Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TFbkw2nIoM-BrHcClsEPyZ0Wqds.roa
File: TFbkw2nIoM-BrHcClsEPyZ0Wqds.roa (raw, json)
Hash identifier: PRki8e/j1hMis8m8pzlZmqWS1JafQTng/54cHkYcHnE=
Subject key identifier: 4C:56:E4:C3:69:C8:A0:CF:81:AC:77:02:96:C1:0F:C9:9D:16:A9:DB
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0194282753E77FDF7C0A7D02231012528C1C
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TFbkw2nIoM-BrHcClsEPyZ0Wqds.roa
Signing time: Thu 02 Jan 2025 17:54:13 +0000
ROA not before: Thu 02 Jan 2025 17:54:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 2.57.242.0/24 maxlen: 24
89.39.120.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 19 Jan 2025 17:12:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:53:e7:7f:df:7c:0a:7d:02:23:10:12:52:8c:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c56e4c369c8a0cf81ac770296c10fc99d16a9db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:e0:ac:11:aa:86:e5:19:a1:cc:1f:5f:31:62:
92:8d:e1:08:64:ef:b5:4b:91:95:64:b1:81:f2:a2:
e7:d6:9a:ee:fe:a7:2b:1e:eb:6e:11:19:b6:02:37:
0e:65:8e:3f:49:24:8e:85:a8:77:22:12:03:73:09:
66:9f:78:b6:6e:96:07:01:d9:68:a7:91:86:f6:02:
5b:1d:a5:d0:4d:ac:d6:cc:61:81:83:f7:f8:76:bc:
40:51:70:e0:78:b5:60:d0:ce:ca:23:dc:fb:cd:fd:
71:65:57:8e:39:3c:51:17:44:66:ce:70:7a:a2:5e:
1c:ba:66:eb:68:aa:30:1e:ca:d9:d9:81:16:b8:30:
ad:ed:20:36:22:fe:45:01:9c:7f:1d:6a:73:32:54:
4f:fd:fe:e6:bf:73:ca:75:3d:24:0f:86:a1:87:76:
81:0d:db:a2:ba:8b:d2:01:4a:11:e7:ef:bb:90:f0:
46:7e:a0:68:ad:14:ed:71:57:a6:d9:5a:96:ce:08:
14:88:92:38:4b:2c:da:a9:bc:e2:ca:fc:13:67:05:
97:97:e6:de:b6:6a:da:c0:7b:fc:4c:7b:15:d5:63:
e0:58:15:bc:36:ac:01:89:ea:76:b4:6e:74:ba:3e:
75:b2:a5:7c:29:f6:b1:e1:ce:a3:31:94:f0:16:21:
3c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:56:E4:C3:69:C8:A0:CF:81:AC:77:02:96:C1:0F:C9:9D:16:A9:DB
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TFbkw2nIoM-BrHcClsEPyZ0Wqds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
89.39.120.0/24
212.192.11.0/24
Signature Algorithm: sha256WithRSAEncryption
14:cf:85:1b:d7:e7:0b:1e:89:70:ac:3c:44:42:dd:77:79:7c:
d5:1f:f6:14:6a:79:1c:47:64:88:2f:12:fa:ac:f6:a2:95:fe:
f5:f0:a9:46:aa:06:fb:7a:be:fc:3f:e2:84:e3:4f:d6:b8:17:
34:7d:05:36:b3:d4:c2:35:79:6a:61:17:1d:1f:71:50:fe:bb:
b8:08:b9:22:fc:a4:26:89:58:f9:84:9d:eb:9d:34:57:87:21:
e2:ed:ee:05:6d:eb:39:17:d8:df:f3:35:98:ee:ef:c7:2a:b5:
bf:a0:64:71:b2:84:74:86:2e:24:0f:4f:89:4f:dd:b5:6c:8d:
ac:be:2f:dc:f8:57:6f:41:5c:68:d7:1c:35:d7:62:28:8c:c4:
71:8e:d2:0d:af:96:2a:b4:6d:e2:0c:ea:9c:31:0f:18:d9:0a:
09:89:f1:ff:dc:93:52:ea:e0:f2:3a:80:9c:b4:d2:19:c4:46:
44:e3:5b:b4:5f:33:7d:29:fe:6c:86:32:0e:bd:61:2f:6e:1c:
4c:d2:e8:b4:68:f0:8f:2b:c9:bc:21:2a:65:1f:45:13:3c:c7:
49:57:6b:19:57:48:23:a0:28:37:af:9e:a3:69:bb:a0:10:a6:
b5:7c:72:c3:36:59:72:11:29:3e:38:c7:af:d1:5f:21:5a:6b:
04:39:38:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQoJ1Pnf998Cn0CIxASUowcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzU2ZTRjMzY5YzhhMGNmODFhYzc3MDI5NmMxMGZjOTlkMTZhOWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxOCsEaqG5RmhzB9fMWKSjeEIZO+1
S5GVZLGB8qLn1pru/qcrHutuERm2AjcOZY4/SSSOhah3IhIDcwlmn3i2bpYHAdlo
p5GG9gJbHaXQTazWzGGBg/f4drxAUXDgeLVg0M7KI9z7zf1xZVeOOTxRF0RmznB6
ol4cumbraKowHsrZ2YEWuDCt7SA2Iv5FAZx/HWpzMlRP/f7mv3PKdT0kD4ahh3aB
DduiuovSAUoR5++7kPBGfqBorRTtcVem2VqWzggUiJI4SyzaqbziyvwTZwWXl+be
tmrawHv8THsV1WPgWBW8NqwBiep2tG50uj51sqV8Kfax4c6jMZTwFiE8DwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFExW5MNpyKDPgax3ApbBD8mdFqnbMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVEZia3cybklvTS1CckhjQ2xzRVB5WjBXcWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjnyAwQA
WSd4AwQA1MALMA0GCSqGSIb3DQEBCwUAA4IBAQAUz4Ub1+cLHolwrDxEQt13eXzV
H/YUankcR2SILxL6rPailf718KlGqgb7er78P+KE40/WuBc0fQU2s9TCNXlqYRcd
H3FQ/ru4CLki/KQmiVj5hJ3rnTRXhyHi7e4Fbes5F9jf8zWY7u/HKrW/oGRxsoR0
hi4kD0+JT921bI2svi/c+FdvQVxo1xw112IojMRxjtINr5YqtG3iDOqcMQ8Y2QoJ
ifH/3JNS6uDyOoCctNIZxEZE41u0XzN9Kf5shjIOvWEvbhxM0ui0aPCPK8m8ISpl
H0UTPMdJV2sZV0gjoCg3r56jabugEKa1fHLDNllyESk+OMev0V8hWmsEOTgL
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:58:25 2025 by rpki-client