Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/tbRJHPpfC0pqOXDfCQKqHr_jNP0.roa
File: tbRJHPpfC0pqOXDfCQKqHr_jNP0.roa (raw, json)
Hash identifier: YLgY7UwMCFFL16IcWbMDWJDAd/wZXW7rdCcIqKr29Ew=
Subject key identifier: B5:B4:49:1C:FA:5F:0B:4A:6A:39:70:DF:09:02:AA:1E:BF:E3:34:FD
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01954B2D6055A1397BD39779E7DA9130D5B2
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/tbRJHPpfC0pqOXDfCQKqHr_jNP0.roa
Signing time: Fri 28 Feb 2025 06:10:19 +0000
ROA not before: Fri 28 Feb 2025 06:10:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 268624
IP address blocks: 155.2.189.0/24 maxlen: 24
170.62.161.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Feb 2025 09:05:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:2d:60:55:a1:39:7b:d3:97:79:e7:da:91:30:d5:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Feb 28 06:10:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5b4491cfa5f0b4a6a3970df0902aa1ebfe334fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fb:7f:25:26:57:a8:7b:d3:0e:ad:b5:10:c5:
af:29:9e:04:27:cd:f2:37:09:08:24:a2:96:9b:48:
4c:e1:14:1c:bb:f1:49:df:88:90:27:86:9f:7f:81:
d2:2f:9c:fe:2b:55:f5:90:05:eb:58:05:cd:84:ca:
d6:82:f1:24:6a:81:e4:8e:d4:e7:16:7e:4d:7f:70:
c3:51:0e:f3:4f:5c:04:7e:4b:ca:37:31:31:3b:8f:
9c:e4:02:8c:82:6e:80:8a:81:23:20:6b:b1:ca:2b:
a6:7f:78:7a:4d:ed:1d:61:c2:da:08:01:0c:a5:c7:
42:1a:88:37:c4:5f:3b:67:46:9e:8e:87:34:e1:d1:
98:cb:94:37:9f:e0:0e:93:75:ad:d2:4b:a5:1a:e7:
95:c6:17:fc:70:15:b7:8d:a8:81:da:7f:8f:59:d6:
ef:03:83:64:cf:e4:10:50:db:be:e0:db:5c:76:4a:
01:d6:4c:fe:9d:7f:49:1d:64:f0:3d:ef:76:b9:fb:
52:7d:a4:ff:0b:59:3b:9b:8e:b5:a5:ae:2d:f8:bc:
ee:13:24:ae:12:37:c8:41:8d:1a:4d:53:f2:d9:05:
87:ea:09:d9:69:58:ea:fd:1f:cc:fa:9b:b9:36:62:
2a:92:8e:c8:17:12:a4:6c:2d:cd:d1:9d:9f:74:eb:
e6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B4:49:1C:FA:5F:0B:4A:6A:39:70:DF:09:02:AA:1E:BF:E3:34:FD
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/tbRJHPpfC0pqOXDfCQKqHr_jNP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.2.189.0/24
170.62.161.0/24
Signature Algorithm: sha256WithRSAEncryption
12:dd:1b:86:ea:fd:83:68:a4:66:09:d1:3f:84:45:5a:ca:d6:
af:ef:52:88:f6:b7:c7:44:bf:c4:dd:0b:f7:d1:1b:56:27:c4:
e3:c4:fe:4b:6d:0c:4e:6e:95:15:bd:e0:cb:ed:cf:d0:a8:79:
6f:ac:7d:46:9f:23:bb:e4:71:13:b7:81:6e:09:d9:61:e8:b1:
3a:4c:33:ad:7b:f3:cc:45:ab:93:7c:71:18:35:bf:eb:37:ea:
20:bd:7b:ef:16:3f:b5:ba:32:0d:d0:10:86:25:c9:df:23:7d:
70:0c:13:5c:60:b7:01:aa:8c:06:22:40:06:48:18:ee:4d:d8:
79:28:f7:a2:ba:50:48:1d:4c:85:77:3e:9b:38:62:3e:dc:23:
e0:1d:77:ee:e3:c6:9e:04:d7:6e:97:cc:06:78:b8:53:53:ca:
e9:c6:3d:88:49:86:38:59:55:fa:b6:21:e2:06:c7:65:9b:7e:
bb:c5:ac:da:3d:98:fb:0d:8a:70:b8:cb:c5:59:28:94:34:41:
46:06:cf:72:f8:c3:8f:20:29:da:e6:a7:de:0a:fe:dc:f6:d9:
28:6f:de:29:d6:77:dd:a3:be:85:16:d8:ad:65:4f:89:7b:0f:
9c:cc:1f:50:92:45:57:f1:26:9f:15:dd:6b:f5:81:24:9c:ed:
5f:81:4e:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVLLWBVoTl705d559qRMNWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwMjI4MDYxMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI0NDkxY2ZhNWYwYjRhNmEzOTcwZGYwOTAyYWExZWJmZTMzNGZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtvt/JSZXqHvTDq21EMWvKZ4EJ83y
NwkIJKKWm0hM4RQcu/FJ34iQJ4aff4HSL5z+K1X1kAXrWAXNhMrWgvEkaoHkjtTn
Fn5Nf3DDUQ7zT1wEfkvKNzExO4+c5AKMgm6AioEjIGuxyiumf3h6Te0dYcLaCAEM
pcdCGog3xF87Z0aejoc04dGYy5Q3n+AOk3Wt0kulGueVxhf8cBW3jaiB2n+PWdbv
A4Nkz+QQUNu+4NtcdkoB1kz+nX9JHWTwPe92uftSfaT/C1k7m461pa4t+LzuEySu
EjfIQY0aTVPy2QWH6gnZaVjq/R/M+pu5NmIqko7IFxKkbC3N0Z2fdOvmNwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLW0SRz6XwtKajlw3wkCqh6/4zT9MB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvdGJSSkhQcGZDMHBxT1hEZkNRS3FIcl9qTlAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAmwK9AwQA
qj6hMA0GCSqGSIb3DQEBCwUAA4IBAQAS3RuG6v2DaKRmCdE/hEVaytav71KI9rfH
RL/E3Qv30RtWJ8TjxP5LbQxObpUVveDL7c/QqHlvrH1GnyO75HETt4FuCdlh6LE6
TDOte/PMRauTfHEYNb/rN+ogvXvvFj+1ujIN0BCGJcnfI31wDBNcYLcBqowGIkAG
SBjuTdh5KPeiulBIHUyFdz6bOGI+3CPgHXfu48aeBNdul8wGeLhTU8rpxj2ISYY4
WVX6tiHiBsdlm367xazaPZj7DYpwuMvFWSiUNEFGBs9y+MOPICna5qfeCv7c9tko
b94p1nfdo76FFtitZU+Jew+czB9QkkVX8SafFd1r9YEknO1fgU4y
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:43:30 2025 by rpki-client