Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/TB4UfTCf7H_Y9lVELhmXyNABCsA.roa
File: TB4UfTCf7H_Y9lVELhmXyNABCsA.roa (raw, json)
Hash identifier: 8foFwLd4uRihHgzUd4tAC2shCIoei/vs4U5r/Xl8hz0=
Subject key identifier: 4C:1E:14:7D:30:9F:EC:7F:D8:F6:55:44:2E:19:97:C8:D0:01:0A:C0
Certificate issuer: /CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Certificate serial: 018CC870AB848E31C2908D0719153DAEB0AB
Authority key identifier: 6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/TB4UfTCf7H_Y9lVELhmXyNABCsA.roa
Signing time: Tue 02 Jan 2024 04:31:16 +0000
ROA not before: Tue 02 Jan 2024 04:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198455
IP address blocks: 95.128.24.0/21 maxlen: 24
2001:87f::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:ab:84:8e:31:c2:90:8d:07:19:15:3d:ae:b0:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddd8f1e38c91f5b17c3d1a7234e49c9c70dc324
Validity
Not Before: Jan 2 04:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c1e147d309fec7fd8f655442e1997c8d0010ac0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f8:c3:82:3b:08:85:31:34:32:bf:96:c5:0d:
e1:61:45:81:42:fb:27:11:e0:00:81:b0:d4:d7:83:
fb:1d:42:bc:2d:82:2e:de:c3:74:5c:a9:18:2d:5b:
52:9f:89:84:ac:68:0e:d3:75:5f:4c:f4:f3:ae:a9:
ea:34:ae:74:c4:64:6e:d0:0b:a4:e7:c4:28:20:ce:
86:74:6f:6a:c4:88:6d:bd:e9:7b:fc:5f:9e:e2:23:
62:52:10:8e:61:7d:c8:73:44:ab:6c:0e:3f:02:a6:
18:1e:f9:92:65:36:e0:18:25:42:f7:06:02:09:2b:
3e:6a:16:c1:8a:b3:7e:3c:1a:d9:c9:05:b0:7f:c3:
b6:3e:3d:68:d3:15:f9:0d:c6:35:c2:70:1d:0b:20:
99:7b:2a:d1:c0:05:9a:1c:db:a9:21:9a:af:91:10:
72:1d:a8:92:44:a5:3e:35:d7:62:e6:df:9f:2d:81:
c0:87:74:4b:27:fa:26:80:b3:47:8b:ea:dc:23:34:
7c:f3:e9:19:1e:b1:cd:85:75:cc:70:95:df:80:be:
e6:32:dd:14:73:8e:80:3c:c3:af:3c:92:40:6e:a4:
41:0a:27:f0:72:47:20:28:8f:ff:d7:51:6d:09:d9:
32:fb:10:0a:36:8c:5c:b9:ad:e8:05:f7:2d:96:e3:
fb:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:1E:14:7D:30:9F:EC:7F:D8:F6:55:44:2E:19:97:C8:D0:01:0A:C0
X509v3 Authority Key Identifier:
keyid:6D:DD:8F:1E:38:C9:1F:5B:17:C3:D1:A7:23:4E:49:C9:C7:0D:C3:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd2PHjjJH1sXw9GnI05JyccNwyQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/TB4UfTCf7H_Y9lVELhmXyNABCsA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/316c8f-5e36-471f-9555-f6297a77a37b/1/bd2PHjjJH1sXw9GnI05JyccNwyQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.24.0/21
IPv6:
2001:87f::/32
Signature Algorithm: sha256WithRSAEncryption
4d:68:2a:c9:88:fd:97:d6:2d:f5:c1:7e:86:3d:06:83:f4:ca:
97:e8:b9:51:3e:25:05:af:c4:9f:fb:4c:04:a8:98:c7:90:ee:
23:8b:64:56:c4:53:ef:76:d0:e6:db:13:2b:aa:ff:ae:c6:63:
06:3d:85:77:9e:2d:83:be:f2:b6:05:d7:96:9d:73:46:98:e0:
e9:b3:db:3c:1b:90:2f:36:0b:e1:f4:57:4f:1d:bc:f4:33:c0:
61:82:c8:94:5e:46:e2:60:3d:08:b3:1f:40:64:13:b2:a9:9a:
2e:c9:f6:13:df:84:e6:d3:9a:09:3e:6c:51:01:d6:42:91:05:
ac:ae:3a:b4:d6:2b:5d:69:96:09:dc:1d:1e:47:f4:0e:59:ab:
c7:11:88:1a:92:cf:12:82:c9:9e:53:58:65:59:59:38:02:9e:
d4:8e:42:8f:7b:ba:57:24:81:09:de:4c:76:4f:da:31:28:5e:
a9:c7:fc:a2:35:44:83:1f:35:44:e6:59:8f:cd:8a:de:1f:58:
47:d5:f4:65:d1:2a:58:e2:4c:39:7f:66:c0:22:17:73:4b:ed:
8c:88:22:ca:23:35:ea:f6:18:72:dc:45:c5:16:62:40:01:c6:
1c:af:13:42:22:66:a9:32:f6:0a:f3:ca:2d:10:8c:df:b6:8a:
0a:3c:70:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcKuEjjHCkI0HGRU9rrCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGQ4ZjFlMzhjOTFmNWIxN2MzZDFhNzIzNGU0OWM5Yzcw
ZGMzMjQwHhcNMjQwMTAyMDQzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzFlMTQ3ZDMwOWZlYzdmZDhmNjU1NDQyZTE5OTdjOGQwMDEwYWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPjDgjsIhTE0Mr+WxQ3hYUWBQvsn
EeAAgbDU14P7HUK8LYIu3sN0XKkYLVtSn4mErGgO03VfTPTzrqnqNK50xGRu0Auk
58QoIM6GdG9qxIhtvel7/F+e4iNiUhCOYX3Ic0SrbA4/AqYYHvmSZTbgGCVC9wYC
CSs+ahbBirN+PBrZyQWwf8O2Pj1o0xX5DcY1wnAdCyCZeyrRwAWaHNupIZqvkRBy
HaiSRKU+Nddi5t+fLYHAh3RLJ/omgLNHi+rcIzR88+kZHrHNhXXMcJXfgL7mMt0U
c46APMOvPJJAbqRBCifwckcgKI//11FtCdky+xAKNoxcua3oBfctluP7qQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEweFH0wn+x/2PZVRC4Zl8jQAQrAMB8GA1UdIwQY
MBaAFG3djx44yR9bF8PRpyNOScnHDcMkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUt
ZjYyOTdhNzdhMzdiLzEvVEI0VWZUQ2Y3SF9ZOWxWRUxobVh5TkFCQ3NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi8zMTZjOGYtNWUzNi00NzFmLTk1NTUtZjYyOTdhNzdhMzdi
LzEvYmQyUEhqakpIMXNYdzlHbkkwNUp5Y2NOd3lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDX4AYMA0E
AgACMAcDBQAgAQh/MA0GCSqGSIb3DQEBCwUAA4IBAQBNaCrJiP2X1i31wX6GPQaD
9MqX6LlRPiUFr8Sf+0wEqJjHkO4ji2RWxFPvdtDm2xMrqv+uxmMGPYV3ni2DvvK2
BdeWnXNGmODps9s8G5AvNgvh9FdPHbz0M8BhgsiUXkbiYD0Isx9AZBOyqZouyfYT
34Tm05oJPmxRAdZCkQWsrjq01itdaZYJ3B0eR/QOWavHEYgaks8SgsmeU1hlWVk4
Ap7UjkKPe7pXJIEJ3kx2T9oxKF6px/yiNUSDHzVE5lmPzYreH1hH1fRl0SpY4kw5
f2bAIhdzS+2MiCLKIzXq9hhy3EXFFmJAAcYcrxNCImapMvYK88otEIzftooKPHDw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:34:56 2025 by rpki-client