Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/Tw27mzhEEvReOrxdXtiDlgA6by0.roa
File: Tw27mzhEEvReOrxdXtiDlgA6by0.roa (raw, json)
Hash identifier: fR0x3qVeWNy2ofJ+5ltEV40y1sMw1yg8ufKkCHz0/C4=
Subject key identifier: 4F:0D:BB:9B:38:44:12:F4:5E:3A:BC:5D:5E:D8:83:96:00:3A:6F:2D
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 0191BBC6F056C4ABE85CBE0ECE2AFDCD90BC
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/Tw27mzhEEvReOrxdXtiDlgA6by0.roa
Signing time: Wed 04 Sep 2024 06:44:22 +0000
ROA not before: Wed 04 Sep 2024 06:44:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214790
IP address blocks: 5.181.201.0/24 maxlen: 24
185.36.140.0/23 maxlen: 24
185.225.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:c6:f0:56:c4:ab:e8:5c:be:0e:ce:2a:fd:cd:90:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Sep 4 06:44:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f0dbb9b384412f45e3abc5d5ed88396003a6f2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:12:14:57:d4:f5:00:14:ad:32:5e:a7:46:1c:
af:82:85:e3:90:b6:8f:15:18:dc:9d:7d:ec:18:30:
5c:39:b8:fb:ef:1a:e4:ea:e1:63:2d:fb:e0:68:11:
8c:bc:6b:70:ec:d6:a5:cf:0b:12:e8:48:20:45:de:
45:53:08:ab:16:47:78:45:07:2d:9a:5a:ae:e6:fe:
12:9d:10:d2:3e:ba:b8:23:e0:92:dd:a7:f8:c3:8a:
8c:4d:a7:92:63:03:18:82:cc:04:7a:be:de:56:b3:
02:9f:44:d0:13:d2:eb:01:df:3e:31:43:5e:95:65:
d5:23:e1:45:69:02:27:10:c7:12:9a:18:66:c0:9c:
4d:6e:e2:a0:f5:69:a5:23:b2:5e:eb:56:5c:c2:39:
ce:f4:b0:7f:4b:77:6f:9b:fa:0d:84:c3:51:91:14:
0d:33:75:8a:7b:49:f5:9c:5e:fe:a7:74:35:3a:c0:
8c:80:50:a9:a2:79:6e:71:a0:f7:58:b9:09:a5:c6:
4a:a4:4e:36:97:cf:e0:f0:6d:c7:24:98:5c:3f:fd:
30:d4:8d:30:50:b7:89:83:9a:c4:95:7e:6c:90:aa:
75:42:8e:28:a7:b7:27:e1:86:00:fd:40:81:05:0d:
76:be:3e:af:38:25:af:90:a1:22:07:92:7c:4d:72:
f1:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:0D:BB:9B:38:44:12:F4:5E:3A:BC:5D:5E:D8:83:96:00:3A:6F:2D
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/Tw27mzhEEvReOrxdXtiDlgA6by0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.201.0/24
185.36.140.0/23
185.225.205.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:85:1a:48:cd:5c:20:e9:bd:01:6a:d3:8d:72:f7:5a:8a:ad:
44:39:d1:3e:77:de:27:31:93:bd:0e:fe:26:72:e3:ad:0a:dc:
10:f9:40:14:9d:a1:29:fe:4f:c9:95:4e:dd:38:21:0f:47:27:
b7:81:09:6d:3c:49:df:ec:2c:bd:cb:07:a7:cc:45:2d:ac:8e:
cd:4d:8a:3a:dd:9a:17:9a:96:27:34:93:51:42:bf:56:ff:2a:
9d:f5:7b:99:68:76:a7:22:b8:a6:25:a2:e9:52:14:b2:99:ce:
0d:22:43:ca:03:56:00:7f:e7:a4:87:b6:40:e4:54:7b:4f:43:
d8:a0:56:4b:4f:3b:79:ed:ec:4c:c4:b2:75:54:99:63:56:c2:
e1:f1:8b:69:1d:01:df:67:71:56:0b:52:87:07:25:83:a1:d0:
a5:cf:1d:f8:f7:47:43:ff:6b:23:9d:ea:f3:0f:f8:0c:5c:f4:
69:b0:32:0f:3f:20:f4:55:7f:3e:c0:14:31:dc:4a:3f:c6:d3:
c1:ae:10:33:79:6f:84:74:0e:ac:2e:3c:42:87:9e:84:bc:36:
cf:a7:d1:6f:1a:c8:e5:6d:e1:d5:4e:14:43:78:a0:6c:ff:2d:
33:86:41:6e:1e:17:e6:ef:4a:26:3b:08:e1:02:7f:aa:65:7b:
ca:0b:85:b0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG7xvBWxKvoXL4Ozir9zZC8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjQwOTA0MDY0NDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjBkYmI5YjM4NDQxMmY0NWUzYWJjNWQ1ZWQ4ODM5NjAwM2E2ZjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhIUV9T1ABStMl6nRhyvgoXjkLaP
FRjcnX3sGDBcObj77xrk6uFjLfvgaBGMvGtw7NalzwsS6EggRd5FUwirFkd4RQct
mlqu5v4SnRDSPrq4I+CS3af4w4qMTaeSYwMYgswEer7eVrMCn0TQE9LrAd8+MUNe
lWXVI+FFaQInEMcSmhhmwJxNbuKg9WmlI7Je61ZcwjnO9LB/S3dvm/oNhMNRkRQN
M3WKe0n1nF7+p3Q1OsCMgFCponlucaD3WLkJpcZKpE42l8/g8G3HJJhcP/0w1I0w
ULeJg5rElX5skKp1Qo4op7cn4YYA/UCBBQ12vj6vOCWvkKEiB5J8TXLxPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE8Nu5s4RBL0Xjq8XV7Yg5YAOm8tMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvVHcyN216aEVFdlJlT3J4ZFh0aURsZ0E2YnkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABbXJAwQB
uSSMAwQAueHNMA0GCSqGSIb3DQEBCwUAA4IBAQALhRpIzVwg6b0BatONcvdaiq1E
OdE+d94nMZO9Dv4mcuOtCtwQ+UAUnaEp/k/JlU7dOCEPRye3gQltPEnf7Cy9ywen
zEUtrI7NTYo63ZoXmpYnNJNRQr9W/yqd9XuZaHanIrimJaLpUhSymc4NIkPKA1YA
f+ekh7ZA5FR7T0PYoFZLTzt57exMxLJ1VJljVsLh8YtpHQHfZ3FWC1KHByWDodCl
zx3490dD/2sjnerzD/gMXPRpsDIPPyD0VX8+wBQx3Eo/xtPBrhAzeW+EdA6sLjxC
h56EvDbPp9FvGsjlbeHVThRDeKBs/y0zhkFuHhfm70omOwjhAn+qZXvKC4Ww
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:38:59 2025 by rpki-client