Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/TVLgY37kalfdZZ1_smWbP0OKNXs.roa
File: TVLgY37kalfdZZ1_smWbP0OKNXs.roa (raw, json)
Hash identifier: XZqnZT0yOZq/F3hwZNP4qTkt+AKbrtT3fQzG1qaiPK8=
Subject key identifier: 4D:52:E0:63:7E:E4:6A:57:DD:65:9D:7F:B2:65:9B:3F:43:8A:35:7B
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01942068681C77DE4738020B1FAC632582B0
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/TVLgY37kalfdZZ1_smWbP0OKNXs.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36454
IP address blocks: 65.181.112.0/24 maxlen: 24
65.181.113.0/24 maxlen: 24
65.181.116.0/24 maxlen: 24
65.181.123.0/24 maxlen: 24
65.181.124.0/24 maxlen: 24
65.181.125.0/24 maxlen: 24
162.208.8.0/24 maxlen: 24
162.208.9.0/24 maxlen: 24
162.208.10.0/24 maxlen: 24
162.208.11.0/24 maxlen: 24
192.243.96.0/24 maxlen: 24
192.243.97.0/24 maxlen: 24
192.243.98.0/24 maxlen: 24
192.243.99.0/24 maxlen: 24
192.243.100.0/24 maxlen: 24
192.243.101.0/24 maxlen: 24
192.243.102.0/24 maxlen: 24
192.243.103.0/24 maxlen: 24
192.243.104.0/24 maxlen: 24
192.243.105.0/24 maxlen: 24
192.243.106.0/24 maxlen: 24
192.243.107.0/24 maxlen: 24
192.243.108.0/24 maxlen: 24
192.243.109.0/24 maxlen: 24
192.243.111.0/24 maxlen: 24
192.250.224.0/20 maxlen: 20
192.250.226.0/24 maxlen: 24
192.250.227.0/24 maxlen: 24
192.250.236.0/24 maxlen: 24
195.250.25.0/24 maxlen: 24
199.175.48.0/24 maxlen: 24
199.175.49.0/24 maxlen: 24
199.175.50.0/24 maxlen: 24
199.175.51.0/24 maxlen: 24
199.175.52.0/24 maxlen: 24
199.175.53.0/24 maxlen: 24
199.175.54.0/24 maxlen: 24
199.175.55.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Mar 2025 11:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:68:1c:77:de:47:38:02:0b:1f:ac:63:25:82:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d52e0637ee46a57dd659d7fb2659b3f438a357b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:8a:cc:2d:78:68:db:08:ac:25:45:a4:13:74:
d5:74:42:f8:31:5b:fb:38:3b:16:32:f6:f0:8e:28:
d2:eb:40:fd:9d:0e:55:6f:1b:d8:62:63:f9:d7:99:
50:a5:90:af:cd:6e:68:5c:fb:c1:ee:7f:3a:37:57:
e9:6c:67:8d:9c:91:04:3a:f1:a7:60:7d:4b:af:c1:
11:d7:77:40:dc:47:04:7b:d5:20:44:c9:e2:db:75:
d0:24:2a:43:ce:4d:fb:5e:35:33:1e:1b:fd:62:8d:
a5:30:14:ec:6f:d6:7e:39:c8:13:5f:18:51:11:f6:
7e:2d:0c:48:5d:76:af:8d:05:65:01:ff:59:5d:7d:
c0:f0:15:1a:33:a7:48:63:fd:73:28:9e:56:56:e7:
9e:7f:1c:00:74:18:82:50:b1:e7:01:7c:55:3a:b0:
04:85:68:fe:05:75:c7:44:b4:3f:b1:b7:6d:0b:d3:
1f:89:d4:d6:77:0d:92:96:e0:40:28:5a:47:b6:6f:
5f:f5:c6:e4:e3:e2:cd:c3:32:f5:af:c4:15:92:1a:
a4:48:3e:fd:a6:80:c1:f0:09:43:f1:8f:ae:ec:3d:
64:37:16:d1:84:24:f8:ed:9f:b6:68:a6:d6:da:81:
f2:6b:81:13:6c:06:97:f6:1b:2b:9d:3b:aa:a1:e9:
84:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:52:E0:63:7E:E4:6A:57:DD:65:9D:7F:B2:65:9B:3F:43:8A:35:7B
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/TVLgY37kalfdZZ1_smWbP0OKNXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.181.112.0/23
65.181.116.0/24
65.181.123.0-65.181.125.255
162.208.8.0/22
192.243.96.0-192.243.109.255
192.243.111.0/24
192.250.224.0/20
195.250.25.0/24
199.175.48.0/21
Signature Algorithm: sha256WithRSAEncryption
57:65:89:85:e6:b8:9d:0e:a3:c3:e7:74:ff:9e:20:69:7b:fe:
8c:57:fe:22:f2:a2:ae:9b:b8:a3:a5:ce:60:9f:22:41:a1:71:
94:38:2e:6d:e3:b4:3f:a9:98:17:b7:f8:68:83:95:26:be:3a:
1d:5f:85:70:b7:42:b0:31:15:dd:53:b8:7d:e1:9e:92:c3:85:
fe:4b:2b:39:90:3c:64:86:1b:5e:f0:a7:88:a5:6b:c2:e2:c3:
0d:4e:3f:77:51:28:d1:d0:b7:92:19:d8:70:4c:1b:48:c0:f3:
be:64:ae:d8:a8:7a:dd:6e:c6:a2:20:27:b2:c3:13:2c:72:0c:
51:27:f2:de:a4:f6:f9:08:5e:1e:7d:34:14:fc:25:fa:2b:56:
9f:60:12:b9:c7:af:74:c3:e9:2a:91:5f:d5:e0:30:fb:17:b1:
23:38:19:3f:c0:3d:1e:81:fb:68:23:f6:fa:5f:47:24:60:ad:
38:c3:17:27:50:6c:67:20:9c:a2:72:e3:fd:9f:00:b3:fb:6d:
c5:9f:c4:c3:2a:ae:71:df:5e:33:67:ea:81:5c:4c:d2:4d:d3:
71:6b:7f:94:a4:8b:89:1b:b9:9e:be:0f:e9:5f:71:47:2c:2b:
bd:8c:4a:06:95:db:de:69:c8:4b:36:1c:02:ac:0b:37:56:d1:
37:8c:45:12
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZQgaGgcd95HOAILH6xjJYKwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDUyZTA2MzdlZTQ2YTU3ZGQ2NTlkN2ZiMjY1OWIzZjQzOGEzNTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4rMLXho2wisJUWkE3TVdEL4MVv7
ODsWMvbwjijS60D9nQ5VbxvYYmP515lQpZCvzW5oXPvB7n86N1fpbGeNnJEEOvGn
YH1Lr8ER13dA3EcEe9UgRMni23XQJCpDzk37XjUzHhv9Yo2lMBTsb9Z+OcgTXxhR
EfZ+LQxIXXavjQVlAf9ZXX3A8BUaM6dIY/1zKJ5WVueefxwAdBiCULHnAXxVOrAE
hWj+BXXHRLQ/sbdtC9MfidTWdw2SluBAKFpHtm9f9cbk4+LNwzL1r8QVkhqkSD79
poDB8AlD8Y+u7D1kNxbRhCT47Z+2aKbW2oHya4ETbAaX9hsrnTuqoemEoQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFE1S4GN+5GpX3WWdf7Jlmz9DijV7MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvVFZMZ1kzN2thbGZkWloxX3NtV2JQME9LTlhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQBQbVwAwQA
QbV0MAwDBABBtXsDBAFBtXwDBAKi0AgwDAMEBcDzYAMEAcDzbAMEAMDzbwMEBMD6
4AMEAMP6GQMEA8evMDANBgkqhkiG9w0BAQsFAAOCAQEAV2WJhea4nQ6jw+d0/54g
aXv+jFf+IvKirpu4o6XOYJ8iQaFxlDgubeO0P6mYF7f4aIOVJr46HV+FcLdCsDEV
3VO4feGeksOF/ksrOZA8ZIYbXvCniKVrwuLDDU4/d1Eo0dC3khnYcEwbSMDzvmSu
2Kh63W7GoiAnssMTLHIMUSfy3qT2+QheHn00FPwl+itWn2ASucevdMPpKpFf1eAw
+xexIzgZP8A9HoH7aCP2+l9HJGCtOMMXJ1BsZyCconLj/Z8As/ttxZ/Ewyqucd9e
M2fqgVxM0k3TcWt/lKSLiRu5nr4P6V9xRywrvYxKBpXb3mnISzYcAqwLN1bRN4xF
Eg==
-----END CERTIFICATE-----
Generated at Mon Apr 7 14:40:01 2025 by rpki-client