Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/TAfq6jbTi6Z2XQ8GgXJz7eaA1P4.roa
File: TAfq6jbTi6Z2XQ8GgXJz7eaA1P4.roa (raw, json)
Hash identifier: OUjZfjSTyfEKWSEAwXA5lsunWx2jvfirQh9666jzeX8=
Subject key identifier: 4C:07:EA:EA:36:D3:8B:A6:76:5D:0F:06:81:72:73:ED:E6:80:D4:FE
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018E2E2F23E1921F65FBEDCBE75EFBE6F6FA
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/TAfq6jbTi6Z2XQ8GgXJz7eaA1P4.roa
Signing time: Mon 11 Mar 2024 15:43:45 +0000
ROA not before: Mon 11 Mar 2024 15:43:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25717
IP address blocks: 171.25.138.0/24 maxlen: 24
171.25.139.0/24 maxlen: 24
171.25.140.0/24 maxlen: 24
171.25.141.0/24 maxlen: 24
171.25.142.0/24 maxlen: 24
171.25.143.0/24 maxlen: 24
193.221.16.0/24 maxlen: 24
193.221.17.0/24 maxlen: 24
193.221.18.0/24 maxlen: 24
193.221.19.0/24 maxlen: 24
193.221.20.0/24 maxlen: 24
193.221.21.0/24 maxlen: 24
193.221.22.0/24 maxlen: 24
193.221.23.0/24 maxlen: 24
193.221.54.0/23 maxlen: 23
193.221.56.0/24 maxlen: 24
193.221.57.0/24 maxlen: 24
193.221.68.0/24 maxlen: 24
193.221.69.0/24 maxlen: 24
193.221.70.0/23 maxlen: 23
193.221.72.0/24 maxlen: 24
193.221.74.0/24 maxlen: 24
193.221.75.0/24 maxlen: 24
193.221.76.0/24 maxlen: 24
193.221.77.0/24 maxlen: 24
193.221.78.0/24 maxlen: 24
193.221.79.0/24 maxlen: 24
193.221.80.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Apr 2024 12:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:2f:23:e1:92:1f:65:fb:ed:cb:e7:5e:fb:e6:f6:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Mar 11 15:43:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c07eaea36d38ba6765d0f06817273ede680d4fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a2:e0:c8:4c:99:63:94:e7:37:80:77:51:41:
8d:e3:31:46:9a:e6:b7:5e:00:7a:9a:37:2a:02:93:
7d:97:6a:40:98:48:5d:53:de:03:74:6d:12:b0:de:
fe:55:2b:d6:25:a6:80:11:50:36:1e:42:c4:d1:bc:
a8:bb:36:03:a7:b6:00:25:b6:d0:9d:33:a4:c4:9c:
7b:5b:ae:bc:5f:51:0c:46:8a:b2:5e:8e:95:bd:f5:
0f:59:b3:3f:4e:3f:b7:65:56:8d:ad:89:c6:74:57:
75:f7:52:0b:5d:57:23:d1:e1:c0:1b:e2:e1:c1:ee:
68:15:9d:ed:d6:32:04:b4:65:ab:37:a5:8c:c6:e8:
45:05:a7:61:ef:6a:9a:8c:ef:9f:77:89:3a:9d:5b:
ad:50:0b:00:c8:24:e1:6a:b2:ed:c2:ed:ce:96:1d:
d6:02:a9:d2:02:14:a8:c6:d7:68:eb:26:ed:4d:98:
ee:c2:5e:62:22:9e:b7:b3:0a:bc:8b:9f:c2:56:30:
98:06:2c:d3:31:ac:d7:8f:5a:c0:a0:9d:e7:60:18:
f4:69:c7:f9:fa:25:5a:b2:57:25:7e:19:70:0d:b6:
60:22:f6:7f:77:3c:bd:e0:34:32:14:7e:1e:8f:02:
19:26:ab:18:64:51:14:7a:6a:e5:22:71:8e:37:4e:
35:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:07:EA:EA:36:D3:8B:A6:76:5D:0F:06:81:72:73:ED:E6:80:D4:FE
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/TAfq6jbTi6Z2XQ8GgXJz7eaA1P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.138.0-171.25.143.255
193.221.16.0/21
193.221.54.0-193.221.57.255
193.221.68.0-193.221.72.255
193.221.74.0-193.221.80.255
Signature Algorithm: sha256WithRSAEncryption
2a:92:01:66:e5:c3:30:5c:9c:bb:b1:c5:de:35:94:1d:f5:33:
fe:38:0c:b2:56:4d:83:a1:3f:e5:40:0a:12:d6:d5:69:70:a6:
24:6e:a9:24:a0:aa:2b:f2:ce:d8:00:be:bd:47:72:5c:75:7a:
b5:16:be:5d:e9:51:2c:c0:87:90:cf:2d:9d:12:bc:39:21:3d:
67:95:de:19:7f:43:3a:c2:ec:6d:1b:25:a9:0d:24:65:e8:d1:
a7:5e:79:2f:92:73:14:e4:fd:e0:28:0d:74:1f:5e:52:01:a7:
c0:0d:ff:6e:21:e5:c3:e9:ae:c9:8d:79:5d:92:99:54:b0:93:
e9:b5:fd:d9:39:7b:5a:26:ec:61:7b:1e:fe:0e:65:7d:37:ff:
49:1b:cf:a1:07:de:53:8c:85:3a:57:02:1f:d1:50:c5:da:1b:
5e:e7:5f:c0:b0:36:bc:59:de:34:5a:84:b9:22:66:68:80:3f:
0f:ce:0e:be:e0:a8:db:da:c2:ae:3f:9c:b4:78:e2:db:1a:44:
d6:ed:de:97:04:24:8c:ea:1f:31:99:ed:bd:82:3f:fe:a9:26:
9e:86:5c:18:d8:08:b9:2f:6f:52:63:76:42:16:62:db:71:e8:
2c:62:93:2e:7c:ec:8e:04:b1:1a:4a:89:18:3c:7d:3a:1b:be:
3e:9a:5a:43
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAY4uLyPhkh9l++3L51775vb6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQwMzExMTU0MzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzA3ZWFlYTM2ZDM4YmE2NzY1ZDBmMDY4MTcyNzNlZGU2ODBkNGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraLgyEyZY5TnN4B3UUGN4zFGmua3
XgB6mjcqApN9l2pAmEhdU94DdG0SsN7+VSvWJaaAEVA2HkLE0byouzYDp7YAJbbQ
nTOkxJx7W668X1EMRoqyXo6VvfUPWbM/Tj+3ZVaNrYnGdFd191ILXVcj0eHAG+Lh
we5oFZ3t1jIEtGWrN6WMxuhFBadh72qajO+fd4k6nVutUAsAyCTharLtwu3Olh3W
AqnSAhSoxtdo6ybtTZjuwl5iIp63swq8i5/CVjCYBizTMazXj1rAoJ3nYBj0acf5
+iVaslclfhlwDbZgIvZ/dzy94DQyFH4ejwIZJqsYZFEUemrlInGON041iQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFEwH6uo204umdl0PBoFyc+3mgNT+MB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvVEFmcTZqYlRpNloyWFE4R2dYSno3ZWFBMVA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjBEBAIAATA+MAwDBAGrGYoD
BASrGYADBAPB3RAwDAMEAcHdNgMEAcHdODAMAwQCwd1EAwQAwd1IMAwDBAHB3UoD
BADB3VAwDQYJKoZIhvcNAQELBQADggEBACqSAWblwzBcnLuxxd41lB31M/44DLJW
TYOhP+VAChLW1WlwpiRuqSSgqivyztgAvr1Hclx1erUWvl3pUSzAh5DPLZ0SvDkh
PWeV3hl/QzrC7G0bJakNJGXo0adeeS+ScxTk/eAoDXQfXlIBp8AN/24h5cPprsmN
eV2SmVSwk+m1/dk5e1om7GF7Hv4OZX03/0kbz6EH3lOMhTpXAh/RUMXaG17nX8Cw
NrxZ3jRahLkiZmiAPw/ODr7gqNvawq4/nLR44tsaRNbt3pcEJIzqHzGZ7b2CP/6p
Jp6GXBjYCLkvb1JjdkIWYttx6Cxiky587I4EsRpKiRg8fTobvj6aWkM=
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:05:37 2025 by rpki-client