Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TsD867Vz3ufWJAKD2wfPbYX2pW4.roa
File: TsD867Vz3ufWJAKD2wfPbYX2pW4.roa (raw, json)
Hash identifier: z2MvuKoLtv/6JKqtSFZrpBGOyb5K4W8PWnJtVHB4hb8=
Subject key identifier: 4E:C0:FC:EB:B5:73:DE:E7:D6:24:02:83:DB:07:CF:6D:85:F6:A5:6E
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 0193CF54AFEC9F1285E6563B97FE8E8E1524
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TsD867Vz3ufWJAKD2wfPbYX2pW4.roa
Signing time: Mon 16 Dec 2024 11:57:33 +0000
ROA not before: Mon 16 Dec 2024 11:57:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44477
IP address blocks: 212.192.0.0/24 maxlen: 24
212.192.7.0/24 maxlen: 24
212.192.10.0/24 maxlen: 24
212.192.30.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:54:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:cf:54:af:ec:9f:12:85:e6:56:3b:97:fe:8e:8e:15:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 16 11:57:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ec0fcebb573dee7d6240283db07cf6d85f6a56e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:57:b9:56:7e:90:41:f1:c8:ff:c9:72:f5:86:
05:02:32:49:cd:79:ee:6d:7a:f4:d0:5f:10:44:40:
ce:9f:71:db:13:5e:df:0b:7c:de:ba:6f:51:5e:b3:
c4:cf:62:64:5f:2f:f6:fe:fa:29:bc:7b:bf:79:6f:
ea:e5:eb:94:de:c7:e9:f6:14:7d:a0:f4:29:f0:6d:
4a:35:37:4e:34:dc:d2:ed:3d:eb:18:74:95:10:f6:
62:97:1c:30:e0:8f:d6:c8:32:a8:41:38:fa:d7:73:
dd:1c:32:e6:e5:3c:a4:50:fc:87:b7:94:52:17:4f:
db:20:af:9d:d9:bb:ad:06:9e:f3:4e:1f:01:da:09:
b5:eb:48:c2:25:a7:57:01:61:c5:04:9c:c2:b1:36:
cf:38:1c:dd:52:e4:a0:2e:f4:a8:7d:6e:72:23:89:
9d:84:1c:11:a9:11:8d:97:52:c0:8c:e7:c9:54:32:
48:eb:c6:84:f7:ab:21:ec:4d:7b:94:02:68:81:ee:
8e:1e:d5:db:fa:f5:16:f6:9f:84:d8:b6:f6:7e:51:
7c:ef:b8:6c:eb:40:bf:2c:40:0d:42:82:53:50:14:
32:b1:6f:49:d7:38:9e:c3:40:18:e2:b1:7c:9b:4e:
0f:d0:c6:54:ef:5f:55:ee:aa:68:5c:8a:37:8e:9d:
7a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C0:FC:EB:B5:73:DE:E7:D6:24:02:83:DB:07:CF:6D:85:F6:A5:6E
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/TsD867Vz3ufWJAKD2wfPbYX2pW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.192.0.0/24
212.192.7.0/24
212.192.10.0/24
212.192.30.0/24
Signature Algorithm: sha256WithRSAEncryption
50:2c:50:d2:04:9b:52:55:e2:04:b0:c8:be:a0:4b:66:58:11:
ed:53:4a:3b:47:19:34:26:8e:87:b4:3a:6c:78:18:23:47:c3:
fa:84:31:c8:86:e8:de:4b:76:a8:a4:fc:c1:0c:f6:a6:2c:05:
42:03:0d:1a:11:e9:8b:86:9c:50:59:b6:c2:21:c5:cf:5a:67:
e0:52:38:e2:9b:a1:33:e1:0f:5f:4b:0f:65:6e:3e:e5:37:7d:
de:95:97:29:32:04:51:82:b4:3f:25:cc:b3:38:ec:a1:b8:4b:
86:2f:9f:f7:ed:24:c4:66:ec:32:1d:cb:da:77:42:88:54:1a:
64:74:da:23:7b:96:41:3d:f8:f4:9c:30:cd:91:55:05:dd:cf:
fe:d9:62:24:6d:66:73:ae:64:52:9f:09:3c:ea:0b:d3:e8:cc:
29:dd:49:ab:c6:02:f8:6d:5f:60:b5:ea:ac:4f:01:2b:65:b4:
90:01:3a:91:67:e6:29:41:50:2b:06:51:c4:2a:0f:3c:27:17:
0d:1c:c3:0b:37:88:f2:43:cc:3f:2f:fb:f7:fc:db:9a:fd:54:
5d:cf:3d:34:a2:6a:24:f4:db:24:7a:23:a4:8a:0a:4e:68:27:
6d:ae:e1:1e:bb:02:13:17:9e:60:96:2c:d5:e3:62:9a:25:92:
74:51:8f:3b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZPPVK/snxKF5lY7l/6OjhUkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMjE2MTE1NzMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWMwZmNlYmI1NzNkZWU3ZDYyNDAyODNkYjA3Y2Y2ZDg1ZjZhNTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21e5Vn6QQfHI/8ly9YYFAjJJzXnu
bXr00F8QREDOn3HbE17fC3zeum9RXrPEz2JkXy/2/vopvHu/eW/q5euU3sfp9hR9
oPQp8G1KNTdONNzS7T3rGHSVEPZilxww4I/WyDKoQTj613PdHDLm5TykUPyHt5RS
F0/bIK+d2butBp7zTh8B2gm160jCJadXAWHFBJzCsTbPOBzdUuSgLvSofW5yI4md
hBwRqRGNl1LAjOfJVDJI68aE96sh7E17lAJoge6OHtXb+vUW9p+E2Lb2flF877hs
60C/LEANQoJTUBQysW9J1ziew0AY4rF8m04P0MZU719V7qpoXIo3jp163QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE7A/Ou1c97n1iQCg9sHz22F9qVuMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVHNEODY3VnozdWZXSkFLRDJ3ZlBiWVgycFc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQA1MAAAwQA
1MAHAwQA1MAKAwQA1MAeMA0GCSqGSIb3DQEBCwUAA4IBAQBQLFDSBJtSVeIEsMi+
oEtmWBHtU0o7Rxk0Jo6HtDpseBgjR8P6hDHIhujeS3aopPzBDPamLAVCAw0aEemL
hpxQWbbCIcXPWmfgUjjim6Ez4Q9fSw9lbj7lN33elZcpMgRRgrQ/JcyzOOyhuEuG
L5/37STEZuwyHcvad0KIVBpkdNoje5ZBPfj0nDDNkVUF3c/+2WIkbWZzrmRSnwk8
6gvT6Mwp3UmrxgL4bV9gteqsTwErZbSQATqRZ+YpQVArBlHEKg88JxcNHMMLN4jy
Q8w/L/v3/Nua/VRdzz00omok9NskeiOkigpOaCdtruEeuwITF55glizV42KaJZJ0
UY87
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:16 2025 by rpki-client