Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/TUrXWxQ34BDYUFjKpepfGt4alv0.roa
File: TUrXWxQ34BDYUFjKpepfGt4alv0.roa (raw, json)
Hash identifier: qD/kK+qg6UUM63I5IJca6kV53ocDnvZhh5RmrcdPnpw=
Subject key identifier: 4D:4A:D7:5B:14:37:E0:10:D8:50:58:CA:A5:EA:5F:1A:DE:1A:96:FD
Certificate issuer: /CN=58c57c079e795a796b47a7ed32f072b058a93a6e
Certificate serial: 019249E664545C902A068D65BF323CFBACAF
Authority key identifier: 58:C5:7C:07:9E:79:5A:79:6B:47:A7:ED:32:F0:72:B0:58:A9:3A:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/TUrXWxQ34BDYUFjKpepfGt4alv0.roa
Signing time: Tue 01 Oct 2024 21:04:48 +0000
ROA not before: Tue 01 Oct 2024 21:04:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50784
IP address blocks: 185.159.168.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:49:e6:64:54:5c:90:2a:06:8d:65:bf:32:3c:fb:ac:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58c57c079e795a796b47a7ed32f072b058a93a6e
Validity
Not Before: Oct 1 21:04:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d4ad75b1437e010d85058caa5ea5f1ade1a96fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:30:0d:51:a9:47:15:de:ac:ee:df:92:75:6b:
52:48:a1:e0:c5:0f:23:65:1f:0b:4c:82:23:6d:1d:
d0:8d:0b:9f:a1:a1:e0:c6:e9:0b:66:cf:37:56:6d:
fa:93:51:48:41:44:96:a3:07:18:79:ea:b1:da:d6:
a1:dc:2a:c9:31:25:5b:91:f8:8e:9e:04:56:94:d7:
4c:ad:4b:58:2b:b0:4a:53:f2:5d:af:11:4b:8c:06:
6c:df:23:1e:68:3a:8d:21:d6:1b:e0:d5:e4:c8:a7:
d7:9c:a6:16:29:60:1b:96:7a:d5:2a:0b:c3:9a:83:
01:ee:8b:b5:c6:66:06:50:e6:9f:b2:ea:2c:d1:93:
ef:23:f5:f5:f0:72:fd:1d:dc:c2:9c:f2:d8:ba:6f:
74:d4:33:22:17:f3:2b:d8:fa:48:b5:0d:7a:e3:de:
c0:a7:e7:c3:51:46:2d:4b:b6:3e:90:89:8f:ce:38:
eb:0c:91:81:29:80:3c:cb:e7:be:0e:a8:d6:60:4d:
62:7f:e8:60:cf:1e:61:92:ff:8d:c5:ff:32:64:75:
12:e9:98:1c:7c:ae:d1:4d:16:6a:b6:c8:34:19:7f:
23:5e:e5:75:9e:52:2f:9e:ea:8a:82:6d:61:2b:16:
fb:8c:91:df:95:92:38:d6:48:53:ac:67:dc:b5:21:
4c:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4A:D7:5B:14:37:E0:10:D8:50:58:CA:A5:EA:5F:1A:DE:1A:96:FD
X509v3 Authority Key Identifier:
keyid:58:C5:7C:07:9E:79:5A:79:6B:47:A7:ED:32:F0:72:B0:58:A9:3A:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WMV8B555WnlrR6ftMvBysFipOm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/TUrXWxQ34BDYUFjKpepfGt4alv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b35746-8e42-4d80-b76d-575292bc3941/1/WMV8B555WnlrR6ftMvBysFipOm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.159.168.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:76:c7:9d:0d:d9:38:1a:8f:f3:59:e1:c6:45:4a:8d:c3:01:
57:a7:61:61:e9:42:b3:91:07:83:92:09:aa:41:1f:33:75:dc:
9c:73:c9:8f:87:df:30:6d:95:ae:92:60:c8:54:f8:2b:ed:6e:
e0:08:45:22:83:36:39:27:f8:70:21:68:79:c6:59:2b:ec:df:
a4:79:5c:f4:5c:19:3b:f0:24:d4:d6:e3:24:d6:a1:a0:48:dc:
45:2f:62:cb:15:21:f1:f6:a1:c6:55:72:00:1a:96:63:ae:ea:
7e:a5:7e:a3:d1:e3:a1:a2:03:d3:f6:62:c1:6f:8d:4c:8e:21:
0a:43:4c:3e:c7:8f:ab:9b:a8:8f:69:99:22:68:68:68:c5:3f:
bb:dd:0c:1d:21:76:46:5e:42:b7:05:d7:6d:db:3d:31:0a:fa:
ff:bb:19:e7:43:c7:8c:e5:3d:d1:0e:b8:15:46:5f:cd:1e:84:
e6:9f:0d:78:1a:d5:0b:e8:ad:3a:02:df:de:5e:3a:83:93:66:
26:21:6a:41:49:e6:8f:2d:62:86:de:5d:e7:51:a8:c0:d6:27:
8f:7e:0f:61:3e:d1:f0:26:37:03:f1:4d:46:30:b0:44:cd:2f:
29:54:a0:09:f7:e0:1d:a6:6b:be:98:db:61:43:3c:b4:bd:b6:
d4:9a:fa:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJJ5mRUXJAqBo1lvzI8+6yvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YzU3YzA3OWU3OTVhNzk2YjQ3YTdlZDMyZjA3MmIwNThh
OTNhNmUwHhcNMjQxMDAxMjEwNDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRhZDc1YjE0MzdlMDEwZDg1MDU4Y2FhNWVhNWYxYWRlMWE5NmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDANUalHFd6s7t+SdWtSSKHgxQ8j
ZR8LTIIjbR3QjQufoaHgxukLZs83Vm36k1FIQUSWowcYeeqx2tah3CrJMSVbkfiO
ngRWlNdMrUtYK7BKU/JdrxFLjAZs3yMeaDqNIdYb4NXkyKfXnKYWKWAblnrVKgvD
moMB7ou1xmYGUOafsuos0ZPvI/X18HL9HdzCnPLYum901DMiF/Mr2PpItQ16497A
p+fDUUYtS7Y+kImPzjjrDJGBKYA8y+e+DqjWYE1if+hgzx5hkv+Nxf8yZHUS6Zgc
fK7RTRZqtsg0GX8jXuV1nlIvnuqKgm1hKxb7jJHflZI41khTrGfctSFMRwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1K11sUN+AQ2FBYyqXqXxreGpb9MB8GA1UdIwQY
MBaAFFjFfAeeeVp5a0en7TLwcrBYqTpuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV01WOEI1NTVXbmxyUjZmdE12QnlzRmlwT200LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iMzU3NDYtOGU0Mi00ZDgwLWI3NmQt
NTc1MjkyYmMzOTQxLzEvVFVyWFd4UTM0QkRZVUZqS3BlcGZHdDRhbHYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iMzU3NDYtOGU0Mi00ZDgwLWI3NmQtNTc1MjkyYmMzOTQx
LzEvV01WOEI1NTVXbmxyUjZmdE12QnlzRmlwT200LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuZ+oMA0G
CSqGSIb3DQEBCwUAA4IBAQBbdsedDdk4Go/zWeHGRUqNwwFXp2Fh6UKzkQeDkgmq
QR8zddycc8mPh98wbZWukmDIVPgr7W7gCEUigzY5J/hwIWh5xlkr7N+keVz0XBk7
8CTU1uMk1qGgSNxFL2LLFSHx9qHGVXIAGpZjrup+pX6j0eOhogPT9mLBb41MjiEK
Q0w+x4+rm6iPaZkiaGhoxT+73QwdIXZGXkK3Bddt2z0xCvr/uxnnQ8eM5T3RDrgV
Rl/NHoTmnw14GtUL6K06At/eXjqDk2YmIWpBSeaPLWKG3l3nUajA1iePfg9hPtHw
JjcD8U1GMLBEzS8pVKAJ9+Adpmu+mNthQzy0vbbUmvpZ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:35 2025 by rpki-client