Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/tsYxOTkhxhRDDLIoDPCuXVF0uSw.roa
File: tsYxOTkhxhRDDLIoDPCuXVF0uSw.roa (raw, json)
Hash identifier: y18Qv5rpvFxpvi7e4ory3lUegY9c+/TvIPDFKYHu9W4=
Subject key identifier: B6:C6:31:39:39:21:C6:14:43:0C:B2:28:0C:F0:AE:5D:51:74:B9:2C
Certificate issuer: /CN=264d04c39641b82b5dc3844cf5ff550f54044689
Certificate serial: 018CC794C3F44BE86705C94F03A1E0BDAB53
Authority key identifier: 26:4D:04:C3:96:41:B8:2B:5D:C3:84:4C:F5:FF:55:0F:54:04:46:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/tsYxOTkhxhRDDLIoDPCuXVF0uSw.roa
Signing time: Tue 02 Jan 2024 00:31:04 +0000
ROA not before: Tue 02 Jan 2024 00:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210144
IP address blocks: 31.132.48.0/22 maxlen: 22
185.141.172.0/22 maxlen: 22
2a0d:e800::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:c3:f4:4b:e8:67:05:c9:4f:03:a1:e0:bd:ab:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=264d04c39641b82b5dc3844cf5ff550f54044689
Validity
Not Before: Jan 2 00:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6c631393921c614430cb2280cf0ae5d5174b92c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:18:69:f8:0b:e5:c9:75:67:70:5a:7f:f9:5b:
a9:b0:aa:25:d3:d4:4e:8b:71:7d:d6:64:33:d9:68:
91:bf:42:78:b8:90:38:3a:3e:16:0c:f5:aa:6b:47:
f6:e1:33:57:25:af:b3:d0:e3:c1:24:05:57:41:c6:
1f:69:c8:25:ab:b9:29:25:ea:11:3e:a3:30:9c:78:
85:a2:d7:f2:ee:9d:53:26:64:4f:c3:c7:75:60:4e:
8e:8e:b4:e1:c9:11:d6:46:ba:a3:05:83:fe:9f:58:
9c:26:2d:aa:cb:46:34:67:38:b8:3e:60:bb:cc:52:
75:c7:eb:e5:64:84:7d:70:14:fd:1b:7a:d6:b3:a6:
03:78:eb:f8:5b:b0:13:c5:2e:e6:48:45:2f:25:24:
a7:d1:64:6d:a2:1a:6d:71:3c:d7:33:8c:6c:2c:d1:
7a:66:58:a6:a1:69:59:92:e5:67:92:df:46:a9:5d:
e8:5d:fd:86:fb:93:07:eb:ca:2d:e1:37:67:57:9d:
77:3e:9d:9a:e2:60:1e:3e:75:5c:a9:d0:09:88:c5:
74:83:52:79:09:fd:62:9f:8f:94:f7:65:57:c6:83:
76:bb:c9:a0:ec:58:64:7a:76:e1:fb:83:86:a8:fa:
b5:4d:8f:5b:98:39:30:e6:ff:7a:28:2d:c8:26:57:
cd:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:C6:31:39:39:21:C6:14:43:0C:B2:28:0C:F0:AE:5D:51:74:B9:2C
X509v3 Authority Key Identifier:
keyid:26:4D:04:C3:96:41:B8:2B:5D:C3:84:4C:F5:FF:55:0F:54:04:46:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/tsYxOTkhxhRDDLIoDPCuXVF0uSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/a0099c-d860-49a5-b459-3d0036603ea0/1/Jk0Ew5ZBuCtdw4RM9f9VD1QERok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.132.48.0/22
185.141.172.0/22
IPv6:
2a0d:e800::/29
Signature Algorithm: sha256WithRSAEncryption
28:3c:03:79:14:90:6d:d5:40:39:5b:d8:f9:65:6e:95:94:3e:
30:91:10:0d:d9:6a:94:c5:c3:59:f2:11:27:c0:da:39:65:cf:
00:89:4e:94:47:b8:91:08:80:f4:d4:b2:bf:2f:1d:ae:9f:63:
f7:47:72:86:2a:dc:31:bf:1c:55:12:39:62:a0:f4:84:25:d1:
74:af:e8:c4:c4:34:20:36:27:a0:8a:ff:43:a7:73:7e:38:38:
b0:e7:e4:9d:bc:cf:71:28:4f:1e:4f:bb:a3:4c:f7:d2:b0:dc:
cc:a0:06:41:8a:d6:38:32:e4:cd:9d:39:b8:23:50:e5:1e:93:
27:2b:25:df:18:d9:95:ea:28:19:ce:57:c7:d5:78:4c:11:c5:
17:33:b0:d8:2d:70:ef:d5:b5:ee:4c:e1:11:21:57:a7:4e:b3:
24:50:54:38:b1:f2:eb:45:ae:57:08:0d:95:43:8e:50:58:3e:
81:29:11:d5:b8:4d:05:60:ec:d8:bc:c5:15:83:d4:0e:ee:d7:
f7:70:69:a7:bc:d8:b1:0f:de:34:16:dd:d8:ad:92:81:ff:22:
d9:d5:17:6c:84:35:93:34:54:f2:b9:a1:78:52:c4:c7:98:5f:
de:70:2a:2a:69:ad:8a:56:6e:df:69:74:f0:62:84:f6:da:ef:
96:c0:76:67
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlMP0S+hnBclPA6HgvatTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NGQwNGMzOTY0MWI4MmI1ZGMzODQ0Y2Y1ZmY1NTBmNTQw
NDQ2ODkwHhcNMjQwMTAyMDAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmM2MzEzOTM5MjFjNjE0NDMwY2IyMjgwY2YwYWU1ZDUxNzRiOTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRhp+AvlyXVncFp/+VupsKol09RO
i3F91mQz2WiRv0J4uJA4Oj4WDPWqa0f24TNXJa+z0OPBJAVXQcYfacglq7kpJeoR
PqMwnHiFotfy7p1TJmRPw8d1YE6OjrThyRHWRrqjBYP+n1icJi2qy0Y0Zzi4PmC7
zFJ1x+vlZIR9cBT9G3rWs6YDeOv4W7ATxS7mSEUvJSSn0WRtohptcTzXM4xsLNF6
ZlimoWlZkuVnkt9GqV3oXf2G+5MH68ot4TdnV513Pp2a4mAePnVcqdAJiMV0g1J5
Cf1in4+U92VXxoN2u8mg7Fhkenbh+4OGqPq1TY9bmDkw5v96KC3IJlfNSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLbGMTk5IcYUQwyyKAzwrl1RdLksMB8GA1UdIwQY
MBaAFCZNBMOWQbgrXcOETPX/VQ9UBEaJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmswRXc1WkJ1Q3RkdzRSTTlmOVZEMVFFUm9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC9hMDA5OWMtZDg2MC00OWE1LWI0NTkt
M2QwMDM2NjAzZWEwLzEvdHNZeE9Ua2h4aFJERExJb0RQQ3VYVkYwdVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC9hMDA5OWMtZDg2MC00OWE1LWI0NTktM2QwMDM2NjAzZWEw
LzEvSmswRXc1WkJ1Q3RkdzRSTTlmOVZEMVFFUm9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCH4QwAwQC
uY2sMA0EAgACMAcDBQMqDegAMA0GCSqGSIb3DQEBCwUAA4IBAQAoPAN5FJBt1UA5
W9j5ZW6VlD4wkRAN2WqUxcNZ8hEnwNo5Zc8AiU6UR7iRCID01LK/Lx2un2P3R3KG
KtwxvxxVEjlioPSEJdF0r+jExDQgNiegiv9Dp3N+ODiw5+SdvM9xKE8eT7ujTPfS
sNzMoAZBitY4MuTNnTm4I1DlHpMnKyXfGNmV6igZzlfH1XhMEcUXM7DYLXDv1bXu
TOERIVenTrMkUFQ4sfLrRa5XCA2VQ45QWD6BKRHVuE0FYOzYvMUVg9QO7tf3cGmn
vNixD940Ft3YrZKB/yLZ1RdshDWTNFTyuaF4UsTHmF/ecCoqaa2KVm7faXTwYoT2
2u+WwHZn
-----END CERTIFICATE-----
Generated at Tue Mar 11 19:34:11 2025 by rpki-client