Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TcKUX33S0r5ytkAtTUh3JBaBtlM.roa
File: TcKUX33S0r5ytkAtTUh3JBaBtlM.roa (raw, json)
Hash identifier: E6in/uqCegF65uEKf5e4Qk1H01h91aCKLL2tPbYfUnM=
Subject key identifier: 4D:C2:94:5F:7D:D2:D2:BE:72:B6:40:2D:4D:48:77:24:16:81:B6:53
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196A1B0F78A300A170E5EAA1FE63E43A042
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TcKUX33S0r5ytkAtTUh3JBaBtlM.roa
Signing time: Mon 05 May 2025 18:24:11 +0000
ROA not before: Mon 05 May 2025 18:24:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 89.213.127.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 21 May 2025 07:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a1:b0:f7:8a:30:0a:17:0e:5e:aa:1f:e6:3e:43:a0:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 5 18:24:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc2945f7dd2d2be72b6402d4d4877241681b653
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:c8:bc:bc:ef:d8:cc:3e:4f:d3:41:c9:dc:66:
c1:58:ea:9f:55:e4:eb:55:d2:e2:f8:5c:0b:86:e0:
89:db:77:db:41:7c:68:f3:aa:15:eb:a5:7b:91:b2:
f4:f2:5c:57:9d:87:eb:9a:fd:aa:eb:bc:5c:54:94:
b3:17:b4:33:87:a7:37:e9:6c:4c:33:55:4a:e9:fa:
d2:91:39:ac:a0:65:d6:5b:2e:1c:17:60:7a:dd:2c:
8f:45:e5:7c:dc:c3:80:a4:f6:aa:4a:a3:d0:50:22:
26:3a:27:7e:73:3c:a6:a9:60:ed:0a:a4:48:0a:ef:
9e:fe:f4:08:17:bb:1e:8d:4f:77:82:06:96:2c:9e:
2f:39:e6:87:20:93:52:0f:cd:dd:67:d7:63:19:02:
1b:89:76:05:56:d4:71:cb:1c:cb:8d:5f:cb:b3:86:
c1:41:ae:48:58:20:26:17:7b:6c:7d:51:09:9d:07:
75:eb:f1:e6:4c:ee:5f:6c:39:a9:58:a9:d7:08:ce:
3f:de:cd:0e:98:8f:b5:cf:e2:82:32:f2:30:20:06:
05:6b:04:d6:a9:c4:a1:ef:20:2f:9d:b9:14:a0:02:
f9:5f:3f:b8:32:47:05:87:6d:38:a0:0f:e9:db:dd:
9e:94:4b:2e:94:6c:c1:1c:8e:2c:28:26:54:e4:80:
63:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C2:94:5F:7D:D2:D2:BE:72:B6:40:2D:4D:48:77:24:16:81:B6:53
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/TcKUX33S0r5ytkAtTUh3JBaBtlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.127.0/24
109.176.193.0/24
212.38.81.0/24
213.210.62.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:18:89:64:ff:9a:7b:d4:cd:65:a2:ec:4c:3f:eb:9c:16:20:
47:54:77:9f:c3:81:5b:1c:55:84:80:61:fe:ef:10:8e:80:6f:
da:92:c0:44:c7:d2:4e:c5:57:dc:8b:c6:d2:fa:38:55:9a:d4:
78:82:1e:36:7e:fe:3c:2b:41:53:8a:80:cd:c5:da:50:35:36:
d4:28:2d:f1:84:59:d6:c4:26:36:a2:07:2f:94:09:c3:73:5b:
e1:c7:97:b5:1b:ea:9a:36:1e:7f:7f:66:a5:2f:70:9d:20:ce:
bb:5e:f3:bd:ec:12:ea:df:ac:6e:ce:52:c5:79:a2:a8:65:46:
81:e7:25:4b:77:c9:eb:7e:cc:4d:e9:f3:be:82:ba:93:16:dc:
50:e4:41:98:fd:61:cd:34:48:4a:2f:84:61:27:0a:27:0c:20:
c7:d5:22:0c:a9:7b:b7:2f:2b:f7:d8:7a:4e:f7:90:b0:e8:7a:
e1:4d:72:07:23:72:f5:2a:d8:a8:99:d4:c6:65:49:11:5d:92:
fc:7f:1b:8c:70:b3:a2:19:96:64:74:d8:02:a0:59:03:88:b9:
4c:5c:7f:de:e0:16:92:91:c4:af:b6:6b:ec:96:86:7f:e5:e5:
f1:d7:5f:bc:2f:53:60:d3:21:77:cf:11:76:65:d9:32:1d:7b:
a8:0d:5c:c4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZahsPeKMAoXDl6qH+Y+Q6BCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTA1MTgyNDExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGMyOTQ1ZjdkZDJkMmJlNzJiNjQwMmQ0ZDQ4NzcyNDE2ODFiNjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssi8vO/YzD5P00HJ3GbBWOqfVeTr
VdLi+FwLhuCJ23fbQXxo86oV66V7kbL08lxXnYfrmv2q67xcVJSzF7Qzh6c36WxM
M1VK6frSkTmsoGXWWy4cF2B63SyPReV83MOApPaqSqPQUCImOid+czymqWDtCqRI
Cu+e/vQIF7sejU93ggaWLJ4vOeaHIJNSD83dZ9djGQIbiXYFVtRxyxzLjV/Ls4bB
Qa5IWCAmF3tsfVEJnQd16/HmTO5fbDmpWKnXCM4/3s0OmI+1z+KCMvIwIAYFawTW
qcSh7yAvnbkUoAL5Xz+4MkcFh204oA/p292elEsulGzBHI4sKCZU5IBjCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE3ClF990tK+crZALU1IdyQWgbZTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVGNLVVgzM1MwcjV5dGtBdFRVaDNKQmFCdGxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdV/AwQA
bbDBAwQA1CZRAwQA1dI+MA0GCSqGSIb3DQEBCwUAA4IBAQAKGIlk/5p71M1louxM
P+ucFiBHVHefw4FbHFWEgGH+7xCOgG/aksBEx9JOxVfci8bS+jhVmtR4gh42fv48
K0FTioDNxdpQNTbUKC3xhFnWxCY2ogcvlAnDc1vhx5e1G+qaNh5/f2alL3CdIM67
XvO97BLq36xuzlLFeaKoZUaB5yVLd8nrfsxN6fO+grqTFtxQ5EGY/WHNNEhKL4Rh
JwonDCDH1SIMqXu3Lyv32HpO95Cw6HrhTXIHI3L1KtiomdTGZUkRXZL8fxuMcLOi
GZZkdNgCoFkDiLlMXH/e4BaSkcSvtmvsloZ/5eXx11+8L1Ng0yF3zxF2ZdkyHXuo
DVzE
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:08:27 2025 by rpki-client