Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/tLPsqXPyZTy3HLnWkqJM0Cydc9E.roa
File: tLPsqXPyZTy3HLnWkqJM0Cydc9E.roa (raw, json)
Hash identifier: ovpgDhBDikxLCaZBA/ONLkOKIJ4DcI/ptS9C/p/PwqE=
Subject key identifier: B4:B3:EC:A9:73:F2:65:3C:B7:1C:B9:D6:92:A2:4C:D0:2C:9D:73:D1
Certificate issuer: /CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Certificate serial: 018CC725B02D5AE84F1B163BB31E6F5364C2
Authority key identifier: E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/tLPsqXPyZTy3HLnWkqJM0Cydc9E.roa
Signing time: Mon 01 Jan 2024 22:29:45 +0000
ROA not before: Mon 01 Jan 2024 22:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30081
IP address blocks: 195.191.102.0/24 maxlen: 24
195.191.102.0/23 maxlen: 24
195.191.103.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:b0:2d:5a:e8:4f:1b:16:3b:b3:1e:6f:53:64:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8b3eed1c7aca636d6245852b802e0e73754df63
Validity
Not Before: Jan 1 22:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4b3eca973f2653cb71cb9d692a24cd02c9d73d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:f0:32:9e:a1:fe:f6:94:be:0e:20:cf:98:
9e:ad:c3:76:4d:62:28:2e:57:77:43:b1:23:95:85:
cc:c5:07:84:88:4b:88:e1:48:ba:42:2d:2d:64:25:
9b:48:6d:b8:28:86:40:a3:6c:a2:e1:36:07:df:54:
bf:fc:7a:82:a8:82:f5:df:06:38:4f:9f:ea:a1:c4:
5d:8e:7e:9a:a3:e4:3b:da:48:d6:39:26:1b:4e:50:
39:c9:87:07:01:4d:df:13:46:f7:3e:83:2c:fe:4b:
dc:a1:56:30:eb:48:36:c4:4c:fb:4a:39:bb:d7:ea:
6f:e5:18:75:8a:dc:a3:2e:e6:70:64:55:56:23:e7:
f7:60:63:67:2b:9c:a0:bd:3d:0b:0e:82:d2:91:38:
64:35:04:1f:8b:5a:0a:f3:03:4b:f3:b0:4e:bc:d4:
09:a1:bd:ef:cf:27:b7:e9:df:8e:6e:00:0e:e8:e2:
ec:f7:65:87:9a:84:93:c9:3b:64:db:02:9d:7b:8a:
5f:76:f3:52:c9:97:78:58:b5:5f:a3:65:68:b7:69:
ed:f3:05:8a:04:33:12:f5:9b:80:cd:0c:4c:5d:80:
cd:81:e7:3a:54:0d:1f:a5:ed:cb:14:40:6b:e2:5c:
1f:ea:3c:14:f9:86:19:ff:8d:8e:3c:c4:99:07:33:
78:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B3:EC:A9:73:F2:65:3C:B7:1C:B9:D6:92:A2:4C:D0:2C:9D:73:D1
X509v3 Authority Key Identifier:
keyid:E8:B3:EE:D1:C7:AC:A6:36:D6:24:58:52:B8:02:E0:E7:37:54:DF:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6LPu0cespjbWJFhSuALg5zdU32M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/tLPsqXPyZTy3HLnWkqJM0Cydc9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/177329-28cd-4864-9e16-946404ec1aa4/1/6LPu0cespjbWJFhSuALg5zdU32M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.102.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:1e:11:c1:5f:2c:36:77:e0:e6:d2:e0:34:b4:5a:28:07:5d:
ce:70:89:b3:bc:ff:86:29:32:83:26:57:0e:f4:a3:9d:84:45:
1b:72:ec:72:36:b8:ec:41:6c:6d:26:e4:c1:53:61:7a:38:51:
ca:c8:5f:30:a1:f9:df:81:c0:0a:ce:e8:72:8b:4d:c4:23:43:
6c:e5:da:94:ee:de:79:fb:0a:47:24:24:68:74:d1:84:30:e0:
9a:2b:7a:51:8d:10:2e:57:f8:56:1e:4d:3a:fd:e4:36:4a:28:
49:e6:02:18:35:eb:69:cd:4d:df:db:f3:86:ed:c2:57:47:1e:
43:57:51:98:e3:cb:6e:c7:4c:2e:5a:1a:5a:1b:79:a3:ab:61:
d5:b5:9f:7f:c9:61:85:bb:e3:d2:73:26:d0:b0:bd:bc:95:ed:
a4:97:5a:a6:4e:b4:73:79:2d:0a:4b:0c:03:5f:5d:84:15:61:
fa:14:65:5f:48:3d:de:fc:a7:11:5d:2e:99:b7:57:0c:1a:06:
34:89:f4:28:44:b1:b0:4f:62:52:ff:e0:47:02:ee:fe:3c:d0:
87:82:e2:b9:5d:92:2b:e6:6d:29:73:e4:68:57:72:76:c2:ca:
c9:65:ec:d3:35:ba:81:01:62:d0:3d:ca:af:52:d4:a9:10:24:
3f:11:ca:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJbAtWuhPGxY7sx5vU2TCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YjNlZWQxYzdhY2E2MzZkNjI0NTg1MmI4MDJlMGU3Mzc1
NGRmNjMwHhcNMjQwMTAxMjIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGIzZWNhOTczZjI2NTNjYjcxY2I5ZDY5MmEyNGNkMDJjOWQ3M2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodDwMp6h/vaUvg4gz5iercN2TWIo
Lld3Q7EjlYXMxQeEiEuI4Ui6Qi0tZCWbSG24KIZAo2yi4TYH31S//HqCqIL13wY4
T5/qocRdjn6ao+Q72kjWOSYbTlA5yYcHAU3fE0b3PoMs/kvcoVYw60g2xEz7Sjm7
1+pv5Rh1ityjLuZwZFVWI+f3YGNnK5ygvT0LDoLSkThkNQQfi1oK8wNL87BOvNQJ
ob3vzye36d+ObgAO6OLs92WHmoSTyTtk2wKde4pfdvNSyZd4WLVfo2Vot2nt8wWK
BDMS9ZuAzQxMXYDNgec6VA0fpe3LFEBr4lwf6jwU+YYZ/42OPMSZBzN4twIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLSz7Klz8mU8txy51pKiTNAsnXPRMB8GA1UdIwQY
MBaAFOiz7tHHrKY21iRYUrgC4Oc3VN9jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYt
OTQ2NDA0ZWMxYWE0LzEvdExQc3FYUHlaVHkzSExuV2txSk0wQ3lkYzlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi8xNzczMjktMjhjZC00ODY0LTllMTYtOTQ2NDA0ZWMxYWE0
LzEvNkxQdTBjZXNwamJXSkZoU3VBTGc1emRVMzJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBw79mMA0G
CSqGSIb3DQEBCwUAA4IBAQCpHhHBXyw2d+Dm0uA0tFooB13OcImzvP+GKTKDJlcO
9KOdhEUbcuxyNrjsQWxtJuTBU2F6OFHKyF8wofnfgcAKzuhyi03EI0Ns5dqU7t55
+wpHJCRodNGEMOCaK3pRjRAuV/hWHk06/eQ2SihJ5gIYNetpzU3f2/OG7cJXRx5D
V1GY48tux0wuWhpaG3mjq2HVtZ9/yWGFu+PScybQsL28le2kl1qmTrRzeS0KSwwD
X12EFWH6FGVfSD3e/KcRXS6Zt1cMGgY0ifQoRLGwT2JS/+BHAu7+PNCHguK5XZIr
5m0pc+RoV3J2wsrJZezTNbqBAWLQPcqvUtSpECQ/Ecqw
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:27:03 2025 by rpki-client