Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/TMn3TLqnNKGeRUkRKYyHH66m1nU.roa
File: TMn3TLqnNKGeRUkRKYyHH66m1nU.roa (raw, json)
Hash identifier: h/2RBMUsDN/WESBsdfpn1ktbVzPeq0BuiBNMmuDbPZM=
Subject key identifier: 4C:C9:F7:4C:BA:A7:34:A1:9E:45:49:11:29:8C:87:1F:AE:A6:D6:75
Certificate issuer: /CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Certificate serial: 019427B47FDD82ACE30777C57761F77BE201
Authority key identifier: A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/TMn3TLqnNKGeRUkRKYyHH66m1nU.roa
Signing time: Thu 02 Jan 2025 15:48:48 +0000
ROA not before: Thu 02 Jan 2025 15:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 193.31.111.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 14:04:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:7f:dd:82:ac:e3:07:77:c5:77:61:f7:7b:e2:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a88ad546f1a0ef8cf75c92a748bd5c86362e209b
Validity
Not Before: Jan 2 15:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4cc9f74cbaa734a19e454911298c871faea6d675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:f0:85:bb:c0:10:16:37:da:e8:e2:d8:1d:
f2:b7:83:c6:64:6b:49:23:df:7f:9f:df:01:73:1d:
ec:d4:cb:97:2f:fc:83:ed:66:aa:90:9a:78:6b:48:
77:4a:42:cd:42:43:96:11:71:0f:b9:b2:50:55:3d:
e2:a2:86:12:cc:84:81:87:6e:4d:05:4e:24:db:70:
a6:ff:7c:67:50:5d:bd:61:bb:83:db:f4:36:64:ad:
11:11:47:f2:3b:24:8e:67:44:f2:af:fa:f8:0f:a5:
71:4a:ee:6d:ad:20:b5:e3:61:1d:11:89:0c:2d:82:
20:26:69:ad:87:aa:0c:9d:3d:fd:92:39:5c:ad:b8:
32:d5:43:bf:f7:45:ea:32:30:8c:f7:6a:8b:f5:77:
60:aa:df:ab:78:37:3d:e6:53:e2:1f:6d:ef:ba:45:
0c:2b:52:a7:cd:11:29:79:ce:75:66:73:8f:c2:28:
04:2c:85:a8:78:69:66:24:a2:45:d9:c3:43:ce:ae:
02:ae:02:30:41:90:1c:1f:da:2a:77:e1:be:f4:8b:
3d:7c:93:1a:98:b6:be:d3:7f:f4:6c:91:d8:86:99:
80:e5:40:bf:28:f7:b2:2f:44:2b:8b:8e:c7:ce:de:
83:81:b6:1b:15:5b:fb:f2:be:a3:04:b8:6d:66:b7:
77:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C9:F7:4C:BA:A7:34:A1:9E:45:49:11:29:8C:87:1F:AE:A6:D6:75
X509v3 Authority Key Identifier:
keyid:A8:8A:D5:46:F1:A0:EF:8C:F7:5C:92:A7:48:BD:5C:86:36:2E:20:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qIrVRvGg74z3XJKnSL1chjYuIJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/TMn3TLqnNKGeRUkRKYyHH66m1nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/500a8c-6a2d-434b-96f1-18eb779a6497/1/qIrVRvGg74z3XJKnSL1chjYuIJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.111.0/24
Signature Algorithm: sha256WithRSAEncryption
72:3f:77:d1:52:81:8a:02:69:cc:49:33:3b:48:55:b6:88:9b:
19:16:88:eb:ec:8d:af:d1:c3:86:6d:39:9b:3b:b1:f7:ae:b0:
24:58:c9:53:c2:7c:f5:3d:b4:33:0b:06:19:b6:f2:7a:c8:19:
12:c5:ae:33:a8:66:98:e5:4b:d6:9a:cf:c0:d3:f3:e8:5f:ee:
8b:ea:09:f6:a2:ae:52:02:f6:b9:4e:78:c6:c3:76:04:be:6f:
aa:30:fb:f6:0f:19:a0:2e:30:b9:10:28:27:f2:7f:d1:5a:8e:
80:78:a0:21:b3:26:db:34:0c:a2:5a:06:c5:ea:61:41:80:a6:
25:99:3a:78:b1:d6:26:8f:11:0a:c9:45:11:56:c2:da:96:04:
83:7e:43:9c:d6:6e:a0:96:fc:63:3b:78:4a:b1:8a:7b:40:0f:
b7:30:8d:33:27:c4:97:cb:b9:e3:96:7b:2e:c7:5a:93:90:df:
72:5a:69:c4:38:59:38:f9:b9:72:1d:8e:f1:7f:89:1e:dd:70:
eb:60:b5:c8:c3:cb:98:df:8f:b3:09:10:8a:9c:69:95:0a:e6:
c4:07:c0:e9:ee:1e:02:07:99:a1:7b:da:54:8d:b3:d1:47:72:
72:1b:3f:5d:c1:78:de:98:21:79:2a:78:b5:85:c7:e6:0f:bb:
51:16:e4:69
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntH/dgqzjB3fFd2H3e+IBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OGFkNTQ2ZjFhMGVmOGNmNzVjOTJhNzQ4YmQ1Yzg2MzYy
ZTIwOWIwHhcNMjUwMTAyMTU0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2M5Zjc0Y2JhYTczNGExOWU0NTQ5MTEyOThjODcxZmFlYTZkNjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAzwhbvAEBY32uji2B3yt4PGZGtJ
I99/n98Bcx3s1MuXL/yD7WaqkJp4a0h3SkLNQkOWEXEPubJQVT3iooYSzISBh25N
BU4k23Cm/3xnUF29YbuD2/Q2ZK0REUfyOySOZ0Tyr/r4D6VxSu5trSC142EdEYkM
LYIgJmmth6oMnT39kjlcrbgy1UO/90XqMjCM92qL9Xdgqt+reDc95lPiH23vukUM
K1KnzREpec51ZnOPwigELIWoeGlmJKJF2cNDzq4CrgIwQZAcH9oqd+G+9Is9fJMa
mLa+03/0bJHYhpmA5UC/KPeyL0Qri47Hzt6DgbYbFVv78r6jBLhtZrd3MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzJ90y6pzShnkVJESmMhx+uptZ1MB8GA1UdIwQY
MBaAFKiK1UbxoO+M91ySp0i9XIY2LiCbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUlyVlJ2R2c3NHozWEpLblNMMWNoall1SUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS81MDBhOGMtNmEyZC00MzRiLTk2ZjEt
MThlYjc3OWE2NDk3LzEvVE1uM1RMcW5OS0dlUlVrUktZeUhINjZtMW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS81MDBhOGMtNmEyZC00MzRiLTk2ZjEtMThlYjc3OWE2NDk3
LzEvcUlyVlJ2R2c3NHozWEpLblNMMWNoall1SUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR9vMA0G
CSqGSIb3DQEBCwUAA4IBAQByP3fRUoGKAmnMSTM7SFW2iJsZFojr7I2v0cOGbTmb
O7H3rrAkWMlTwnz1PbQzCwYZtvJ6yBkSxa4zqGaY5UvWms/A0/PoX+6L6gn2oq5S
Ava5TnjGw3YEvm+qMPv2DxmgLjC5ECgn8n/RWo6AeKAhsybbNAyiWgbF6mFBgKYl
mTp4sdYmjxEKyUURVsLalgSDfkOc1m6glvxjO3hKsYp7QA+3MI0zJ8SXy7njlnsu
x1qTkN9yWmnEOFk4+blyHY7xf4ke3XDrYLXIw8uY34+zCRCKnGmVCubEB8Dp7h4C
B5mhe9pUjbPRR3JyGz9dwXjemCF5Kni1hcfmD7tRFuRp
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:10:34 2025 by rpki-client