Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TlwdJKIvPMVfwWs33fCEiWlsq70.roa
File: TlwdJKIvPMVfwWs33fCEiWlsq70.roa (raw, json)
Hash identifier: +sz0yEXZolNqUVtNfQ+UpUA4E+5LudsS06EwkwMgZmA=
Subject key identifier: 4E:5C:1D:24:A2:2F:3C:C5:5F:C1:6B:37:DD:F0:84:89:69:6C:AB:BD
Certificate issuer: /CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Certificate serial: 01965C6B3029EDC35C2C81A4876C18BCD101
Authority key identifier: 8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TlwdJKIvPMVfwWs33fCEiWlsq70.roa
Signing time: Tue 22 Apr 2025 07:34:10 +0000
ROA not before: Tue 22 Apr 2025 07:34:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 188.191.104.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 19:24:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5c:6b:30:29:ed:c3:5c:2c:81:a4:87:6c:18:bc:d1:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d1ac83ee3a3f968d66ad2fdf4616e7bb1e4d1d7
Validity
Not Before: Apr 22 07:34:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e5c1d24a22f3cc55fc16b37ddf08489696cabbd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c8:a6:da:8f:8e:81:38:89:fe:e8:ed:dc:08:
68:71:85:fb:4e:05:71:51:50:9d:33:a0:70:f7:8f:
e2:54:5e:00:bb:95:3a:93:54:64:b1:14:04:2d:4b:
e7:dd:d1:ac:60:fa:ca:b2:c9:99:bc:7f:4f:54:ab:
36:2d:cc:26:58:8c:53:5e:2d:e9:e0:31:ee:eb:77:
7b:4b:cf:de:aa:0b:80:05:04:83:f4:13:2c:26:ac:
eb:11:5a:3f:c2:72:d1:eb:61:42:8a:64:22:de:5f:
d2:83:19:9c:f4:79:16:c4:2e:4d:a1:fa:b9:f4:51:
ff:e7:90:92:f4:bf:c6:91:f8:0d:2d:a9:79:4a:09:
03:19:e5:27:33:4e:3a:5b:a9:7a:66:81:3e:68:41:
34:42:43:e3:88:f4:fb:30:13:34:ff:5d:8d:3a:0b:
b2:de:0e:b7:a3:53:45:ac:21:6e:a2:00:73:e3:33:
81:b7:3e:e7:26:9f:b4:1d:7a:d9:57:e6:b4:67:89:
c7:96:ee:78:d3:73:25:2c:50:5c:c8:ba:8a:c2:f1:
b1:4a:70:77:d6:07:4f:27:f8:34:64:c1:29:4f:6d:
55:b4:a5:6b:ba:cd:b2:8d:f1:e3:21:a8:c5:24:21:
78:7d:e8:95:78:fc:05:75:c5:a6:bc:f7:01:ed:80:
ab:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5C:1D:24:A2:2F:3C:C5:5F:C1:6B:37:DD:F0:84:89:69:6C:AB:BD
X509v3 Authority Key Identifier:
keyid:8D:1A:C8:3E:E3:A3:F9:68:D6:6A:D2:FD:F4:61:6E:7B:B1:E4:D1:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jRrIPuOj-WjWatL99GFue7Hk0dc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/TlwdJKIvPMVfwWs33fCEiWlsq70.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/4abf3f-158f-4f62-a9eb-ddf567eded03/1/jRrIPuOj-WjWatL99GFue7Hk0dc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.191.104.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:07:ac:4c:ac:71:e4:52:46:1f:26:fc:0d:ea:49:8d:c6:17:
1f:5b:95:43:41:6d:7a:cb:33:f9:4c:bc:aa:32:97:88:ce:5f:
7f:6b:9f:61:dd:8b:01:77:91:41:05:8f:15:bb:fb:f6:c6:91:
de:98:95:50:df:c0:17:5e:f5:82:5f:a5:49:37:5a:78:ff:0e:
f5:2e:ee:a7:1b:7c:5e:29:d4:d3:92:8e:23:56:1e:e3:c9:9d:
6f:b8:92:70:a0:c6:e4:09:06:82:fc:98:86:eb:a1:12:c2:23:
db:c1:90:27:3a:7e:85:1a:10:16:2f:28:7f:3b:62:bb:0b:ff:
3e:51:9b:ad:67:94:cb:a9:0f:45:5b:d6:d0:62:b1:a4:97:58:
85:a2:87:01:37:11:06:f5:b0:6e:b0:17:e7:ee:f2:de:52:80:
f0:08:67:67:5a:34:65:a3:d9:c4:a8:12:60:0c:db:5d:1e:ee:
9a:98:b4:dd:57:d8:7c:8e:b4:d6:2e:40:c2:ab:00:f0:fa:93:
b5:c9:40:12:a3:9b:68:45:11:b8:32:35:6a:a6:79:4e:17:04:
a4:37:57:a9:bc:7e:11:5e:80:22:c0:0b:e9:21:a8:d5:fa:da:
7f:b8:e8:dc:e7:c9:4d:c9:9c:b1:56:fd:cd:df:c0:83:d9:26:
69:6b:61:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZZcazAp7cNcLIGkh2wYvNEBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkMWFjODNlZTNhM2Y5NjhkNjZhZDJmZGY0NjE2ZTdiYjFl
NGQxZDcwHhcNMjUwNDIyMDczNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVjMWQyNGEyMmYzY2M1NWZjMTZiMzdkZGYwODQ4OTY5NmNhYmJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcim2o+OgTiJ/ujt3AhocYX7TgVx
UVCdM6Bw94/iVF4Au5U6k1RksRQELUvn3dGsYPrKssmZvH9PVKs2LcwmWIxTXi3p
4DHu63d7S8/eqguABQSD9BMsJqzrEVo/wnLR62FCimQi3l/Sgxmc9HkWxC5Nofq5
9FH/55CS9L/GkfgNLal5SgkDGeUnM046W6l6ZoE+aEE0QkPjiPT7MBM0/12NOguy
3g63o1NFrCFuogBz4zOBtz7nJp+0HXrZV+a0Z4nHlu5403MlLFBcyLqKwvGxSnB3
1gdPJ/g0ZMEpT21VtKVrus2yjfHjIajFJCF4feiVePwFdcWmvPcB7YCrAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5cHSSiLzzFX8FrN93whIlpbKu9MB8GA1UdIwQY
MBaAFI0ayD7jo/lo1mrS/fRhbnux5NHXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWIt
ZGRmNTY3ZWRlZDAzLzEvVGx3ZEpLSXZQTVZmd1dzMzNmQ0VpV2xzcTcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi80YWJmM2YtMTU4Zi00ZjYyLWE5ZWItZGRmNTY3ZWRlZDAz
LzEvalJySVB1T2otV2pXYXRMOTlHRnVlN0hrMGRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL9oMA0G
CSqGSIb3DQEBCwUAA4IBAQBuB6xMrHHkUkYfJvwN6kmNxhcfW5VDQW16yzP5TLyq
MpeIzl9/a59h3YsBd5FBBY8Vu/v2xpHemJVQ38AXXvWCX6VJN1p4/w71Lu6nG3xe
KdTTko4jVh7jyZ1vuJJwoMbkCQaC/JiG66ESwiPbwZAnOn6FGhAWLyh/O2K7C/8+
UZutZ5TLqQ9FW9bQYrGkl1iFoocBNxEG9bBusBfn7vLeUoDwCGdnWjRlo9nEqBJg
DNtdHu6amLTdV9h8jrTWLkDCqwDw+pO1yUASo5toRRG4MjVqpnlOFwSkN1epvH4R
XoAiwAvpIajV+tp/uOjc58lNyZyxVv3N38CD2SZpa2G8
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:15:21 2025 by rpki-client