Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/6f8a77-b26c-4d24-bb44-15b0c3449907/1/TxqcdcAKXvT452WlgmmzwTcaEYI.roa
File: TxqcdcAKXvT452WlgmmzwTcaEYI.roa (raw, json)
Hash identifier: VJAP02As2jIQYPSAmzuXyxwIaTITfl8wUXE5RmFcwbQ=
Subject key identifier: 4F:1A:9C:75:C0:0A:5E:F4:F8:E7:65:A5:82:69:B3:C1:37:1A:11:82
Certificate issuer: /CN=022c8ffc50609ec0d8b4a72805c8990a64aae71e
Certificate serial: 018CC8DF3E225F7AC4907056ED17018C1D3B
Authority key identifier: 02:2C:8F:FC:50:60:9E:C0:D8:B4:A7:28:05:C8:99:0A:64:AA:E7:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AiyP_FBgnsDYtKcoBciZCmSq5x4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/6f8a77-b26c-4d24-bb44-15b0c3449907/1/TxqcdcAKXvT452WlgmmzwTcaEYI.roa
Signing time: Tue 02 Jan 2024 06:32:02 +0000
ROA not before: Tue 02 Jan 2024 06:32:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56695
IP address blocks: 195.128.128.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:3e:22:5f:7a:c4:90:70:56:ed:17:01:8c:1d:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=022c8ffc50609ec0d8b4a72805c8990a64aae71e
Validity
Not Before: Jan 2 06:32:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f1a9c75c00a5ef4f8e765a58269b3c1371a1182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:e5:49:dc:8d:fb:b9:e9:b1:4c:b0:18:00:6a:
f2:7e:90:d1:04:9f:88:f4:e8:32:5a:70:e4:00:fd:
92:ec:f1:06:b7:df:2d:45:c0:eb:8a:af:99:ce:c7:
8e:53:75:13:68:23:cb:fe:28:e4:a7:4f:79:09:69:
e7:69:31:08:68:52:97:c8:d3:c1:11:bc:64:6f:e0:
e2:75:62:3d:7b:37:8c:81:2c:6e:a7:60:d4:9a:3a:
82:7a:66:02:e0:7d:55:e6:ad:99:99:e6:ce:6b:df:
77:22:6f:bc:5d:98:a4:2c:54:8c:9a:1d:a5:ab:06:
44:02:97:c3:4b:03:5d:b3:53:a7:26:12:04:38:5d:
09:8c:e6:cb:0b:66:ea:94:e9:21:38:8b:b1:7d:61:
c2:a2:49:bc:16:3e:69:09:e1:18:ed:e4:17:30:85:
73:7b:51:e9:64:8b:25:95:20:a2:d3:d9:86:b3:fb:
24:7d:6b:10:46:b2:70:f3:a3:e4:7c:c8:19:39:5d:
f2:91:eb:ba:10:35:e3:69:36:f7:69:58:e8:f9:e6:
67:f4:0b:87:af:0e:26:83:2a:55:c2:68:4b:64:8e:
bd:bb:01:9b:fd:5d:96:55:e7:7e:39:09:c3:4d:3f:
8a:ce:cb:33:14:17:f5:77:c9:8a:e7:82:fb:c2:0f:
dc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:1A:9C:75:C0:0A:5E:F4:F8:E7:65:A5:82:69:B3:C1:37:1A:11:82
X509v3 Authority Key Identifier:
keyid:02:2C:8F:FC:50:60:9E:C0:D8:B4:A7:28:05:C8:99:0A:64:AA:E7:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AiyP_FBgnsDYtKcoBciZCmSq5x4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6f8a77-b26c-4d24-bb44-15b0c3449907/1/TxqcdcAKXvT452WlgmmzwTcaEYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/6f8a77-b26c-4d24-bb44-15b0c3449907/1/AiyP_FBgnsDYtKcoBciZCmSq5x4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.128.128.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:3e:c9:06:f2:fa:aa:ef:d5:e7:c2:5a:99:01:c1:6e:a7:5c:
a9:19:95:11:58:ae:88:93:c8:f6:78:fe:95:62:ef:a9:87:c7:
87:88:7a:8c:e1:79:48:90:77:8e:0e:16:47:d6:c1:c3:c3:bc:
98:38:cc:62:42:b1:1b:99:8f:6a:2b:15:9d:21:48:7e:31:d3:
eb:3a:f5:89:fb:7e:55:d8:f1:48:2f:40:51:25:73:77:cd:a3:
27:14:35:56:58:0e:86:14:88:f0:71:ae:9b:0d:24:0f:0c:d4:
47:18:78:26:51:db:f2:4e:7d:2f:2e:53:86:e3:ee:80:b2:8a:
96:f7:63:37:cc:de:c8:db:43:2d:7e:33:43:23:73:92:21:f9:
bd:20:d1:1c:fc:dc:1b:55:b9:db:51:7a:91:7d:c1:ad:95:22:
48:58:f5:08:ea:51:63:75:2c:b9:17:4b:e1:b7:dd:e0:ba:b3:
46:9e:b4:da:63:84:e6:d6:a2:03:17:0a:a3:dd:bd:2b:5f:f4:
64:3a:c5:8f:b4:be:d6:ca:36:bc:69:f1:cd:46:ad:c4:9a:f0:
9b:4c:a4:ed:2a:46:02:45:f5:5c:22:96:8b:f0:04:f4:da:93:
a3:63:27:e8:a4:af:00:4f:37:a6:48:94:bf:e2:b5:9d:e3:b2:
a9:8a:4b:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3z4iX3rEkHBW7RcBjB07MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyMmM4ZmZjNTA2MDllYzBkOGI0YTcyODA1Yzg5OTBhNjRh
YWU3MWUwHhcNMjQwMTAyMDYzMjAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjFhOWM3NWMwMGE1ZWY0ZjhlNzY1YTU4MjY5YjNjMTM3MWExMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4eVJ3I37uemxTLAYAGryfpDRBJ+I
9OgyWnDkAP2S7PEGt98tRcDriq+ZzseOU3UTaCPL/ijkp095CWnnaTEIaFKXyNPB
Ebxkb+DidWI9ezeMgSxup2DUmjqCemYC4H1V5q2ZmebOa993Im+8XZikLFSMmh2l
qwZEApfDSwNds1OnJhIEOF0JjObLC2bqlOkhOIuxfWHCokm8Fj5pCeEY7eQXMIVz
e1HpZIsllSCi09mGs/skfWsQRrJw86PkfMgZOV3ykeu6EDXjaTb3aVjo+eZn9AuH
rw4mgypVwmhLZI69uwGb/V2WVed+OQnDTT+KzsszFBf1d8mK54L7wg/cfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE8anHXACl70+OdlpYJps8E3GhGCMB8GA1UdIwQY
MBaAFAIsj/xQYJ7A2LSnKAXImQpkquceMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWl5UF9GQmduc0RZdEtjb0JjaVpDbVNxNXg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My82ZjhhNzctYjI2Yy00ZDI0LWJiNDQt
MTViMGMzNDQ5OTA3LzEvVHhxY2RjQUtYdlQ0NTJXbGdtbXp3VGNhRVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My82ZjhhNzctYjI2Yy00ZDI0LWJiNDQtMTViMGMzNDQ5OTA3
LzEvQWl5UF9GQmduc0RZdEtjb0JjaVpDbVNxNXg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw4CAMA0G
CSqGSIb3DQEBCwUAA4IBAQC8PskG8vqq79XnwlqZAcFup1ypGZURWK6Ik8j2eP6V
Yu+ph8eHiHqM4XlIkHeODhZH1sHDw7yYOMxiQrEbmY9qKxWdIUh+MdPrOvWJ+35V
2PFIL0BRJXN3zaMnFDVWWA6GFIjwca6bDSQPDNRHGHgmUdvyTn0vLlOG4+6AsoqW
92M3zN7I20MtfjNDI3OSIfm9INEc/NwbVbnbUXqRfcGtlSJIWPUI6lFjdSy5F0vh
t93gurNGnrTaY4Tm1qIDFwqj3b0rX/RkOsWPtL7Wyja8afHNRq3EmvCbTKTtKkYC
RfVcIpaL8AT02pOjYyfopK8ATzemSJS/4rWd47Kpiku8
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:23 2025 by rpki-client