Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/Tr0fEvD-SZjwmadl7WNmHZVvXdk.roa
File: Tr0fEvD-SZjwmadl7WNmHZVvXdk.roa (raw, json)
Hash identifier: RbQixsRATU9iRz8R+eNuO6D7Lm7K1r5cys7mBwJoRys=
Subject key identifier: 4E:BD:1F:12:F0:FE:49:98:F0:99:A7:65:ED:63:66:1D:95:6F:5D:D9
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 019289C7E65117C770D209094C52A9101A44
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/Tr0fEvD-SZjwmadl7WNmHZVvXdk.roa
Signing time: Mon 14 Oct 2024 06:47:12 +0000
ROA not before: Mon 14 Oct 2024 06:47:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 194.104.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 13:34:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:89:c7:e6:51:17:c7:70:d2:09:09:4c:52:a9:10:1a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Oct 14 06:47:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ebd1f12f0fe4998f099a765ed63661d956f5dd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ff:95:65:46:43:b1:d4:b0:9c:82:be:eb:e9:
04:df:0c:bb:e9:2f:f5:5c:1a:de:1f:5d:c5:6b:35:
5b:6c:52:5e:a0:84:6d:38:d7:5b:cd:18:bd:0a:94:
85:80:82:87:01:7f:a7:73:1d:b1:d6:2c:14:d3:3f:
7a:3d:22:76:41:e7:b5:94:79:97:7a:eb:19:00:90:
29:88:09:6f:31:2f:d1:65:33:8f:c5:e0:e5:67:66:
86:bf:64:8e:40:26:09:48:de:0d:4a:50:af:99:28:
f0:4c:a5:78:e9:c4:44:13:2b:6f:97:7a:d0:64:08:
f6:1a:0a:fc:5e:c7:25:ca:fa:3f:8e:12:ce:d5:16:
f6:07:3e:a3:b9:e7:0f:97:47:c8:a3:67:5c:c9:07:
c3:56:8e:8f:22:a1:ad:7b:76:d0:b9:ba:0e:61:a8:
cb:4b:ea:f7:af:e7:df:7b:22:7e:1b:b4:fd:47:10:
53:c0:17:33:db:84:9a:5f:9a:b5:bd:b7:c1:e9:73:
6b:b2:e4:0c:b2:36:03:32:5f:3e:ab:22:6b:ed:65:
c0:2d:20:ca:ba:13:b7:09:f7:cd:72:be:bf:34:95:
19:b5:0d:d6:bf:1c:56:b3:f5:30:4e:55:d1:6e:80:
97:d4:9e:81:7f:1b:b9:63:ad:a2:12:1a:cc:cd:0f:
1c:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:BD:1F:12:F0:FE:49:98:F0:99:A7:65:ED:63:66:1D:95:6F:5D:D9
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/Tr0fEvD-SZjwmadl7WNmHZVvXdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
92:cb:e8:31:89:83:ce:59:a6:8f:95:d6:da:ca:b8:c7:7f:d4:
d1:3a:14:b5:25:67:07:c3:c7:06:39:ba:02:3f:53:b5:67:6b:
67:76:e5:a0:a4:2a:aa:bf:12:d1:d5:97:14:c8:f6:fa:03:56:
1b:7e:3d:2f:2b:2b:df:7a:9d:3d:d6:ef:2d:64:b5:9d:95:93:
66:1e:46:b9:34:b6:53:50:80:66:b7:c4:4f:6d:6c:aa:ad:c7:
d6:48:10:b0:6a:cb:f1:67:1d:0f:3e:1a:b5:b8:1c:98:16:9f:
84:c5:92:05:ed:e9:02:b4:92:8a:85:42:2a:de:9e:56:d0:1b:
a0:60:0a:18:03:ad:db:5f:d3:95:07:49:46:a1:60:97:cf:ff:
ca:16:17:6a:2b:2b:a3:76:50:81:a6:b4:c6:f6:ef:72:d7:9f:
8e:6e:29:a9:5e:db:ae:76:66:d3:38:69:02:34:be:43:d8:d1:
5d:c8:6d:08:d9:46:5f:da:ed:aa:f2:de:93:87:c1:7d:48:71:
c2:09:ad:f4:cf:c6:6c:08:11:48:b9:3f:f1:d8:1e:79:b3:b7:
8e:11:77:63:db:71:11:14:33:ec:0a:53:36:1f:f8:ad:54:30:
14:61:ed:5a:c4:98:cf:ff:77:21:c3:a3:19:73:81:d5:64:f4:
0e:1d:e7:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKJx+ZRF8dw0gkJTFKpEBpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjQxMDE0MDY0NzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWJkMWYxMmYwZmU0OTk4ZjA5OWE3NjVlZDYzNjYxZDk1NmY1ZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv+VZUZDsdSwnIK+6+kE3wy76S/1
XBreH13FazVbbFJeoIRtONdbzRi9CpSFgIKHAX+ncx2x1iwU0z96PSJ2Qee1lHmX
eusZAJApiAlvMS/RZTOPxeDlZ2aGv2SOQCYJSN4NSlCvmSjwTKV46cREEytvl3rQ
ZAj2Ggr8Xsclyvo/jhLO1Rb2Bz6juecPl0fIo2dcyQfDVo6PIqGte3bQuboOYajL
S+r3r+ffeyJ+G7T9RxBTwBcz24SaX5q1vbfB6XNrsuQMsjYDMl8+qyJr7WXALSDK
uhO3CffNcr6/NJUZtQ3WvxxWs/UwTlXRboCX1J6Bfxu5Y62iEhrMzQ8cSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE69HxLw/kmY8JmnZe1jZh2Vb13ZMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvVHIwZkV2RC1TWmp3bWFkbDdXTm1IWlZ2WGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiKMA0G
CSqGSIb3DQEBCwUAA4IBAQCSy+gxiYPOWaaPldbayrjHf9TROhS1JWcHw8cGOboC
P1O1Z2tnduWgpCqqvxLR1ZcUyPb6A1Ybfj0vKyvfep091u8tZLWdlZNmHka5NLZT
UIBmt8RPbWyqrcfWSBCwasvxZx0PPhq1uByYFp+ExZIF7ekCtJKKhUIq3p5W0Bug
YAoYA63bX9OVB0lGoWCXz//KFhdqKyujdlCBprTG9u9y15+ObimpXtuudmbTOGkC
NL5D2NFdyG0I2UZf2u2q8t6Th8F9SHHCCa30z8ZsCBFIuT/x2B55s7eOEXdj23ER
FDPsClM2H/itVDAUYe1axJjP/3chw6MZc4HVZPQOHedS
-----END CERTIFICATE-----
Generated at Sun Apr 13 10:17:53 2025 by rpki-client