Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TDAKcDR3mO7-kSkrixu383fMIww.roa
File: TDAKcDR3mO7-kSkrixu383fMIww.roa (raw, json)
Hash identifier: Twp0BXjv+A7ZrpoBwG3XJbGIOtxY5qLvWZ9KvC+T6hg=
Subject key identifier: 4C:30:0A:70:34:77:98:EE:FE:91:29:2B:8B:1B:B7:F3:77:CC:23:0C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F43B3FF22BC54A1F2456E72B58515515F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TDAKcDR3mO7-kSkrixu383fMIww.roa
Signing time: Sat 04 May 2024 13:03:40 +0000
ROA not before: Sat 04 May 2024 13:03:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Jul 2024 15:33:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:43:b3:ff:22:bc:54:a1:f2:45:6e:72:b5:85:15:51:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 4 13:03:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c300a70347798eefe91292b8b1bb7f377cc230c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:a7:64:e2:ef:c6:aa:dc:e8:fc:d6:9e:34:e5:
b8:7f:32:34:a3:34:8a:a6:59:79:08:43:06:9e:3a:
0f:dd:16:dc:6e:88:54:1d:db:c2:64:97:bf:63:37:
a0:1b:d1:6f:6f:94:a2:ab:fa:9c:6f:ce:3d:3e:fb:
0a:e5:ad:9f:6a:bb:5c:5c:7a:2a:b5:ec:bd:bd:a3:
53:c7:30:6e:2b:6a:2d:ea:04:8b:b1:3c:d8:99:e3:
42:9c:8a:11:bb:58:f2:95:16:33:1a:21:d2:75:fd:
a2:40:9d:ac:ea:41:99:3c:e1:32:ac:f0:19:a0:8a:
f0:99:d8:40:58:9c:05:5a:bb:f3:45:88:74:95:88:
fd:6f:0b:9b:3e:5d:98:85:9f:0f:af:9d:c0:fb:7d:
0f:30:93:67:60:7c:0b:a5:4c:6c:2e:36:c9:d9:db:
82:4d:e7:bd:93:fc:7d:8f:53:38:8f:54:cc:f6:5f:
40:6f:7f:0f:9a:e7:cb:25:2b:63:51:3b:2d:0c:c1:
00:fd:4d:bd:6e:cb:32:ac:05:c4:45:64:cf:a1:ab:
9b:06:bd:2e:d3:c2:96:5f:e4:b0:c6:ed:a1:0c:bc:
2b:59:11:44:a9:86:53:50:a3:a9:c2:c9:79:84:71:
6c:0f:04:00:ff:f0:ac:42:24:52:92:9e:30:b9:d6:
87:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:30:0A:70:34:77:98:EE:FE:91:29:2B:8B:1B:B7:F3:77:CC:23:0C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TDAKcDR3mO7-kSkrixu383fMIww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
Signature Algorithm: sha256WithRSAEncryption
95:57:fd:53:de:bf:be:8b:46:a5:e2:f8:2e:d4:96:35:22:ea:
fa:f3:4f:a3:16:a6:99:6f:0d:09:2b:90:69:af:a9:30:5a:2c:
92:4e:4c:af:66:a0:95:69:00:c0:cd:ab:51:56:08:8a:be:18:
75:29:2a:17:a1:94:4a:b3:fa:53:44:ec:70:c1:06:5b:4c:47:
75:ba:0e:87:cf:ec:9b:e0:6c:d8:5d:44:fd:9e:68:ee:77:63:
bb:f5:a3:74:a7:7d:f9:78:57:ae:3e:6d:9f:ad:db:68:fc:d4:
55:48:e6:2e:de:cc:35:6f:f0:84:13:02:80:63:81:e9:4c:36:
5f:6b:be:fa:af:7e:60:5e:31:02:4f:4d:fe:8b:80:60:e5:55:
db:63:a6:29:63:61:c7:09:82:c6:59:8f:60:b3:75:31:70:d7:
f0:3c:14:b9:3b:a9:c7:8f:f4:0e:7c:f5:21:ad:26:33:1c:9f:
84:40:95:bd:fb:22:09:b9:c9:96:d4:29:ce:14:94:a0:34:e2:
df:b4:e5:4a:ae:d8:54:b2:72:18:a7:55:b0:6c:9e:c2:d8:95:
e6:39:9a:5e:fc:99:f4:14:7a:3d:b9:5c:be:08:42:d5:20:dc:
ff:ba:53:f3:7e:b7:c1:2f:7d:f2:40:69:38:6d:4b:37:cb:4c:
e3:63:78:c2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY9Ds/8ivFSh8kVucrWFFVFfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTA0MTMwMzQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMwMGE3MDM0Nzc5OGVlZmU5MTI5MmI4YjFiYjdmMzc3Y2MyMzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqdk4u/Gqtzo/NaeNOW4fzI0ozSK
pll5CEMGnjoP3RbcbohUHdvCZJe/YzegG9Fvb5Siq/qcb849PvsK5a2fartcXHoq
tey9vaNTxzBuK2ot6gSLsTzYmeNCnIoRu1jylRYzGiHSdf2iQJ2s6kGZPOEyrPAZ
oIrwmdhAWJwFWrvzRYh0lYj9bwubPl2YhZ8Pr53A+30PMJNnYHwLpUxsLjbJ2duC
Tee9k/x9j1M4j1TM9l9Ab38PmufLJStjUTstDMEA/U29bssyrAXERWTPoaubBr0u
08KWX+Swxu2hDLwrWRFEqYZTUKOpwsl5hHFsDwQA//CsQiRSkp4wudaHiwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEwwCnA0d5ju/pEpK4sbt/N3zCMMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVERBS2NEUjNtTzcta1Nrcml4dTM4M2ZNSXd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUQW9AwQA
WdWYAwQAWdWwAwQAWdW3MA0GCSqGSIb3DQEBCwUAA4IBAQCVV/1T3r++i0al4vgu
1JY1Iur680+jFqaZbw0JK5Bpr6kwWiySTkyvZqCVaQDAzatRVgiKvhh1KSoXoZRK
s/pTROxwwQZbTEd1ug6Hz+yb4GzYXUT9nmjud2O79aN0p335eFeuPm2frdto/NRV
SOYu3sw1b/CEEwKAY4HpTDZfa776r35gXjECT03+i4Bg5VXbY6YpY2HHCYLGWY9g
s3UxcNfwPBS5O6nHj/QOfPUhrSYzHJ+EQJW9+yIJucmW1CnOFJSgNOLftOVKrthU
snIYp1WwbJ7C2JXmOZpe/Jn0FHo9uVy+CELVINz/ulPzfrfBL33yQGk4bUs3y0zj
Y3jC
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:34 2025 by rpki-client