Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/TFd3FBNHqzjdPSvULs1qwvzyQ7w.roa
File: TFd3FBNHqzjdPSvULs1qwvzyQ7w.roa (raw, json)
Hash identifier: pLwNjaVdZcTUgUW/F77hYTw5i69iQKEIOHmsdDZ4MpQ=
Subject key identifier: 4C:57:77:14:13:47:AB:38:DD:3D:2B:D4:2E:CD:6A:C2:FC:F2:43:BC
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01942369C4D89308ABE86D19F3D573049BBA
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/TFd3FBNHqzjdPSvULs1qwvzyQ7w.roa
Signing time: Wed 01 Jan 2025 19:48:41 +0000
ROA not before: Wed 01 Jan 2025 19:48:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42708
IP address blocks: 198.55.30.0/24 maxlen: 24
212.78.244.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 09:15:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:c4:d8:93:08:ab:e8:6d:19:f3:d5:73:04:9b:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Jan 1 19:48:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c5777141347ab38dd3d2bd42ecd6ac2fcf243bc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2f:6b:49:b0:49:97:0f:70:5a:bf:b7:9d:4d:
f8:79:cd:f6:b7:1e:1d:75:a3:01:36:3d:25:75:bf:
36:4b:a3:e7:83:63:5c:b3:01:4b:4c:8b:7b:c3:53:
07:4e:80:40:68:a9:76:62:10:3c:c9:3c:c2:eb:c6:
c5:9b:5c:37:58:9d:5f:c2:b8:ce:de:03:e7:30:dc:
95:8c:c7:6d:7c:02:16:0e:94:e7:c5:8d:63:72:e6:
64:79:bd:96:40:31:3e:ee:b0:33:c6:1e:03:d0:2e:
62:74:c7:fd:62:fb:7d:9d:2c:fb:f8:74:be:cc:4e:
c4:90:cd:fe:32:a8:0b:9e:3c:aa:44:a9:21:ba:ca:
f8:7a:38:bb:e8:aa:42:53:17:b4:23:4d:a7:9d:5c:
81:a7:b8:35:48:dd:c6:58:d1:94:99:37:f3:0b:c6:
48:b6:37:54:59:c1:6d:02:ef:d0:2f:30:34:35:07:
53:08:f3:7a:44:a6:3a:ad:fb:8a:4a:11:da:fb:f7:
63:bd:58:bd:5e:fe:0d:e1:0e:ac:2d:f2:0d:91:73:
aa:49:85:b9:3a:91:c9:1f:aa:c5:13:81:3f:e5:c4:
91:90:f5:97:f9:98:43:7e:ac:c4:2b:c8:de:73:5f:
28:c8:f9:a6:fa:dc:92:0c:31:a1:cf:fe:f7:12:a4:
b8:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:57:77:14:13:47:AB:38:DD:3D:2B:D4:2E:CD:6A:C2:FC:F2:43:BC
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/TFd3FBNHqzjdPSvULs1qwvzyQ7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.55.30.0/24
212.78.244.0/24
Signature Algorithm: sha256WithRSAEncryption
de:4c:de:d4:c0:5d:5f:d5:1c:59:15:43:a5:17:f2:3b:bf:f3:
ce:e2:c0:fc:f1:c8:ba:62:04:7e:3c:71:7b:a9:63:17:8f:62:
9f:b2:92:75:e6:63:b6:2e:30:cc:8d:bd:af:a2:0d:76:4b:cc:
7e:74:0c:cb:bf:57:5d:e0:7e:66:15:83:a3:40:e9:61:6a:74:
7c:e3:61:bf:b7:a6:99:89:c3:ce:ea:d8:ae:45:0d:ed:1e:c1:
99:01:2a:a9:47:13:a8:77:ec:48:a2:10:60:0c:e0:c5:af:38:
11:83:56:84:a2:8b:4d:87:fe:bb:0b:18:1b:c7:06:70:53:85:
5f:7b:12:18:b2:04:33:b0:12:b7:9d:c1:98:78:50:44:a5:cc:
16:e0:97:5a:27:b2:c9:b2:91:91:02:b3:06:83:35:3a:21:b1:
d2:f4:4c:4e:61:62:c9:ee:97:96:b1:71:7c:2f:a8:cd:a9:8f:
45:f1:58:f5:e2:c5:15:67:83:fc:9e:c3:96:ff:14:d7:64:f1:
d6:47:1c:8c:13:7a:ca:0a:42:60:f8:44:b5:1a:ab:78:92:6f:
ec:10:03:c2:87:22:b6:c9:8f:71:c9:82:05:ed:d9:17:31:de:
16:ea:59:64:ba:07:25:37:a0:e8:6d:33:e9:51:8b:62:0b:9e:
ca:94:9d:f8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQjacTYkwir6G0Z89VzBJu6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMTAxMTk0ODQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU3NzcxNDEzNDdhYjM4ZGQzZDJiZDQyZWNkNmFjMmZjZjI0M2JjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuy9rSbBJlw9wWr+3nU34ec32tx4d
daMBNj0ldb82S6Png2NcswFLTIt7w1MHToBAaKl2YhA8yTzC68bFm1w3WJ1fwrjO
3gPnMNyVjMdtfAIWDpTnxY1jcuZkeb2WQDE+7rAzxh4D0C5idMf9Yvt9nSz7+HS+
zE7EkM3+MqgLnjyqRKkhusr4eji76KpCUxe0I02nnVyBp7g1SN3GWNGUmTfzC8ZI
tjdUWcFtAu/QLzA0NQdTCPN6RKY6rfuKShHa+/djvVi9Xv4N4Q6sLfINkXOqSYW5
OpHJH6rFE4E/5cSRkPWX+ZhDfqzEK8jec18oyPmm+tySDDGhz/73EqS44wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFExXdxQTR6s43T0r1C7NasL88kO8MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvVEZkM0ZCTkhxempkUFN2VUxzMXF3dnp5UTd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAxjceAwQA
1E70MA0GCSqGSIb3DQEBCwUAA4IBAQDeTN7UwF1f1RxZFUOlF/I7v/PO4sD88ci6
YgR+PHF7qWMXj2KfspJ15mO2LjDMjb2vog12S8x+dAzLv1dd4H5mFYOjQOlhanR8
42G/t6aZicPO6tiuRQ3tHsGZASqpRxOod+xIohBgDODFrzgRg1aEootNh/67Cxgb
xwZwU4VfexIYsgQzsBK3ncGYeFBEpcwW4JdaJ7LJspGRArMGgzU6IbHS9ExOYWLJ
7peWsXF8L6jNqY9F8Vj14sUVZ4P8nsOW/xTXZPHWRxyME3rKCkJg+ES1Gqt4km/s
EAPChyK2yY9xyYIF7dkXMd4W6llkugclN6DobTPpUYtiC57KlJ34
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:44:56 2025 by rpki-client