Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/TpY0DQgDNO0kbdZGkP7QQ8WXh0s.roa
File: TpY0DQgDNO0kbdZGkP7QQ8WXh0s.roa (raw, json)
Hash identifier: j0kdDmS1+YBLttihUEHfNW4jCM8Bv7jQZOU3WAywF9E=
Subject key identifier: 4E:96:34:0D:08:03:34:ED:24:6D:D6:46:90:FE:D0:43:C5:97:87:4B
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018F3332A6572200C0FDB5A0CC9E8608A392
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/TpY0DQgDNO0kbdZGkP7QQ8WXh0s.roa
Signing time: Wed 01 May 2024 08:08:28 +0000
ROA not before: Wed 01 May 2024 08:08:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 62.90.135.0/24 maxlen: 24
147.234.8.0/21 maxlen: 24
147.234.74.0/24 maxlen: 24
147.234.75.0/24 maxlen: 24
147.234.81.0/24 maxlen: 24
147.234.88.0/24 maxlen: 24
147.234.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 10:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:32:a6:57:22:00:c0:fd:b5:a0:cc:9e:86:08:a3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: May 1 08:08:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e96340d080334ed246dd64690fed043c597874b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:86:b8:92:f5:75:f7:5b:0e:60:4a:c6:44:
c0:5b:d3:15:aa:be:6c:1c:d6:65:b5:9f:b7:30:fa:
96:be:eb:3c:09:32:c8:99:88:07:ad:5a:3f:d0:82:
6a:0e:3d:26:7c:f3:f2:f2:83:1f:f6:fb:12:5c:70:
3b:94:e4:7b:df:54:bf:c5:5b:63:7d:66:81:96:7a:
52:0a:41:8c:9d:82:d6:fe:41:59:1c:ce:26:1c:90:
29:df:f2:1a:66:48:c8:8e:a4:27:ec:fa:0a:47:9c:
f8:9d:c2:01:ac:49:b3:91:88:19:89:74:a7:a4:8b:
19:7c:4d:2f:d1:16:52:db:b9:66:b4:f4:8c:71:74:
1e:56:ba:11:4e:e0:01:b6:c8:ad:c2:75:4f:3d:12:
f5:c9:72:09:8b:a0:2b:f7:9e:42:49:d8:03:6c:50:
10:a1:52:ee:cf:ef:bd:94:99:bf:b0:16:d7:61:af:
56:da:d3:09:e7:c2:fd:4e:91:71:94:01:0d:68:e4:
9b:3f:bb:32:73:8c:ea:c5:d8:0e:3e:2e:7e:13:65:
ee:fc:7a:18:b1:86:86:86:a6:47:55:86:4f:bb:d4:
b9:88:1d:59:9d:a2:0d:8c:dd:db:c1:c3:5c:2f:61:
f2:0b:21:c7:0d:66:69:46:44:fa:cc:7f:e3:0d:67:
4d:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:96:34:0D:08:03:34:ED:24:6D:D6:46:90:FE:D0:43:C5:97:87:4B
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/TpY0DQgDNO0kbdZGkP7QQ8WXh0s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.90.135.0/24
147.234.8.0/21
147.234.74.0/23
147.234.81.0/24
147.234.88.0/23
Signature Algorithm: sha256WithRSAEncryption
1b:1a:19:84:0b:7f:3d:29:81:7a:2a:c4:78:84:fc:e9:72:df:
ff:21:9f:f8:0b:ea:cb:62:e3:f6:3d:bf:82:22:ae:15:49:69:
4c:dc:5b:57:68:75:ee:12:51:da:a2:56:f1:b5:24:ce:b0:6a:
97:3f:a2:a6:7d:31:ff:05:aa:85:53:05:c1:0f:95:6e:09:de:
09:22:87:0b:cc:37:25:36:82:75:06:3e:18:c9:43:99:d7:fd:
5c:0b:2e:72:55:35:83:d7:10:68:78:f3:36:0b:d7:eb:fd:4c:
e1:12:4c:d1:a4:d7:ab:60:82:e1:09:5d:9f:93:6e:d5:51:7c:
e8:f1:41:40:9e:86:4a:87:93:7b:81:af:cd:1d:18:d6:1b:6a:
c4:3d:40:6e:ac:22:7e:0b:61:db:09:13:1d:2f:c7:4a:2e:a7:
af:80:9a:0f:81:6f:b4:ce:9c:7a:f9:a2:ad:e7:a7:39:3e:c5:
45:d9:be:22:19:50:9d:64:0d:ab:54:c6:42:66:78:cc:e1:85:
1a:12:0a:29:f1:40:a6:9d:ba:78:eb:71:ea:aa:07:38:22:f5:
61:c2:3f:90:55:42:36:d0:5f:46:14:0f:22:a2:f0:9e:e4:65:
54:fc:2e:7c:c9:06:74:66:3a:e8:bc:dc:39:e0:3c:fc:02:a7:
24:38:48:c9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8zMqZXIgDA/bWgzJ6GCKOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwNTAxMDgwODI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk2MzQwZDA4MDMzNGVkMjQ2ZGQ2NDY5MGZlZDA0M2M1OTc4NzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXSGuJL1dfdbDmBKxkTAW9MVqr5s
HNZltZ+3MPqWvus8CTLImYgHrVo/0IJqDj0mfPPy8oMf9vsSXHA7lOR731S/xVtj
fWaBlnpSCkGMnYLW/kFZHM4mHJAp3/IaZkjIjqQn7PoKR5z4ncIBrEmzkYgZiXSn
pIsZfE0v0RZS27lmtPSMcXQeVroRTuABtsitwnVPPRL1yXIJi6Ar955CSdgDbFAQ
oVLuz++9lJm/sBbXYa9W2tMJ58L9TpFxlAENaOSbP7syc4zqxdgOPi5+E2Xu/HoY
sYaGhqZHVYZPu9S5iB1ZnaINjN3bwcNcL2HyCyHHDWZpRkT6zH/jDWdNtQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE6WNA0IAzTtJG3WRpD+0EPFl4dLMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvVHBZMERRZ0ROTzBrYmRaR2tQN1FROFdYaDBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPlqHAwQD
k+oIAwQBk+pKAwQAk+pRAwQBk+pYMA0GCSqGSIb3DQEBCwUAA4IBAQAbGhmEC389
KYF6KsR4hPzpct//IZ/4C+rLYuP2Pb+CIq4VSWlM3FtXaHXuElHaolbxtSTOsGqX
P6KmfTH/BaqFUwXBD5VuCd4JIocLzDclNoJ1Bj4YyUOZ1/1cCy5yVTWD1xBoePM2
C9fr/UzhEkzRpNerYILhCV2fk27VUXzo8UFAnoZKh5N7ga/NHRjWG2rEPUBurCJ+
C2HbCRMdL8dKLqevgJoPgW+0zpx6+aKt56c5PsVF2b4iGVCdZA2rVMZCZnjM4YUa
Egop8UCmnbp463Hqqgc4IvVhwj+QVUI20F9GFA8iovCe5GVU/C58yQZ0ZjrovNw5
4Dz8AqckOEjJ
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:36:52 2025 by rpki-client