Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/tUckTWwCii0oe4MX4orJfzAOb6Q.roa
File: tUckTWwCii0oe4MX4orJfzAOb6Q.roa (raw, json)
Hash identifier: //WcP1h0WQaQ8alXRU6jbqZcTGYLgBumm4TKW1pErTM=
Subject key identifier: B5:47:24:4D:6C:02:8A:2D:28:7B:83:17:E2:8A:C9:7F:30:0E:6F:A4
Certificate issuer: /CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Certificate serial: 018CC3491A9285F303BD1E499BE439B2FCD7
Authority key identifier: 5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/tUckTWwCii0oe4MX4orJfzAOb6Q.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3292
IP address blocks: 185.81.14.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1a:92:85:f3:03:bd:1e:49:9b:e4:39:b2:fc:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b547244d6c028a2d287b8317e28ac97f300e6fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4c:2f:85:00:ed:ef:21:33:4c:6d:81:9d:65:
81:eb:b6:11:16:35:86:0a:a1:f7:18:8b:66:44:d5:
b0:00:a5:ce:89:ca:ef:e5:71:e7:c4:b0:c2:ab:df:
b9:aa:27:6a:ae:13:bc:b9:11:ff:5b:49:5d:a7:2f:
57:4b:63:6c:38:e1:bb:bf:f5:7e:c2:11:7e:9f:70:
6b:20:1c:e0:7c:36:ce:ef:5e:18:7a:53:d6:d3:8a:
37:c9:96:9f:19:73:8e:92:a6:1d:8d:1f:df:5a:0f:
04:65:e0:31:2c:f4:43:89:b6:f7:f4:d2:32:00:48:
9b:68:6b:80:e2:9f:18:4b:e9:a9:af:e3:52:a2:ee:
20:1d:4f:8c:6a:14:63:01:9d:86:b8:4b:49:b6:9b:
2b:69:ae:8c:d0:6b:13:44:89:c7:cb:6f:63:29:f7:
83:00:12:38:aa:74:5d:b2:13:ea:6b:22:09:1d:46:
c5:ac:5e:7d:15:20:d2:43:b1:09:f6:69:ba:53:93:
d4:de:d7:bd:9f:40:44:24:65:4d:4f:fe:e1:7e:f2:
0d:b6:0f:28:27:47:ea:27:34:33:ce:a6:a6:51:d5:
26:57:04:cf:5a:c9:b0:e2:38:a7:67:16:9a:0e:86:
e3:3d:5f:2b:9c:fc:c7:c8:fe:20:30:d2:04:c7:22:
df:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:47:24:4D:6C:02:8A:2D:28:7B:83:17:E2:8A:C9:7F:30:0E:6F:A4
X509v3 Authority Key Identifier:
keyid:5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/tUckTWwCii0oe4MX4orJfzAOb6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/X5n94NY7EbXC3YFsD5PC6lg1AzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.14.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:bc:f3:5e:ab:92:03:e6:29:50:27:90:de:e2:ff:61:6f:8e:
67:3d:ae:69:8e:22:cd:f6:7c:21:ce:79:26:52:72:e9:0e:cf:
05:cb:6d:09:df:fb:9c:ed:6b:68:3a:8d:e3:47:f2:8c:1b:5d:
4f:d9:26:cd:ff:b5:14:f4:5f:98:de:4e:0b:f5:03:a2:51:2d:
5a:04:e8:94:5d:59:c8:2c:a9:f7:47:ea:0f:74:d7:00:d7:91:
03:18:9c:55:7f:97:0c:21:65:41:f7:fd:cc:f1:7c:04:d7:d9:
4d:a9:c6:2c:2b:9b:53:0b:4f:e9:d4:bd:70:84:ba:7b:4c:43:
15:e3:c4:d0:57:17:a0:41:fa:6f:95:75:8e:bc:52:e3:c6:a1:
04:46:f7:70:ee:f3:34:0e:1e:e9:3c:f6:c2:d2:63:04:72:e0:
db:ad:bd:fc:9b:57:8a:32:b7:70:9f:99:b4:24:83:8d:b2:49:
50:57:d0:ae:0e:91:15:10:f9:e4:c4:48:2b:d8:f4:9c:4b:04:
84:21:62:36:36:72:9e:3f:34:d4:b4:a6:4d:27:7d:81:3a:26:
dc:98:1f:56:a4:38:e0:37:e2:46:54:5d:0d:b3:5e:ce:b8:4c:
7c:30:6b:a3:63:b3:71:36:9d:78:c1:46:1c:c2:e9:5c:23:27:
9f:20:1f:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSRqShfMDvR5Jm+Q5svzXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTlmZGUwZDYzYjExYjVjMmRkODE2YzBmOTNjMmVhNTgz
NTAzMzYwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQ3MjQ0ZDZjMDI4YTJkMjg3YjgzMTdlMjhhYzk3ZjMwMGU2ZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnUwvhQDt7yEzTG2BnWWB67YRFjWG
CqH3GItmRNWwAKXOicrv5XHnxLDCq9+5qidqrhO8uRH/W0ldpy9XS2NsOOG7v/V+
whF+n3BrIBzgfDbO714YelPW04o3yZafGXOOkqYdjR/fWg8EZeAxLPRDibb39NIy
AEibaGuA4p8YS+mpr+NSou4gHU+MahRjAZ2GuEtJtpsraa6M0GsTRInHy29jKfeD
ABI4qnRdshPqayIJHUbFrF59FSDSQ7EJ9mm6U5PU3te9n0BEJGVNT/7hfvINtg8o
J0fqJzQzzqamUdUmVwTPWsmw4jinZxaaDobjPV8rnPzHyP4gMNIExyLfWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVHJE1sAootKHuDF+KKyX8wDm+kMB8GA1UdIwQY
MBaAFF+Z/eDWOxG1wt2BbA+TwupYNQM2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQt
NGM3N2Q2MDVhZmVjLzEvdFVja1RXd0NpaTBvZTRNWDRvckpmekFPYjZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQtNGM3N2Q2MDVhZmVj
LzEvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuVEOMA0G
CSqGSIb3DQEBCwUAA4IBAQBMvPNeq5ID5ilQJ5De4v9hb45nPa5pjiLN9nwhznkm
UnLpDs8Fy20J3/uc7WtoOo3jR/KMG11P2SbN/7UU9F+Y3k4L9QOiUS1aBOiUXVnI
LKn3R+oPdNcA15EDGJxVf5cMIWVB9/3M8XwE19lNqcYsK5tTC0/p1L1whLp7TEMV
48TQVxegQfpvlXWOvFLjxqEERvdw7vM0Dh7pPPbC0mMEcuDbrb38m1eKMrdwn5m0
JIONsklQV9CuDpEVEPnkxEgr2PScSwSEIWI2NnKePzTUtKZNJ32BOibcmB9WpDjg
N+JGVF0Ns17OuEx8MGujY7NxNp14wUYcwulcIyefIB9X
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:17:43 2025 by rpki-client