3c:11:62:df:ee:
a7:02:59:ac:e8:ed:d0:be:68:b0:6f:43:a1:4d:58:
84:f6:54:3d:a6:d1:9f:54:ab:fc:c8:6e:a1:2d:a7:
0f:e2:49:fa:68:a1:ec:74:b9:f7:e9:b9:e7:0d:16:
3d:64:2a:dd:d1:ae:3b:3b:99:06:3a:17:91:76:49:
37:7b:bc:4f:0e:04:57:07:f1:43:6e:9f:f4:65:f7:
a2:b4:37:2b:5d:02:1a:a1:62:db:0a:2e:14:8d:5e:
c8:10:d5:8a:4c:f4:4c:16:a6:bd:b3:10:50:82:50:
99:a8:f1:99:b1:9f:5d:4b:a1:81:88:04:b3:68:5d:
83:82:b9:82:eb:27:77:27:1f:2b:85:3f:7d:bc:5f:
3a:9b:78:b1:c1:21:1b:2d:7e:be:91:e4:d1:05:ab:
54:30:3d:db:f6:e3:c8:f4:2c:77:bf:5d:4f:9a:62:
51:86:a9:9c:4f:be:fc:6f:ce:a0:af:e4:8c:e3:1e:
d4:c6:39:dc:a0:d4:cf:d6:5a:75:16:95:3e:39:68:
c7:41:51:1e:6f:3c:5f:f5:19:c8:7d:79:93:41:3e:
91:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:BF:34:2A:A3:28:DC:AA:95:AB:52:8E:55:8C:28:BE:EA:59:69:96
X509v3 Authority Key Identifier:
keyid:7A:FB:54:41:D8:EF:8E:41:AA:28:DD:51:CD:DE:92:59:43:AE:F7:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evtUQdjvjkGqKN1Rzd6SWUOu9_o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/Tr80KqMo3KqVq1KOVYwovupZaZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/4d76f5-42ec-453e-8992-d8973acaf41d/1/evtUQdjvjkGqKN1Rzd6SWUOu9_o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
116.199.224.0-116.199.233.255
Signature Algorithm: sha256WithRSAEncryption
6c:4f:93:dc:2a:6f:d2:5e:72:3a:c0:f6:6c:87:9d:20:00:40:
76:7b:c5:1e:59:cd:47:39:14:77:1a:f3:5a:fb:65:96:42:c6:
07:0a:f0:dd:b9:99:96:2d:f0:27:14:0a:b5:68:41:96:04:2f:
59:01:23:a9:09:8c:ae:e7:48:73:be:aa:61:73:96:25:77:69:
b1:21:2b:5f:ac:2d:39:1d:86:32:02:2d:85:2a:3e:ad:71:f2:
52:59:af:ea:32:21:37:ed:cb:74:88:43:74:8f:23:20:9f:96:
00:a6:d5:f6:0f:b7:20:a7:50:fb:8b:6a:57:29:c1:93:8c:2a:
ea:83:b4:8b:80:2c:a5:da:58:e5:88:75:b8:ad:8f:ba:5c:af:
78:17:af:95:47:ca:79:4f:b5:a9:ac:82:f1:3a:bb:03:60:88:
4e:9b:b1:3c:2e:fb:54:e7:c0:f2:8a:35:8f:6e:2a:78:fc:a0:
94:6a:74:7e:46:98:75:5f:81:74:be:b2:29:34:0a:7f:a6:f4:
3e:86:b9:5d:9b:4c:4f:61:b9:75:0f:70:ac:de:57:4b:5a:fb:
8e:c9:0b:6d:d3:d2:56:ed:f5:70:37:8c:ff:b6:10:97:10:16:
09:65:65:b9:d8:b0:ea:1a:7f:6a:97:c2:48:92:64:d3:aa:6a:
50:8e:2b:ae
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZLYnPHb0Acd64fIU5T88ZJUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZmI1NDQxZDhlZjhlNDFhYTI4ZGQ1MWNkZGU5MjU5NDNh
ZWY3ZmEwHhcNMjQxMDI5MTQxMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWJmMzQyYWEzMjhkY2FhOTVhYjUyOGU1NThjMjhiZWVhNTk2OTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOuB15lBD4B2LsypXhxglmSiaBdY
A8mMXQVDxjCyCKQyyvQ+zDhjPBFi3+6nAlms6O3Qvmiwb0OhTViE9lQ9ptGfVKv8
yG6hLacP4kn6aKHsdLn36bnnDRY9ZCrd0a47O5kGOheRdkk3e7xPDgRXB/FDbp/0
ZfeitDcrXQIaoWLbCi4UjV7IENWKTPRMFqa9sxBQglCZqPGZsZ9dS6GBiASzaF2D
grmC6yd3Jx8rhT99vF86m3ixwSEbLX6+keTRBatUMD3b9uPI9Cx3v11PmmJRhqmc
T778b86gr+SM4x7UxjncoNTP1lp1FpU+OWjHQVEebzxf9RnIfXmTQT6RmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE6/NCqjKNyqlatSjlWMKL7qWWmWMB8GA1UdIwQY
MBaAFHr7VEHY745BqijdUc3ekllDrvf6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZ0VVFkanZqa0dxS04xUnpkNlNXVU91OV9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80ZDc2ZjUtNDJlYy00NTNlLTg5OTIt
ZDg5NzNhY2FmNDFkLzEvVHI4MEtxTW8zS3FWcTFLT1ZZd292dXBaYVpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80ZDc2ZjUtNDJlYy00NTNlLTg5OTItZDg5NzNhY2FmNDFk
LzEvZXZ0VVFkanZqa0dxS04xUnpkNlNXVU91OV9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAV0x+AD
BAF0x+gwDQYJKoZIhvcNAQELBQADggEBAGxPk9wqb9JecjrA9myHnSAAQHZ7xR5Z
zUc5FHca81r7ZZZCxgcK8N25mZYt8CcUCrVoQZYEL1kBI6kJjK7nSHO+qmFzliV3
abEhK1+sLTkdhjICLYUqPq1x8lJZr+oyITfty3SIQ3SPIyCflgCm1fYPtyCnUPuL
alcpwZOMKuqDtIuALKXaWOWIdbitj7pcr3gXr5VHynlPtamsgvE6uwNgiE6bsTwu
+1TnwPKKNY9uKnj8oJRqdH5GmHVfgXS+sik0Cn+m9D6GuV2bTE9huXUPcKzeV0ta
+47JC23T0lbt9XA3jP+2EJcQFgllZbnYsOoaf2qXwkiSZNOqalCOK64=
-----END CERTIFICATE-----
Generated at Sun Apr 6 15:16:04 2025 by rpki-client