Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/Tsm1Ve6WoKrfYi5YaewVybo_BN4.roa
File: Tsm1Ve6WoKrfYi5YaewVybo_BN4.roa (raw, json)
Hash identifier: 72AfiBQV+18WHME3eW2noVA/YDGfWmVBm625Z7/aL1Q=
Subject key identifier: 4E:C9:B5:55:EE:96:A0:AA:DF:62:2E:58:69:EC:15:C9:BA:3F:04:DE
Certificate issuer: /CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Certificate serial: 018CC4247106A2496803851E0AB2AC4B60D4
Authority key identifier: 29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/Tsm1Ve6WoKrfYi5YaewVybo_BN4.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203744
IP address blocks: 89.111.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 07:52:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:71:06:a2:49:68:03:85:1e:0a:b2:ac:4b:60:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29a9964e0cd35fb36757e5653ffa7626ac5deee8
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ec9b555ee96a0aadf622e5869ec15c9ba3f04de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:28:79:1b:37:e5:ea:27:36:6a:15:2a:c2:09:
b4:3a:92:fb:4d:0f:85:69:d3:3f:05:d7:58:80:2e:
2a:df:f4:2d:e3:7c:64:62:a3:84:f5:bc:3b:b3:6c:
cd:4d:4e:3c:d2:78:dc:36:79:f3:52:9a:de:6b:a9:
66:5b:c9:76:bd:32:db:16:eb:54:7f:08:a9:6c:7d:
be:0a:a1:70:5b:c2:58:a1:72:6e:ea:4a:90:dc:d5:
59:44:40:3d:9a:d6:42:4e:df:26:d1:75:da:74:e2:
d3:d1:80:76:44:d2:75:09:cb:55:0d:ca:96:76:47:
ea:01:4d:ca:eb:cc:27:3d:d9:92:c4:a6:75:3c:a7:
c7:bc:07:36:6a:c8:e8:95:62:66:5c:65:f4:a7:29:
5d:51:80:f8:0e:de:a4:81:e8:6d:08:46:1f:21:ce:
a5:d7:b2:0c:80:3c:d1:8f:78:06:7e:d4:bb:17:76:
38:e4:c6:9f:f7:8e:c9:63:97:bf:90:99:f4:36:06:
87:5b:03:17:6e:81:71:2f:f4:1d:44:72:48:13:de:
37:ae:83:10:d4:9f:f9:cd:1f:ff:4a:f9:e1:99:28:
e1:3c:1c:1e:5a:b8:10:92:db:b1:77:09:bf:59:78:
85:d8:83:19:1d:39:cb:b4:58:c2:74:10:8f:d5:0f:
4a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C9:B5:55:EE:96:A0:AA:DF:62:2E:58:69:EC:15:C9:BA:3F:04:DE
X509v3 Authority Key Identifier:
keyid:29:A9:96:4E:0C:D3:5F:B3:67:57:E5:65:3F:FA:76:26:AC:5D:EE:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KamWTgzTX7NnV-VlP_p2Jqxd7ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/Tsm1Ve6WoKrfYi5YaewVybo_BN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6c/214063-f88f-4958-ae52-d9b533f7fbc3/1/KamWTgzTX7NnV-VlP_p2Jqxd7ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.240.0/24
Signature Algorithm: sha256WithRSAEncryption
39:3b:34:68:07:10:a7:8b:ed:2c:96:d6:42:51:c0:e2:0a:23:
b5:11:7c:1a:55:88:5d:02:f0:bf:a8:e0:ab:d1:bd:40:93:33:
6d:78:d8:76:bd:df:22:31:3f:41:05:59:b5:cc:26:b1:50:98:
54:48:22:5b:f9:47:0c:eb:67:e8:b9:43:e3:a6:42:17:0b:d8:
97:a8:0b:8d:1c:48:41:1f:c7:6c:16:bb:e1:ea:20:49:38:37:
0b:51:b7:6a:7e:9c:93:e3:85:ce:ac:bd:28:b5:41:ee:60:1c:
1e:e3:60:4e:d6:b7:7f:5f:71:09:94:52:9a:fa:0a:fc:94:5c:
f0:fc:33:a5:d4:06:84:a4:3f:7c:07:ec:92:ee:66:d7:a4:77:
6b:cf:ba:60:a9:9a:11:71:12:d7:db:00:9f:6d:2c:c2:46:d1:
ef:bd:28:67:98:e0:7f:5d:91:23:bb:37:d1:47:9d:9b:d4:e7:
f8:22:8c:68:85:bb:5f:98:53:41:6c:ef:2d:7d:0d:a3:55:93:
3a:6f:be:b9:37:ca:8a:f8:6e:95:08:ff:23:c2:62:6a:4e:25:
28:2e:d3:14:70:1e:e6:17:fb:22:b6:55:93:40:23:9f:a2:18:
cb:a8:84:9b:ae:1d:58:60:c5:3d:27:3b:6e:39:7e:83:c7:df:
05:35:79:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJHEGokloA4UeCrKsS2DUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YTk5NjRlMGNkMzVmYjM2NzU3ZTU2NTNmZmE3NjI2YWM1
ZGVlZTgwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM5YjU1NWVlOTZhMGFhZGY2MjJlNTg2OWVjMTVjOWJhM2YwNGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwih5Gzfl6ic2ahUqwgm0OpL7TQ+F
adM/BddYgC4q3/Qt43xkYqOE9bw7s2zNTU480njcNnnzUprea6lmW8l2vTLbFutU
fwipbH2+CqFwW8JYoXJu6kqQ3NVZREA9mtZCTt8m0XXadOLT0YB2RNJ1CctVDcqW
dkfqAU3K68wnPdmSxKZ1PKfHvAc2asjolWJmXGX0pyldUYD4Dt6kgehtCEYfIc6l
17IMgDzRj3gGftS7F3Y45Maf947JY5e/kJn0NgaHWwMXboFxL/QdRHJIE943roMQ
1J/5zR//SvnhmSjhPBweWrgQktuxdwm/WXiF2IMZHTnLtFjCdBCP1Q9KAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE7JtVXulqCq32IuWGnsFcm6PwTeMB8GA1UdIwQY
MBaAFCmplk4M01+zZ1flZT/6diasXe7oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTIt
ZDliNTMzZjdmYmMzLzEvVHNtMVZlNldvS3JmWWk1WWFld1Z5Ym9fQk40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yy8yMTQwNjMtZjg4Zi00OTU4LWFlNTItZDliNTMzZjdmYmMz
LzEvS2FtV1RnelRYN05uVi1WbFBfcDJKcXhkN3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWW/wMA0G
CSqGSIb3DQEBCwUAA4IBAQA5OzRoBxCni+0sltZCUcDiCiO1EXwaVYhdAvC/qOCr
0b1AkzNteNh2vd8iMT9BBVm1zCaxUJhUSCJb+UcM62fouUPjpkIXC9iXqAuNHEhB
H8dsFrvh6iBJODcLUbdqfpyT44XOrL0otUHuYBwe42BO1rd/X3EJlFKa+gr8lFzw
/DOl1AaEpD98B+yS7mbXpHdrz7pgqZoRcRLX2wCfbSzCRtHvvShnmOB/XZEjuzfR
R52b1Of4IoxohbtfmFNBbO8tfQ2jVZM6b765N8qK+G6VCP8jwmJqTiUoLtMUcB7m
F/sitlWTQCOfohjLqISbrh1YYMU9JztuOX6Dx98FNXks
-----END CERTIFICATE-----
Generated at Mon Apr 21 20:03:39 2025 by rpki-client