Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/tkxu80Ao95uM-fPz3bDoDbLfQQU.roa
File: tkxu80Ao95uM-fPz3bDoDbLfQQU.roa (raw, json)
Hash identifier: tGekp1ajhjb0na6tYItRyoGVBDV4pTAp4LNFnuT4xAs=
Subject key identifier: B6:4C:6E:F3:40:28:F7:9B:8C:F9:F3:F3:DD:B0:E8:0D:B2:DF:41:05
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0190D9D6EB1475F55B73EEB8A94D10B3EA9B
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/tkxu80Ao95uM-fPz3bDoDbLfQQU.roa
Signing time: Mon 22 Jul 2024 09:47:38 +0000
ROA not before: Mon 22 Jul 2024 09:47:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51267
IP address blocks: 46.8.234.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d9:d6:eb:14:75:f5:5b:73:ee:b8:a9:4d:10:b3:ea:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jul 22 09:47:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b64c6ef34028f79b8cf9f3f3ddb0e80db2df4105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:81:83:b5:1f:f5:48:3d:ab:96:eb:c9:60:08:
ab:47:62:49:8f:8c:02:fd:ce:86:dd:eb:06:c2:ca:
b5:88:c5:77:c7:0e:0e:5e:f6:39:8b:d3:23:e7:9d:
5b:10:37:fc:57:7d:2b:48:b3:4d:fe:08:f7:af:09:
1e:45:3a:c5:0a:0d:67:74:f5:42:a5:f9:7b:9a:e1:
f9:8e:6b:fd:a7:73:a1:42:85:20:96:c4:e8:c0:f9:
55:28:79:26:e1:42:0a:a3:ba:f0:ea:39:a1:b7:1d:
1b:b1:c1:c1:0e:95:39:74:5b:0d:15:6a:06:cc:c4:
68:d5:70:26:88:7e:3e:80:a2:0d:3a:0e:87:06:9c:
6d:f4:08:92:4d:8d:69:cd:ec:c6:63:bb:e1:ee:78:
0c:af:27:1f:78:fc:c6:cf:46:ca:b7:c7:0b:08:9f:
44:e3:8b:95:65:cc:83:9d:94:d2:8d:26:70:62:34:
ce:f5:2b:64:15:2f:0b:ff:71:f4:52:51:1d:8f:16:
94:c2:be:42:91:67:3c:92:39:a8:2d:80:d4:eb:6d:
a0:07:c0:1f:67:5a:75:cf:cb:35:ac:c3:6d:f3:bc:
26:30:60:a8:2d:94:1a:3c:a7:a7:09:68:a3:0c:40:
73:95:c8:0b:c8:ba:4c:64:a0:fc:35:cc:ea:85:fd:
90:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:4C:6E:F3:40:28:F7:9B:8C:F9:F3:F3:DD:B0:E8:0D:B2:DF:41:05
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/tkxu80Ao95uM-fPz3bDoDbLfQQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.8.234.0/24
Signature Algorithm: sha256WithRSAEncryption
42:8f:fe:a1:12:c5:96:04:b5:a3:dc:89:e0:4c:33:e5:50:6e:
12:65:3f:80:b3:8b:a7:dd:b0:e4:40:8f:73:9c:07:1c:b1:0e:
50:49:73:e1:32:a3:9c:12:9f:c1:9f:1e:7b:50:53:94:fa:88:
3d:e3:d5:68:79:17:95:08:e2:5a:ef:e9:22:07:e0:54:96:00:
a3:89:9d:a3:f6:3f:08:57:3c:d3:0d:66:b8:6c:78:ba:1f:81:
de:f7:16:18:70:67:b6:f5:63:81:8c:1d:03:48:29:69:da:65:
1a:c4:2d:d3:40:73:d7:e5:52:67:be:70:94:13:19:55:43:4f:
00:64:72:08:60:ef:37:42:08:3d:0a:29:19:62:ba:96:38:5e:
88:6c:72:03:e5:2e:35:e4:bc:4f:cc:40:c8:13:1d:48:c7:1e:
0d:95:fa:7c:7a:ae:ab:ea:03:73:09:87:cb:03:43:83:3b:47:
17:60:a3:d0:d7:b6:2c:b9:82:9c:40:6d:d0:a1:87:ae:0e:30:
d4:03:f8:8a:4a:13:2a:03:74:3f:d4:38:bd:0b:59:16:54:7a:
86:19:ef:db:76:a5:68:7c:a1:3e:6f:8f:a9:64:dd:3c:1b:39:
49:7e:bf:49:0a:48:b1:ba:cd:fe:3c:d0:41:e4:d4:8a:46:25:
45:23:a8:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZDZ1usUdfVbc+64qU0Qs+qbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQwNzIyMDk0NzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjRjNmVmMzQwMjhmNzliOGNmOWYzZjNkZGIwZTgwZGIyZGY0MTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4GDtR/1SD2rluvJYAirR2JJj4wC
/c6G3esGwsq1iMV3xw4OXvY5i9Mj551bEDf8V30rSLNN/gj3rwkeRTrFCg1ndPVC
pfl7muH5jmv9p3OhQoUglsTowPlVKHkm4UIKo7rw6jmhtx0bscHBDpU5dFsNFWoG
zMRo1XAmiH4+gKINOg6HBpxt9AiSTY1pzezGY7vh7ngMrycfePzGz0bKt8cLCJ9E
44uVZcyDnZTSjSZwYjTO9StkFS8L/3H0UlEdjxaUwr5CkWc8kjmoLYDU622gB8Af
Z1p1z8s1rMNt87wmMGCoLZQaPKenCWijDEBzlcgLyLpMZKD8Nczqhf2QuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLZMbvNAKPebjPnz892w6A2y30EFMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvdGt4dTgwQW85NXVNLWZQejNiRG9EYkxmUVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALgjqMA0G
CSqGSIb3DQEBCwUAA4IBAQBCj/6hEsWWBLWj3IngTDPlUG4SZT+As4un3bDkQI9z
nAccsQ5QSXPhMqOcEp/Bnx57UFOU+og949VoeReVCOJa7+kiB+BUlgCjiZ2j9j8I
VzzTDWa4bHi6H4He9xYYcGe29WOBjB0DSClp2mUaxC3TQHPX5VJnvnCUExlVQ08A
ZHIIYO83Qgg9CikZYrqWOF6IbHID5S415LxPzEDIEx1Ixx4Nlfp8eq6r6gNzCYfL
A0ODO0cXYKPQ17YsuYKcQG3QoYeuDjDUA/iKShMqA3Q/1Di9C1kWVHqGGe/bdqVo
fKE+b4+pZN08GzlJfr9JCkixus3+PNBB5NSKRiVFI6gS
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:29:25 2025 by rpki-client