Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/TKnxiCb5RoovAShVT4Sy37OXtOM.roa
File: TKnxiCb5RoovAShVT4Sy37OXtOM.roa (raw, json)
Hash identifier: 0etCdjJIDaHlRF8YLWxRwjqSh3oZAsXaiugG0Zv8Nyo=
Subject key identifier: 4C:A9:F1:88:26:F9:46:8A:2F:01:28:55:4F:84:B2:DF:B3:97:B4:E3
Certificate issuer: /CN=4cfcc7e017c2c9f7632da7293476bb7e4a30365a
Certificate serial: 018CC64B8B524C2CA263CE5E578921B52E97
Authority key identifier: 4C:FC:C7:E0:17:C2:C9:F7:63:2D:A7:29:34:76:BB:7E:4A:30:36:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TPzH4BfCyfdjLacpNHa7fkowNlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/TKnxiCb5RoovAShVT4Sy37OXtOM.roa
Signing time: Mon 01 Jan 2024 18:31:28 +0000
ROA not before: Mon 01 Jan 2024 18:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206951
IP address blocks: 185.170.228.0/22 maxlen: 32
2a0a:b300::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:8b:52:4c:2c:a2:63:ce:5e:57:89:21:b5:2e:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cfcc7e017c2c9f7632da7293476bb7e4a30365a
Validity
Not Before: Jan 1 18:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ca9f18826f9468a2f0128554f84b2dfb397b4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:61:60:f0:09:23:5e:34:6f:c7:40:38:66:aa:
b8:fc:e7:f0:2e:0f:6b:00:5a:56:5f:70:bf:a3:d9:
5f:af:06:ca:09:2a:3c:1f:8f:36:3a:8a:e5:09:6e:
ab:2f:c3:ac:44:8c:77:16:d3:1a:e9:7f:f0:de:2f:
bb:09:28:1b:10:b7:ba:e9:82:c0:cd:04:cc:f3:e3:
8b:ca:d4:93:f5:a4:9d:30:b6:2e:a7:fa:b2:5a:1f:
f4:8e:eb:3f:6f:12:5b:76:3e:9f:56:35:5e:88:fd:
2f:c5:97:25:3b:fa:5a:90:27:30:0f:bc:0e:62:ef:
d2:28:6d:de:2e:84:dd:b1:3e:d4:32:d2:de:32:f8:
93:15:f3:aa:7c:ff:53:b8:67:71:e9:9a:71:30:a4:
f9:47:4e:16:46:3d:c6:67:67:d4:fe:66:1e:aa:22:
47:03:c4:92:10:58:57:df:a3:e4:6b:44:65:03:4a:
40:29:1b:bc:15:d4:49:47:0e:81:84:7d:50:f3:05:
b2:5a:50:10:6d:95:d8:9a:3a:fd:3b:ea:70:13:29:
e3:b5:88:88:78:d7:02:ba:4d:fc:77:f7:9e:82:d0:
55:42:7a:f0:0e:3f:2e:c6:ec:96:c7:d7:21:f2:ee:
c7:4c:7c:f9:f7:dc:1c:40:1a:36:06:f2:03:48:b8:
4e:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A9:F1:88:26:F9:46:8A:2F:01:28:55:4F:84:B2:DF:B3:97:B4:E3
X509v3 Authority Key Identifier:
keyid:4C:FC:C7:E0:17:C2:C9:F7:63:2D:A7:29:34:76:BB:7E:4A:30:36:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TPzH4BfCyfdjLacpNHa7fkowNlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/TKnxiCb5RoovAShVT4Sy37OXtOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/bbedbe-8821-4bd8-bbcc-3adf9b61347d/1/TPzH4BfCyfdjLacpNHa7fkowNlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.170.228.0/22
IPv6:
2a0a:b300::/29
Signature Algorithm: sha256WithRSAEncryption
07:73:d7:54:fa:c3:10:55:3c:4b:59:c8:c7:de:7d:d1:db:fa:
de:41:ff:21:9f:ef:5e:96:9f:46:e5:de:94:53:f4:e4:18:38:
ac:f7:16:4f:b1:66:d9:2b:58:6c:be:b1:ac:91:5e:81:08:70:
c5:92:ec:57:00:a5:3b:79:6b:8e:d8:0d:71:ec:f5:2f:a4:fb:
e8:49:db:36:9f:c8:e2:1e:ba:ec:8c:9a:ea:71:90:20:96:85:
0b:25:ec:94:8b:11:47:9e:2f:97:11:43:22:fc:ac:04:5b:c5:
a2:03:c6:9d:db:1e:39:ae:e0:3a:1a:26:2d:ce:52:d8:0b:16:
5f:3e:36:ae:13:42:6a:b9:01:67:e6:07:93:3d:59:0b:b4:cb:
b8:a1:94:7c:d0:68:b2:c2:ce:01:5f:a0:2b:f0:d8:4d:5e:20:
ad:5d:4f:4d:14:70:32:90:33:ad:e1:6a:e6:d7:04:cc:22:d4:
5b:e4:37:b8:8e:3d:82:8e:cb:50:54:aa:57:f7:3a:f6:0f:18:
20:1e:0d:e2:99:d0:0a:d3:1c:bf:17:42:06:bd:81:8b:64:d6:
18:f4:38:db:cb:66:a7:18:7a:24:26:94:c5:f1:c3:a1:0f:38:
55:d8:b7:10:5d:f8:3b:25:ee:68:b7:6f:d9:42:84:6d:b0:50:
34:36:46:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS4tSTCyiY85eV4khtS6XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjZmNjN2UwMTdjMmM5Zjc2MzJkYTcyOTM0NzZiYjdlNGEz
MDM2NWEwHhcNMjQwMTAxMTgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E5ZjE4ODI2Zjk0NjhhMmYwMTI4NTU0Zjg0YjJkZmIzOTdiNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA12Fg8AkjXjRvx0A4Zqq4/OfwLg9r
AFpWX3C/o9lfrwbKCSo8H482OorlCW6rL8OsRIx3FtMa6X/w3i+7CSgbELe66YLA
zQTM8+OLytST9aSdMLYup/qyWh/0jus/bxJbdj6fVjVeiP0vxZclO/pakCcwD7wO
Yu/SKG3eLoTdsT7UMtLeMviTFfOqfP9TuGdx6ZpxMKT5R04WRj3GZ2fU/mYeqiJH
A8SSEFhX36Pka0RlA0pAKRu8FdRJRw6BhH1Q8wWyWlAQbZXYmjr9O+pwEynjtYiI
eNcCuk38d/eegtBVQnrwDj8uxuyWx9ch8u7HTHz599wcQBo2BvIDSLhO+QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEyp8Ygm+UaKLwEoVU+Est+zl7TjMB8GA1UdIwQY
MBaAFEz8x+AXwsn3Yy2nKTR2u35KMDZaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVFB6SDRCZkN5ZmRqTGFjcE5IYTdma293TmxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9iYmVkYmUtODgyMS00YmQ4LWJiY2Mt
M2FkZjliNjEzNDdkLzEvVEtueGlDYjVSb292QVNoVlQ0U3kzN09YdE9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9iYmVkYmUtODgyMS00YmQ4LWJiY2MtM2FkZjliNjEzNDdk
LzEvVFB6SDRCZkN5ZmRqTGFjcE5IYTdma293TmxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuarkMA0E
AgACMAcDBQMqCrMAMA0GCSqGSIb3DQEBCwUAA4IBAQAHc9dU+sMQVTxLWcjH3n3R
2/reQf8hn+9elp9G5d6UU/TkGDis9xZPsWbZK1hsvrGskV6BCHDFkuxXAKU7eWuO
2A1x7PUvpPvoSds2n8jiHrrsjJrqcZAgloULJeyUixFHni+XEUMi/KwEW8WiA8ad
2x45ruA6GiYtzlLYCxZfPjauE0JquQFn5geTPVkLtMu4oZR80Giyws4BX6Ar8NhN
XiCtXU9NFHAykDOt4Wrm1wTMItRb5De4jj2CjstQVKpX9zr2DxggHg3imdAK0xy/
F0IGvYGLZNYY9Djby2anGHokJpTF8cOhDzhV2LcQXfg7Je5ot2/ZQoRtsFA0NkYj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:44:46 2025 by rpki-client