Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/3fa45d-61b6-4a26-8d7f-8d9d752c4f4a/1/TVeHjhVWbICpNHZP772KOh7sIXA.roa
File: TVeHjhVWbICpNHZP772KOh7sIXA.roa (raw, json)
Hash identifier: /rFgWEBK5MuYOGSTb1HsjVhMUcJExp31MsA6lxna8gY=
Subject key identifier: 4D:57:87:8E:15:56:6C:80:A9:34:76:4F:EF:BD:8A:3A:1E:EC:21:70
Certificate issuer: /CN=1f74988332069e1835246a85a1094125152b3765
Certificate serial: 018CC5DCCBF91FF39AB25E852BFEAB500FCD
Authority key identifier: 1F:74:98:83:32:06:9E:18:35:24:6A:85:A1:09:41:25:15:2B:37:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/H3SYgzIGnhg1JGqFoQlBJRUrN2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/3fa45d-61b6-4a26-8d7f-8d9d752c4f4a/1/TVeHjhVWbICpNHZP772KOh7sIXA.roa
Signing time: Mon 01 Jan 2024 16:30:30 +0000
ROA not before: Mon 01 Jan 2024 16:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200387
IP address blocks: 194.49.11.0/24 maxlen: 24
194.49.8.0/24 maxlen: 24
194.49.9.0/24 maxlen: 24
194.49.10.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:cb:f9:1f:f3:9a:b2:5e:85:2b:fe:ab:50:0f:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f74988332069e1835246a85a1094125152b3765
Validity
Not Before: Jan 1 16:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d57878e15566c80a934764fefbd8a3a1eec2170
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:60:83:c4:c9:27:45:70:2c:8d:a4:75:f8:36:
ab:b8:89:5e:ed:94:80:36:24:79:c0:81:61:75:85:
87:e8:b9:f9:d5:f2:db:47:83:91:6d:99:4e:fe:71:
5e:e3:b8:b9:59:30:1a:f1:df:6d:d3:78:d7:f5:a4:
65:ad:b4:c8:19:79:4d:98:ae:93:99:df:0c:87:13:
ca:db:4a:95:10:81:75:7c:7d:f0:06:d0:4f:33:ce:
bf:83:cc:a3:af:6a:74:3d:6b:18:c6:25:d3:45:a4:
e5:b1:d0:e0:77:9a:66:1c:8b:fb:aa:e0:90:40:85:
ed:79:a2:cd:a6:e0:af:b5:48:5d:06:c8:9a:d6:73:
d4:f0:63:8a:dd:00:27:27:2b:04:12:3c:8d:b3:73:
e2:c3:92:fb:0e:7b:38:53:0f:86:ea:68:18:6e:f8:
72:c2:b9:7d:db:00:a0:fa:ca:02:35:1f:c5:e1:c7:
9e:11:8e:e4:9a:f4:d8:ec:d6:7a:cf:3d:69:a3:70:
b5:19:b2:83:01:bf:b2:97:2b:4b:70:52:89:6d:79:
f6:dd:bf:5a:4c:3a:df:a1:97:1e:67:15:45:09:79:
65:c4:b0:ac:b6:22:2a:d2:6e:75:4c:9a:24:da:3a:
2f:c7:8f:7a:a1:f7:49:1a:b2:68:e5:eb:ba:a3:8c:
ff:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:57:87:8E:15:56:6C:80:A9:34:76:4F:EF:BD:8A:3A:1E:EC:21:70
X509v3 Authority Key Identifier:
keyid:1F:74:98:83:32:06:9E:18:35:24:6A:85:A1:09:41:25:15:2B:37:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/H3SYgzIGnhg1JGqFoQlBJRUrN2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3fa45d-61b6-4a26-8d7f-8d9d752c4f4a/1/TVeHjhVWbICpNHZP772KOh7sIXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/3fa45d-61b6-4a26-8d7f-8d9d752c4f4a/1/H3SYgzIGnhg1JGqFoQlBJRUrN2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.8.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:dd:6f:de:92:68:c1:f3:be:ce:75:51:da:d3:11:f8:8e:0b:
bc:05:6e:11:54:fd:91:3c:ba:01:53:12:ae:7c:56:3c:65:d4:
86:19:5d:ac:af:33:ee:ca:40:b2:25:f5:41:2d:47:f2:79:2f:
9f:da:77:68:6b:22:af:8d:64:83:ee:84:c1:d4:7d:06:f1:89:
2b:dc:46:1e:45:05:46:5f:fe:84:f2:1b:88:f5:80:83:ea:67:
e7:c8:94:93:a7:5e:b9:f5:b8:76:a7:8d:bd:cb:ac:0e:4a:97:
5f:ee:75:08:a6:81:65:c7:16:3f:7e:b6:8a:0d:2e:ea:7a:4d:
85:6c:b4:51:e2:d8:87:7a:6e:a5:62:b3:21:f9:37:9a:ea:a3:
83:d5:06:68:05:f3:1f:62:2f:b4:70:16:e1:bb:ae:4f:c1:5d:
0f:03:95:3f:25:0b:3f:23:7c:8b:a8:fd:bb:af:5d:3e:2b:93:
3d:1d:99:bc:e2:29:c7:d1:a4:1c:bc:f9:ca:c6:50:b8:8a:f8:
9b:81:9f:56:32:9b:90:3a:0f:f3:b5:0b:d6:5b:66:b4:fb:0f:
6c:e6:1a:22:25:4c:ee:a8:4b:2a:86:56:05:1b:2e:07:fc:ed:
eb:c5:18:3f:bf:ae:c2:ac:83:2f:a3:de:8c:81:57:9a:e3:ca:
34:57:d1:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3Mv5H/Oasl6FK/6rUA/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmNzQ5ODgzMzIwNjllMTgzNTI0NmE4NWExMDk0MTI1MTUy
YjM3NjUwHhcNMjQwMTAxMTYzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDU3ODc4ZTE1NTY2YzgwYTkzNDc2NGZlZmJkOGEzYTFlZWMyMTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32CDxMknRXAsjaR1+DaruIle7ZSA
NiR5wIFhdYWH6Ln51fLbR4ORbZlO/nFe47i5WTAa8d9t03jX9aRlrbTIGXlNmK6T
md8MhxPK20qVEIF1fH3wBtBPM86/g8yjr2p0PWsYxiXTRaTlsdDgd5pmHIv7quCQ
QIXteaLNpuCvtUhdBsia1nPU8GOK3QAnJysEEjyNs3Piw5L7Dns4Uw+G6mgYbvhy
wrl92wCg+soCNR/F4ceeEY7kmvTY7NZ6zz1po3C1GbKDAb+ylytLcFKJbXn23b9a
TDrfoZceZxVFCXllxLCstiIq0m51TJok2jovx496ofdJGrJo5eu6o4z/dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1Xh44VVmyAqTR2T++9ijoe7CFwMB8GA1UdIwQY
MBaAFB90mIMyBp4YNSRqhaEJQSUVKzdlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSDNTWWd6SUduaGcxSkdxRm9RbEJKUlVyTjJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8zZmE0NWQtNjFiNi00YTI2LThkN2Yt
OGQ5ZDc1MmM0ZjRhLzEvVFZlSGpoVldiSUNwTkhaUDc3MktPaDdzSVhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8zZmE0NWQtNjFiNi00YTI2LThkN2YtOGQ5ZDc1MmM0ZjRh
LzEvSDNTWWd6SUduaGcxSkdxRm9RbEJKUlVyTjJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwjEIMA0G
CSqGSIb3DQEBCwUAA4IBAQCP3W/ekmjB877OdVHa0xH4jgu8BW4RVP2RPLoBUxKu
fFY8ZdSGGV2srzPuykCyJfVBLUfyeS+f2ndoayKvjWSD7oTB1H0G8Ykr3EYeRQVG
X/6E8huI9YCD6mfnyJSTp1659bh2p429y6wOSpdf7nUIpoFlxxY/fraKDS7qek2F
bLRR4tiHem6lYrMh+Tea6qOD1QZoBfMfYi+0cBbhu65PwV0PA5U/JQs/I3yLqP27
r10+K5M9HZm84inH0aQcvPnKxlC4ivibgZ9WMpuQOg/ztQvWW2a0+w9s5hoiJUzu
qEsqhlYFGy4H/O3rxRg/v67CrIMvo96MgVea48o0V9HC
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:48:28 2025 by rpki-client