Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/TU5anukTir2cjSHtlwUhE7CsM6E.roa
File: TU5anukTir2cjSHtlwUhE7CsM6E.roa (raw, json)
Hash identifier: zrrqy0bG+Sc0o+CrFb8pm/Vs57EnEDH7fKTE8/yTBMw=
Subject key identifier: 4D:4E:5A:9E:E9:13:8A:BD:9C:8D:21:ED:97:05:21:13:B0:AC:33:A1
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01942748558DFC03E4733621BF60B4086924
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/TU5anukTir2cjSHtlwUhE7CsM6E.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 273000
IP address blocks: 201.77.48.0/23 maxlen: 23
201.77.48.0/24 maxlen: 24
201.77.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 09:50:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:55:8d:fc:03:e4:73:36:21:bf:60:b4:08:69:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d4e5a9ee9138abd9c8d21ed97052113b0ac33a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ca:05:4f:49:84:de:f8:f4:00:33:1c:c8:a3:
8f:95:c5:47:e5:f1:6a:ff:77:9a:f4:4d:51:a2:8b:
a2:e2:91:23:7f:4d:70:07:9f:fc:2b:ea:52:b7:30:
27:00:d6:56:8a:98:d1:3b:07:2a:b2:35:e4:8b:43:
77:70:3f:7f:2d:9b:f7:5a:b5:65:af:b3:71:9e:3c:
26:42:0e:02:e8:92:c3:f8:b5:52:1b:2e:2c:48:60:
cd:98:56:28:91:db:a9:2c:0e:12:2a:4b:dc:83:ef:
c2:72:df:ec:90:ba:ff:ee:7b:b5:a6:a1:0c:fa:9b:
2e:74:ba:c7:eb:a3:2a:c0:84:88:9e:d3:b0:32:d3:
99:eb:3c:e5:e5:48:b1:f0:87:a4:71:aa:a2:d1:fd:
e3:ce:bd:1f:a9:d3:8b:ef:a7:0d:6e:c1:8d:68:d7:
be:17:43:91:5b:15:f3:f7:f6:a3:ac:eb:d5:4b:f9:
b9:7a:29:b6:ac:36:52:b2:8b:2d:f0:a6:30:ea:1b:
69:01:63:d8:e4:a3:e6:7c:9d:f2:0c:06:bb:eb:51:
d8:8c:dc:4f:1a:40:24:49:30:2a:f8:c0:c1:1d:ce:
06:98:0c:7f:27:3a:d1:63:f7:cc:9a:f9:4e:d7:30:
6d:8b:49:4d:4a:26:42:3c:41:8d:22:e9:1b:95:e9:
e4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4E:5A:9E:E9:13:8A:BD:9C:8D:21:ED:97:05:21:13:B0:AC:33:A1
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/TU5anukTir2cjSHtlwUhE7CsM6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
201.77.48.0/23
Signature Algorithm: sha256WithRSAEncryption
bd:b3:f1:95:17:50:a1:e7:c5:d0:3a:94:60:44:aa:2c:2f:34:
be:26:da:f6:53:cc:4c:34:a0:cf:e0:fd:48:a9:3b:11:76:64:
1e:4d:da:7a:4c:0f:a7:5a:a5:8d:08:7a:2c:fa:d6:24:f0:3e:
d1:42:eb:a4:a7:01:78:ff:d5:bc:8e:ab:94:19:fd:09:a5:9e:
d5:14:0f:33:b6:15:48:42:e3:e4:7a:06:26:3c:70:33:f1:80:
0b:dd:27:d1:f1:70:46:cd:38:bc:50:c9:16:c8:76:73:8f:c4:
b5:58:a2:e8:af:90:44:f6:c3:c0:e3:35:76:26:db:8e:70:cc:
b6:33:ff:34:00:29:d5:a5:4d:4a:da:03:12:54:e9:9f:38:a3:
fa:2d:0e:00:ee:f0:cc:3d:46:6d:d6:1b:9b:71:79:e6:61:70:
5b:58:c0:45:8f:ed:95:d9:f7:a1:71:30:8b:d2:9d:55:ad:39:
48:90:dc:a8:1b:63:18:e8:c3:12:21:23:8a:2c:a0:1a:0a:74:
b9:41:59:0a:02:47:91:7a:ea:83:76:66:11:f9:ca:f9:a9:cb:
c7:b0:30:cc:d3:cf:2a:ce:71:2a:4b:c1:25:69:16:e9:d0:63:
72:d4:42:1b:07:c2:48:98:7a:10:ae:65:4c:af:d6:97:97:14:
a5:49:88:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFWN/APkczYhv2C0CGkkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRlNWE5ZWU5MTM4YWJkOWM4ZDIxZWQ5NzA1MjExM2IwYWMzM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAocoFT0mE3vj0ADMcyKOPlcVH5fFq
/3ea9E1Rooui4pEjf01wB5/8K+pStzAnANZWipjROwcqsjXki0N3cD9/LZv3WrVl
r7NxnjwmQg4C6JLD+LVSGy4sSGDNmFYokdupLA4SKkvcg+/Cct/skLr/7nu1pqEM
+psudLrH66MqwISIntOwMtOZ6zzl5Uix8Iekcaqi0f3jzr0fqdOL76cNbsGNaNe+
F0ORWxXz9/ajrOvVS/m5eim2rDZSsost8KYw6htpAWPY5KPmfJ3yDAa761HYjNxP
GkAkSTAq+MDBHc4GmAx/JzrRY/fMmvlO1zBti0lNSiZCPEGNIukblenkmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1OWp7pE4q9nI0h7ZcFIROwrDOhMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvVFU1YW51a1RpcjJjalNIdGx3VWhFN0NzTTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQByU0wMA0G
CSqGSIb3DQEBCwUAA4IBAQC9s/GVF1Ch58XQOpRgRKosLzS+Jtr2U8xMNKDP4P1I
qTsRdmQeTdp6TA+nWqWNCHos+tYk8D7RQuukpwF4/9W8jquUGf0JpZ7VFA8zthVI
QuPkegYmPHAz8YAL3SfR8XBGzTi8UMkWyHZzj8S1WKLor5BE9sPA4zV2JtuOcMy2
M/80ACnVpU1K2gMSVOmfOKP6LQ4A7vDMPUZt1hubcXnmYXBbWMBFj+2V2fehcTCL
0p1VrTlIkNyoG2MY6MMSISOKLKAaCnS5QVkKAkeReuqDdmYR+cr5qcvHsDDM088q
znEqS8ElaRbp0GNy1EIbB8JImHoQrmVMr9aXlxSlSYh6
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:47:19 2025 by rpki-client