Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/TsfJ7ZkP8gyj7o2xFZF6CUQ9n8Q.roa
File: TsfJ7ZkP8gyj7o2xFZF6CUQ9n8Q.roa (raw, json)
Hash identifier: OVJ3TfpoyYI88/S3wf2oHfD47Mf/Usr5/FAqEyZAYLU=
Subject key identifier: 4E:C7:C9:ED:99:0F:F2:0C:A3:EE:8D:B1:15:91:7A:09:44:3D:9F:C4
Certificate issuer: /CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Certificate serial: 018D8933950A5B946E4E6E3D978FBF252C14
Authority key identifier: DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/TsfJ7ZkP8gyj7o2xFZF6CUQ9n8Q.roa
Signing time: Thu 08 Feb 2024 14:51:15 +0000
ROA not before: Thu 08 Feb 2024 14:51:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57844
IP address blocks: 213.232.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 Feb 2024 07:07:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:89:33:95:0a:5b:94:6e:4e:6e:3d:97:8f:bf:25:2c:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db1d6eba463b7564abfae938b46ed47187de0ec0
Validity
Not Before: Feb 8 14:51:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ec7c9ed990ff20ca3ee8db115917a09443d9fc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:5b:dd:3d:88:3d:fe:55:97:2c:40:0f:7b:2f:
dd:6d:af:6f:a2:16:f9:2f:e5:f9:9b:26:18:43:1d:
ce:47:10:00:e1:c5:c8:64:1c:1c:7f:0f:70:5a:ac:
20:8a:b1:0b:5e:19:5c:3e:a4:84:eb:d9:25:fe:a7:
74:63:a9:63:c8:62:a2:ac:f7:b2:eb:60:a5:9d:ac:
02:ae:a8:c1:d1:c9:ea:23:ab:db:b8:10:c6:25:00:
95:7c:30:22:05:7d:c7:8d:6f:6c:b1:43:64:11:f2:
9c:bb:36:d2:db:58:92:f6:4b:33:49:99:5f:c8:a0:
79:60:3d:7d:63:fc:d0:bd:1d:b4:b8:fb:c4:95:e1:
84:82:0a:f4:c4:1d:d7:9e:28:c7:2a:8d:5e:54:df:
8d:d9:dc:70:36:72:ef:7d:5c:63:0e:ee:21:17:e7:
bf:64:11:d2:ea:ae:87:87:85:b1:94:db:c3:56:91:
fc:0c:81:8d:04:29:d7:00:23:b1:80:ef:27:45:19:
28:6c:1d:a2:47:59:f9:06:13:2e:21:c0:bf:00:45:
3d:95:f6:52:83:52:d9:6a:d3:92:59:95:1e:eb:0a:
58:b3:ff:03:5b:6b:ec:24:f3:51:6f:75:82:ab:be:
88:e6:f8:1e:03:2a:51:08:f2:13:47:51:f6:79:e9:
13:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:C7:C9:ED:99:0F:F2:0C:A3:EE:8D:B1:15:91:7A:09:44:3D:9F:C4
X509v3 Authority Key Identifier:
keyid:DB:1D:6E:BA:46:3B:75:64:AB:FA:E9:38:B4:6E:D4:71:87:DE:0E:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2x1uukY7dWSr-uk4tG7UcYfeDsA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/TsfJ7ZkP8gyj7o2xFZF6CUQ9n8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4f6985-b94a-47cc-a300-6f2cf4f03ceb/1/2x1uukY7dWSr-uk4tG7UcYfeDsA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.232.236.0/24
Signature Algorithm: sha256WithRSAEncryption
79:18:ea:08:83:07:18:2f:12:7d:13:09:19:0e:b1:d0:6c:69:
f7:d6:50:97:da:f8:bc:06:82:08:50:7b:ba:28:34:7b:10:e2:
7a:53:b8:3a:68:60:a8:dd:f7:92:1a:63:7d:e5:88:d8:c3:73:
0b:dd:b2:d7:c6:14:e0:4e:13:5b:62:23:15:dd:29:c8:21:43:
ce:94:b0:0b:70:59:d0:48:1f:00:a0:f6:1d:c5:5e:11:00:98:
59:9e:a4:49:8c:8d:28:ec:83:ec:a1:b5:0b:e7:2d:d4:e7:a6:
51:d8:44:ab:64:b1:76:53:0a:5a:93:a0:27:c3:4e:e2:5c:42:
19:c1:b2:cb:6a:93:47:0e:0a:84:ee:fe:2e:2e:2f:02:2d:45:
fc:09:c6:a9:6f:d3:da:01:95:50:ed:84:8a:c0:bd:31:69:a6:
57:f7:86:8c:a1:d6:fd:8c:e2:22:fb:e3:7d:7f:dd:dc:f6:6f:
2b:e3:ba:c5:5d:1f:5a:19:7a:09:92:6a:4a:25:0e:32:0a:fe:
e3:17:5d:5d:ef:dc:81:2b:7c:da:33:4f:2d:da:2c:19:43:20:
eb:03:52:3b:32:ff:7f:a1:61:11:c7:5e:16:a0:a6:1f:3e:16:
ff:cb:46:70:45:be:8e:7d:e7:b4:ea:09:ce:5b:8f:cb:aa:8d:
e8:2e:e2:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2JM5UKW5RuTm49l4+/JSwUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiMWQ2ZWJhNDYzYjc1NjRhYmZhZTkzOGI0NmVkNDcxODdk
ZTBlYzAwHhcNMjQwMjA4MTQ1MTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWM3YzllZDk5MGZmMjBjYTNlZThkYjExNTkxN2EwOTQ0M2Q5ZmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApFvdPYg9/lWXLEAPey/dba9vohb5
L+X5myYYQx3ORxAA4cXIZBwcfw9wWqwgirELXhlcPqSE69kl/qd0Y6ljyGKirPey
62ClnawCrqjB0cnqI6vbuBDGJQCVfDAiBX3HjW9ssUNkEfKcuzbS21iS9kszSZlf
yKB5YD19Y/zQvR20uPvEleGEggr0xB3XnijHKo1eVN+N2dxwNnLvfVxjDu4hF+e/
ZBHS6q6Hh4WxlNvDVpH8DIGNBCnXACOxgO8nRRkobB2iR1n5BhMuIcC/AEU9lfZS
g1LZatOSWZUe6wpYs/8DW2vsJPNRb3WCq76I5vgeAypRCPITR1H2eekTzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE7Hye2ZD/IMo+6NsRWReglEPZ/EMB8GA1UdIwQY
MBaAFNsdbrpGO3Vkq/rpOLRu1HGH3g7AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAt
NmYyY2Y0ZjAzY2ViLzEvVHNmSjdaa1A4Z3lqN28yeEZaRjZDVVE5bjhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ZjY5ODUtYjk0YS00N2NjLWEzMDAtNmYyY2Y0ZjAzY2Vi
LzEvMngxdXVrWTdkV1NyLXVrNHRHN1VjWWZlRHNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1ejsMA0G
CSqGSIb3DQEBCwUAA4IBAQB5GOoIgwcYLxJ9EwkZDrHQbGn31lCX2vi8BoIIUHu6
KDR7EOJ6U7g6aGCo3feSGmN95YjYw3ML3bLXxhTgThNbYiMV3SnIIUPOlLALcFnQ
SB8AoPYdxV4RAJhZnqRJjI0o7IPsobUL5y3U56ZR2ESrZLF2Uwpak6Anw07iXEIZ
wbLLapNHDgqE7v4uLi8CLUX8Ccapb9PaAZVQ7YSKwL0xaaZX94aModb9jOIi++N9
f93c9m8r47rFXR9aGXoJkmpKJQ4yCv7jF11d79yBK3zaM08t2iwZQyDrA1I7Mv9/
oWERx14WoKYfPhb/y0ZwRb6Ofee06gnOW4/Lqo3oLuKT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:56:54 2025 by rpki-client