Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/ca6f69-6fec-4753-ad77-eb6f9df045b2/1/Ts1ZnCnTxmIQvDOWZqqOpYAFpNE.roa
File: Ts1ZnCnTxmIQvDOWZqqOpYAFpNE.roa (raw, json)
Hash identifier: xVP+DY8S5HRSFKAh70uRJPz43pGWMkd3p6MImGeuNLE=
Subject key identifier: 4E:CD:59:9C:29:D3:C6:62:10:BC:33:96:66:AA:8E:A5:80:05:A4:D1
Certificate issuer: /CN=75a5a9e8ef27e3027293ef84fb8f8d30fab6e6d6
Certificate serial: 018CC349619C68D1B17249EDBEFCCCCB7D1B
Authority key identifier: 75:A5:A9:E8:EF:27:E3:02:72:93:EF:84:FB:8F:8D:30:FA:B6:E6:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/daWp6O8n4wJyk--E-4-NMPq25tY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/ca6f69-6fec-4753-ad77-eb6f9df045b2/1/Ts1ZnCnTxmIQvDOWZqqOpYAFpNE.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64426
IP address blocks: 109.206.232.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:61:9c:68:d1:b1:72:49:ed:be:fc:cc:cb:7d:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75a5a9e8ef27e3027293ef84fb8f8d30fab6e6d6
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ecd599c29d3c66210bc339666aa8ea58005a4d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f1:a5:f4:59:b7:2f:54:a7:93:50:9a:81:7a:
27:f8:19:fd:1a:be:8f:5d:c3:2c:86:1c:cc:e9:d7:
2c:d2:93:ac:7c:dc:30:bf:11:c8:bb:e0:cd:b7:65:
ef:00:d4:14:f2:9b:ec:fd:5e:e4:4d:15:d1:3a:5b:
01:f8:24:d3:37:62:5f:89:ea:de:b7:d2:9c:49:06:
75:19:25:ca:3a:60:7b:cd:c6:a6:07:7a:9d:79:e5:
74:de:c3:07:c5:fc:3c:79:68:5d:bd:e2:5f:c3:48:
f0:66:57:91:ee:df:43:70:ed:f0:80:a6:76:32:b8:
56:21:42:67:44:b3:75:db:44:ed:3a:02:6f:8f:72:
ea:fe:83:9b:26:53:fd:c5:60:e9:b7:67:f6:21:6c:
13:6f:b5:bc:7e:85:53:c4:ad:44:5c:68:d2:26:24:
4a:e1:1f:76:f8:2b:80:64:93:8d:82:61:5f:0c:06:
b8:c3:1d:92:14:df:fd:6d:15:8c:af:d5:05:79:ff:
bd:0e:9e:e8:e0:23:ea:69:6b:df:47:9a:d3:a8:3e:
5a:b9:c0:2e:6f:ee:85:83:e8:57:f4:91:3d:31:12:
ce:9f:3f:d0:75:af:10:25:ae:9a:18:38:82:8a:ff:
8c:35:cd:1b:a7:0f:40:5d:0b:27:d0:4d:26:5b:1a:
bd:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:CD:59:9C:29:D3:C6:62:10:BC:33:96:66:AA:8E:A5:80:05:A4:D1
X509v3 Authority Key Identifier:
keyid:75:A5:A9:E8:EF:27:E3:02:72:93:EF:84:FB:8F:8D:30:FA:B6:E6:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/daWp6O8n4wJyk--E-4-NMPq25tY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ca6f69-6fec-4753-ad77-eb6f9df045b2/1/Ts1ZnCnTxmIQvDOWZqqOpYAFpNE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/ca6f69-6fec-4753-ad77-eb6f9df045b2/1/daWp6O8n4wJyk--E-4-NMPq25tY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.206.232.0/22
Signature Algorithm: sha256WithRSAEncryption
ad:8d:11:96:8b:ef:f0:9e:c2:20:07:18:aa:fb:2f:34:37:27:
46:a5:97:1c:70:2f:20:b0:09:fa:bf:e4:91:f3:c0:b0:52:a7:
11:8a:6f:7e:bc:f7:67:4e:e4:ae:ca:df:84:87:f5:0d:17:1b:
85:0e:6f:60:be:c5:2d:31:98:0d:ec:8d:74:70:19:14:ff:3f:
36:2e:33:23:2f:78:8c:aa:7f:92:00:46:cc:fc:8a:e9:01:01:
6e:da:53:a2:4c:bd:1c:30:c5:f4:4d:5a:77:0b:4d:ec:3e:ee:
50:7f:b8:03:8c:79:ce:24:e8:14:7b:76:29:77:21:65:f6:52:
cd:45:fc:44:a7:88:15:7f:c9:40:70:73:15:f9:33:d8:73:86:
7f:00:f5:34:82:13:97:2b:17:74:7d:ec:a1:9e:f5:b6:44:52:
06:14:58:34:03:67:77:52:0e:56:c6:a9:6c:c2:bb:a4:cd:84:
8e:6c:2a:60:f5:58:c7:64:b2:5c:72:1c:18:c7:7c:54:f7:6c:
69:7d:4b:87:5d:97:40:03:a0:5f:de:e5:ae:b2:9c:c5:d2:8c:
25:66:16:57:41:0a:84:d7:8f:ad:52:b9:fb:0a:44:c5:54:c9:
65:62:11:19:ac:c3:a4:09:25:29:07:85:39:9a:7c:a1:96:a0:
52:d2:d0:e2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWGcaNGxckntvvzMy30bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YTVhOWU4ZWYyN2UzMDI3MjkzZWY4NGZiOGY4ZDMwZmFi
NmU2ZDYwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWNkNTk5YzI5ZDNjNjYyMTBiYzMzOTY2NmFhOGVhNTgwMDVhNGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1vGl9Fm3L1Snk1CagXon+Bn9Gr6P
XcMshhzM6dcs0pOsfNwwvxHIu+DNt2XvANQU8pvs/V7kTRXROlsB+CTTN2Jfiere
t9KcSQZ1GSXKOmB7zcamB3qdeeV03sMHxfw8eWhdveJfw0jwZleR7t9DcO3wgKZ2
MrhWIUJnRLN120TtOgJvj3Lq/oObJlP9xWDpt2f2IWwTb7W8foVTxK1EXGjSJiRK
4R92+CuAZJONgmFfDAa4wx2SFN/9bRWMr9UFef+9Dp7o4CPqaWvfR5rTqD5aucAu
b+6Fg+hX9JE9MRLOnz/Qda8QJa6aGDiCiv+MNc0bpw9AXQsn0E0mWxq92QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE7NWZwp08ZiELwzlmaqjqWABaTRMB8GA1UdIwQY
MBaAFHWlqejvJ+MCcpPvhPuPjTD6tubWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGFXcDZPOG40d0p5ay0tRS00LU5NUHEyNXRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9jYTZmNjktNmZlYy00NzUzLWFkNzct
ZWI2ZjlkZjA0NWIyLzEvVHMxWm5DblR4bUlRdkRPV1pxcU9wWUFGcE5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9jYTZmNjktNmZlYy00NzUzLWFkNzctZWI2ZjlkZjA0NWIy
LzEvZGFXcDZPOG40d0p5ay0tRS00LU5NUHEyNXRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbc7oMA0G
CSqGSIb3DQEBCwUAA4IBAQCtjRGWi+/wnsIgBxiq+y80NydGpZcccC8gsAn6v+SR
88CwUqcRim9+vPdnTuSuyt+Eh/UNFxuFDm9gvsUtMZgN7I10cBkU/z82LjMjL3iM
qn+SAEbM/IrpAQFu2lOiTL0cMMX0TVp3C03sPu5Qf7gDjHnOJOgUe3YpdyFl9lLN
RfxEp4gVf8lAcHMV+TPYc4Z/APU0ghOXKxd0feyhnvW2RFIGFFg0A2d3Ug5Wxqls
wrukzYSObCpg9VjHZLJcchwYx3xU92xpfUuHXZdAA6Bf3uWuspzF0owlZhZXQQqE
14+tUrn7CkTFVMllYhEZrMOkCSUpB4U5mnyhlqBS0tDi
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:48:59 2025 by rpki-client