Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/tDz2dTsJcM-hGGZs_D-mkxRJ9Ts.roa
File: tDz2dTsJcM-hGGZs_D-mkxRJ9Ts.roa (raw, json)
Hash identifier: FtHm54ZMxfLBIp3iqKditk34zb/VtzioE3ONJHyYGhs=
Subject key identifier: B4:3C:F6:75:3B:09:70:CF:A1:18:66:6C:FC:3F:A6:93:14:49:F5:3B
Certificate issuer: /CN=d38579e4c7da01df0465186236e9af27eb7312ed
Certificate serial: 01921E26C04A42276369D0A0F6C3ABEC075F
Authority key identifier: D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/tDz2dTsJcM-hGGZs_D-mkxRJ9Ts.roa
Signing time: Mon 23 Sep 2024 09:11:48 +0000
ROA not before: Mon 23 Sep 2024 09:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29469
IP address blocks: 194.9.70.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1e:26:c0:4a:42:27:63:69:d0:a0:f6:c3:ab:ec:07:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d38579e4c7da01df0465186236e9af27eb7312ed
Validity
Not Before: Sep 23 09:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b43cf6753b0970cfa118666cfc3fa6931449f53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9e:b0:2d:23:f1:66:7c:fe:8f:88:31:15:79:
6e:34:7e:c0:dd:45:32:52:48:d9:d8:d4:55:ca:ba:
1a:89:2f:70:6f:4b:67:d3:4b:fc:0a:00:1e:07:03:
ad:bb:74:e7:74:0f:e5:44:c5:b5:c9:0b:7a:7f:f7:
a0:83:c5:7a:dc:00:49:85:22:0d:9a:c7:ea:01:e9:
cd:43:89:07:4a:4e:9e:ed:8f:9c:fe:62:b7:90:85:
1d:7e:b4:3f:18:d3:56:ff:a5:1b:29:73:b7:57:78:
2d:41:33:97:2c:65:06:f3:b6:f4:58:a5:cf:d1:7e:
cb:32:89:d4:30:44:2d:b7:d4:f5:a7:db:fb:92:f2:
3d:67:32:9b:e6:11:29:bc:28:5d:4a:80:f8:26:fe:
94:b1:b8:df:f1:5c:dc:e2:fb:53:21:1f:45:6a:0d:
01:12:a3:dc:84:c5:6a:24:b1:4a:03:5d:70:5b:00:
c5:07:3a:eb:73:c5:da:22:5c:0d:80:48:17:c3:e1:
c1:9d:c0:93:55:f2:b0:6b:b0:8c:d0:6b:4c:82:66:
88:08:39:74:0b:fb:ba:b6:06:d3:f4:f6:ba:1d:59:
cf:b8:1e:57:ef:1b:7f:8f:49:e4:78:26:c1:12:ba:
b7:1b:b9:6a:d7:f5:cc:3d:69:6a:0d:de:b9:38:b6:
22:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3C:F6:75:3B:09:70:CF:A1:18:66:6C:FC:3F:A6:93:14:49:F5:3B
X509v3 Authority Key Identifier:
keyid:D3:85:79:E4:C7:DA:01:DF:04:65:18:62:36:E9:AF:27:EB:73:12:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/04V55MfaAd8EZRhiNumvJ-tzEu0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/tDz2dTsJcM-hGGZs_D-mkxRJ9Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/94622d-c26d-4376-b059-bd405419b00d/1/04V55MfaAd8EZRhiNumvJ-tzEu0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.9.70.0/23
Signature Algorithm: sha256WithRSAEncryption
5f:4d:03:f6:5a:f3:f6:48:a5:4f:6f:1d:12:0e:98:f3:91:28:
ff:a8:4d:e0:ec:0f:18:e2:64:27:d6:bb:2b:f0:73:77:f4:94:
af:f1:ab:7c:b3:61:ac:9c:02:e2:0d:e3:85:66:a1:9e:69:dc:
d3:f5:cd:f9:c7:f4:06:8e:67:a1:10:39:86:58:1b:11:c1:4a:
c9:ed:b8:cd:24:ca:11:a3:9f:4a:6b:2d:af:03:8a:3c:6e:1e:
64:09:28:97:c9:ab:5d:26:8d:3e:6b:e8:34:e7:fd:27:2b:6c:
a9:1f:07:00:4e:67:6f:d2:07:5d:77:23:01:66:9e:bf:01:93:
4c:2f:bf:3c:8c:9e:f9:93:c8:a9:01:a6:91:03:38:84:5d:c7:
36:8d:cf:b2:ef:ff:b8:d5:5e:0b:0e:1a:38:8f:66:91:99:d8:
df:f3:3b:49:fc:98:d4:4f:4f:78:80:41:9f:95:d4:70:0e:56:
a6:48:44:da:0b:c0:6d:16:87:50:ac:c7:ad:16:5d:4f:c4:c0:
65:17:48:f2:3c:da:43:87:a9:a4:14:5f:a5:57:23:a1:ad:15:
5e:6e:5f:09:25:1f:e2:16:18:a8:98:62:b3:16:bd:a5:f7:6f:
d3:13:04:9a:24:57:36:e2:ca:d0:6c:8b:57:da:a2:52:21:88:
01:c7:36:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZIeJsBKQidjadCg9sOr7AdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzODU3OWU0YzdkYTAxZGYwNDY1MTg2MjM2ZTlhZjI3ZWI3
MzEyZWQwHhcNMjQwOTIzMDkxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDNjZjY3NTNiMDk3MGNmYTExODY2NmNmYzNmYTY5MzE0NDlmNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp56wLSPxZnz+j4gxFXluNH7A3UUy
UkjZ2NRVyroaiS9wb0tn00v8CgAeBwOtu3TndA/lRMW1yQt6f/egg8V63ABJhSIN
msfqAenNQ4kHSk6e7Y+c/mK3kIUdfrQ/GNNW/6UbKXO3V3gtQTOXLGUG87b0WKXP
0X7LMonUMEQtt9T1p9v7kvI9ZzKb5hEpvChdSoD4Jv6Usbjf8Vzc4vtTIR9Fag0B
EqPchMVqJLFKA11wWwDFBzrrc8XaIlwNgEgXw+HBncCTVfKwa7CM0GtMgmaICDl0
C/u6tgbT9Pa6HVnPuB5X7xt/j0nkeCbBErq3G7lq1/XMPWlqDd65OLYimQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQ89nU7CXDPoRhmbPw/ppMUSfU7MB8GA1UdIwQY
MBaAFNOFeeTH2gHfBGUYYjbpryfrcxLtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTkt
YmQ0MDU0MTliMDBkLzEvdER6MmRUc0pjTS1oR0dac19ELW1reFJKOVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC85NDYyMmQtYzI2ZC00Mzc2LWIwNTktYmQ0MDU0MTliMDBk
LzEvMDRWNTVNZmFBZDhFWlJoaU51bXZKLXR6RXUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwglGMA0G
CSqGSIb3DQEBCwUAA4IBAQBfTQP2WvP2SKVPbx0SDpjzkSj/qE3g7A8Y4mQn1rsr
8HN39JSv8at8s2GsnALiDeOFZqGeadzT9c35x/QGjmehEDmGWBsRwUrJ7bjNJMoR
o59Kay2vA4o8bh5kCSiXyatdJo0+a+g05/0nK2ypHwcATmdv0gdddyMBZp6/AZNM
L788jJ75k8ipAaaRAziEXcc2jc+y7/+41V4LDho4j2aRmdjf8ztJ/JjUT094gEGf
ldRwDlamSETaC8BtFodQrMetFl1PxMBlF0jyPNpDh6mkFF+lVyOhrRVebl8JJR/i
FhiomGKzFr2l92/TEwSaJFc24srQbItX2qJSIYgBxzZe
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:26:53 2025 by rpki-client