Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/TxZxAi3Th8aIVsc131NgMiM2OxI.roa
File: TxZxAi3Th8aIVsc131NgMiM2OxI.roa (raw, json)
Hash identifier: he2rDYnylpC7gDQK+sOwd3GC1bAuVliB9HqsHYpuf7E=
Subject key identifier: 4F:16:71:02:2D:D3:87:C6:88:56:C7:35:DF:53:60:32:23:36:3B:12
Certificate issuer: /CN=af734108705a95796e8577125dd300c751dfd9a8
Certificate serial: 018EA4BCDEBB12B9B8262C50EF0A2F56F2EF
Authority key identifier: AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/TxZxAi3Th8aIVsc131NgMiM2OxI.roa
Signing time: Wed 03 Apr 2024 16:13:44 +0000
ROA not before: Wed 03 Apr 2024 16:13:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34871
IP address blocks: 185.240.148.0/22 maxlen: 22
185.240.148.0/23 maxlen: 23
185.240.148.0/24 maxlen: 24
185.240.150.0/24 maxlen: 24
185.240.151.0/24 maxlen: 24
195.238.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Jun 2024 19:24:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a4:bc:de:bb:12:b9:b8:26:2c:50:ef:0a:2f:56:f2:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af734108705a95796e8577125dd300c751dfd9a8
Validity
Not Before: Apr 3 16:13:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f1671022dd387c68856c735df53603223363b12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:7b:a0:e1:48:88:4f:34:e1:0e:e5:64:63:ba:
87:64:75:80:6d:41:17:18:f6:75:59:70:fa:42:f1:
32:39:4f:38:0e:d2:73:e4:48:c3:a4:d3:20:63:de:
76:3f:67:d2:e1:e5:88:ac:ba:3c:f5:44:87:35:8a:
56:6f:ca:71:d6:0c:db:43:6e:13:7a:aa:53:3a:c5:
1e:c8:54:5a:a9:3f:67:f5:f6:93:aa:88:7a:7b:90:
6a:f7:31:f9:08:6d:ac:ef:af:24:3a:c9:d8:8f:97:
f6:94:11:de:64:1d:c8:31:6d:04:1c:80:a9:ea:cb:
9d:e8:82:f5:4e:61:06:31:e2:3b:1b:65:5d:ca:a9:
a8:cd:89:cf:15:72:89:3c:33:03:5c:19:6d:ca:27:
34:65:14:7f:60:bd:01:0d:b4:c4:4a:26:57:cc:6c:
f2:54:6d:ed:ab:bd:95:c5:59:6b:2c:40:d3:d5:d5:
b1:d6:28:5a:0a:92:28:af:19:7d:0b:7c:8f:3d:2f:
5c:ee:46:cf:b9:6c:de:5b:8b:80:41:1e:0a:74:62:
57:92:bc:31:be:14:48:c1:e3:b5:fe:c1:93:dc:f6:
6c:95:d7:f4:a4:aa:5a:5f:48:a5:df:e2:77:1b:44:
0c:23:4a:c6:01:a3:c2:5f:55:75:4a:51:6f:2b:6b:
ed:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:16:71:02:2D:D3:87:C6:88:56:C7:35:DF:53:60:32:23:36:3B:12
X509v3 Authority Key Identifier:
keyid:AF:73:41:08:70:5A:95:79:6E:85:77:12:5D:D3:00:C7:51:DF:D9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r3NBCHBalXluhXcSXdMAx1Hf2ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/TxZxAi3Th8aIVsc131NgMiM2OxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/c93a66-c7c7-4c33-a725-18d1a406aaed/1/r3NBCHBalXluhXcSXdMAx1Hf2ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.148.0/22
195.238.240.0/24
Signature Algorithm: sha256WithRSAEncryption
75:91:b7:34:c4:9d:c0:94:51:33:4b:f1:70:9c:92:06:40:61:
2a:1e:c4:3c:2a:9d:d2:93:f5:e9:29:2e:3f:76:a6:f3:90:e3:
0b:1d:00:6b:6e:36:f0:ac:35:e2:37:77:15:5c:74:b3:92:03:
45:13:51:41:4a:fe:ef:e6:6f:95:ba:a0:28:c5:4e:dc:aa:77:
66:b4:f1:25:5b:ca:86:f3:60:87:3e:e4:bf:09:a3:44:fb:b1:
ee:0f:d9:52:f4:8f:8d:22:4f:6e:8b:1c:42:10:b4:19:b3:24:
39:52:8b:11:33:03:d8:a5:a9:47:a9:87:e0:f2:5a:c6:c1:f5:
e0:99:af:b8:82:f6:ca:65:3d:a8:9c:de:1c:d6:8e:37:86:0f:
ae:2a:6b:61:16:f0:bb:6c:8b:2b:a4:d7:b9:c2:c6:f7:68:b9:
46:f9:92:d3:d7:9b:d9:0f:57:c3:25:b9:90:77:e8:3b:88:96:
de:bd:91:3d:43:eb:b2:69:57:db:8c:7f:88:d0:8a:ed:a1:0f:
4d:60:c3:b7:d6:f5:c0:f0:69:ba:c3:05:c1:ee:6d:2d:fc:b6:
74:46:3d:e4:f0:e8:e2:fa:5a:fe:d5:cc:37:36:38:1b:4a:08:
f3:c1:80:68:b8:47:1b:f4:3e:93:bc:10:ee:a6:58:a5:45:fa:
ff:9f:a2:21
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6kvN67Erm4JixQ7wovVvLvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNzM0MTA4NzA1YTk1Nzk2ZTg1NzcxMjVkZDMwMGM3NTFk
ZmQ5YTgwHhcNMjQwNDAzMTYxMzQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjE2NzEwMjJkZDM4N2M2ODg1NmM3MzVkZjUzNjAzMjIzMzYzYjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Hug4UiITzThDuVkY7qHZHWAbUEX
GPZ1WXD6QvEyOU84DtJz5EjDpNMgY952P2fS4eWIrLo89USHNYpWb8px1gzbQ24T
eqpTOsUeyFRaqT9n9faTqoh6e5Bq9zH5CG2s768kOsnYj5f2lBHeZB3IMW0EHICp
6sud6IL1TmEGMeI7G2VdyqmozYnPFXKJPDMDXBltyic0ZRR/YL0BDbTESiZXzGzy
VG3tq72VxVlrLEDT1dWx1ihaCpIorxl9C3yPPS9c7kbPuWzeW4uAQR4KdGJXkrwx
vhRIweO1/sGT3PZsldf0pKpaX0il3+J3G0QMI0rGAaPCX1V1SlFvK2vtlwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8WcQIt04fGiFbHNd9TYDIjNjsSMB8GA1UdIwQY
MBaAFK9zQQhwWpV5boV3El3TAMdR39moMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUt
MThkMWE0MDZhYWVkLzEvVHhaeEFpM1RoOGFJVnNjMTMxTmdNaU0yT3hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9jOTNhNjYtYzdjNy00YzMzLWE3MjUtMThkMWE0MDZhYWVk
LzEvcjNOQkNIQmFsWGx1aFhjU1hkTUF4MUhmMmFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCufCUAwQA
w+7wMA0GCSqGSIb3DQEBCwUAA4IBAQB1kbc0xJ3AlFEzS/FwnJIGQGEqHsQ8Kp3S
k/XpKS4/dqbzkOMLHQBrbjbwrDXiN3cVXHSzkgNFE1FBSv7v5m+VuqAoxU7cqndm
tPElW8qG82CHPuS/CaNE+7HuD9lS9I+NIk9uixxCELQZsyQ5UosRMwPYpalHqYfg
8lrGwfXgma+4gvbKZT2onN4c1o43hg+uKmthFvC7bIsrpNe5wsb3aLlG+ZLT15vZ
D1fDJbmQd+g7iJbevZE9Q+uyaVfbjH+I0IrtoQ9NYMO31vXA8Gm6wwXB7m0t/LZ0
Rj3k8Oji+lr+1cw3NjgbSgjzwYBouEcb9D6TvBDuplilRfr/n6Ih
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:52:52 2025 by rpki-client