Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/305475-b224-4ea8-91ae-6e4cd836c7cb/1/Tc93425R9DqAp-Qnc8r8FZsXE3k.roa
File: Tc93425R9DqAp-Qnc8r8FZsXE3k.roa (raw, json)
Hash identifier: UsiuOcAbytEeCI6rqyXccl9p9tz/6EGohT2u8pH0Uqw=
Subject key identifier: 4D:CF:77:E3:6E:51:F4:3A:80:A7:E4:27:73:CA:FC:15:9B:17:13:79
Certificate issuer: /CN=0b0a940cfd2eefe82f570fafc4fdc5bd07941a06
Certificate serial: 018CC79552720655A34A02698C30D8F2310C
Authority key identifier: 0B:0A:94:0C:FD:2E:EF:E8:2F:57:0F:AF:C4:FD:C5:BD:07:94:1A:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CwqUDP0u7-gvVw-vxP3FvQeUGgY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/305475-b224-4ea8-91ae-6e4cd836c7cb/1/Tc93425R9DqAp-Qnc8r8FZsXE3k.roa
Signing time: Tue 02 Jan 2024 00:31:41 +0000
ROA not before: Tue 02 Jan 2024 00:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 17158
IP address blocks: 139.28.145.0/24 maxlen: 24
139.28.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:52:72:06:55:a3:4a:02:69:8c:30:d8:f2:31:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b0a940cfd2eefe82f570fafc4fdc5bd07941a06
Validity
Not Before: Jan 2 00:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4dcf77e36e51f43a80a7e42773cafc159b171379
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:6f:ca:59:73:a7:66:fd:be:63:1e:fc:86:0b:
2a:db:cf:b5:cf:37:6e:85:fc:fe:3d:f0:47:dd:1c:
4e:ed:ec:49:d0:e7:08:e3:12:4a:7a:38:7e:5b:c0:
ed:f4:21:65:2f:60:6e:98:64:ae:09:52:75:38:33:
95:08:80:da:ff:3a:b2:32:00:df:a5:3a:db:6a:21:
d3:8b:37:41:55:59:f5:5b:ee:ab:a4:25:3d:0d:74:
3f:53:c7:e7:aa:48:f0:36:74:59:f6:3c:14:19:d1:
58:3e:fc:4e:49:84:f9:40:07:ca:d5:ce:66:6f:0e:
2e:bf:c7:88:08:62:25:07:73:5c:08:9f:27:5c:ee:
a3:07:e3:39:06:a4:9b:d0:b2:be:6c:9a:04:2f:55:
2f:29:d0:b8:49:38:40:d6:75:ed:71:2f:b6:80:3e:
83:ba:f9:ba:97:4c:13:bc:ea:5d:8e:46:df:31:19:
0b:be:1b:60:89:8d:69:8d:70:99:48:e5:77:3c:32:
7a:91:da:99:b0:40:8c:a3:88:84:31:9e:59:ff:da:
97:b6:f0:4a:e9:98:3b:27:d1:c4:1a:3f:8f:9e:c2:
74:d1:14:a3:e8:e8:be:76:a1:6f:e0:7d:c1:1e:4a:
e1:f6:13:11:9e:2a:14:2e:aa:7a:41:6c:45:05:fc:
e1:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CF:77:E3:6E:51:F4:3A:80:A7:E4:27:73:CA:FC:15:9B:17:13:79
X509v3 Authority Key Identifier:
keyid:0B:0A:94:0C:FD:2E:EF:E8:2F:57:0F:AF:C4:FD:C5:BD:07:94:1A:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CwqUDP0u7-gvVw-vxP3FvQeUGgY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/305475-b224-4ea8-91ae-6e4cd836c7cb/1/Tc93425R9DqAp-Qnc8r8FZsXE3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/305475-b224-4ea8-91ae-6e4cd836c7cb/1/CwqUDP0u7-gvVw-vxP3FvQeUGgY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.145.0-139.28.146.255
Signature Algorithm: sha256WithRSAEncryption
92:c0:7c:a5:39:b2:34:f5:72:2d:0a:17:38:d5:c4:39:e4:4f:
1d:2f:90:ea:74:0a:6f:1e:90:47:99:70:ab:95:09:6e:d5:a3:
2c:de:e0:5a:69:61:69:e6:40:46:7d:db:fd:1e:74:5c:5a:27:
92:f7:91:07:14:7d:9a:da:64:a8:e3:0b:02:ec:ba:41:cc:67:
a9:66:24:a2:30:e8:fb:d9:7d:0e:91:9f:0b:33:7b:5e:eb:3d:
46:6e:23:47:ae:bf:dc:12:a2:df:b6:0e:a9:5f:04:5d:f1:17:
f3:0f:3a:39:9d:80:eb:8b:e9:39:6c:5b:5b:43:cc:b9:14:bd:
85:74:41:2e:a7:bc:0c:a0:15:40:11:48:b3:79:16:eb:34:96:
82:9e:2f:01:88:f7:06:ec:63:39:1d:be:62:fe:da:13:7a:9c:
55:29:83:93:b2:6e:6c:2d:eb:c9:96:b6:bb:82:9d:d8:35:02:
b9:07:19:14:3a:42:6f:93:51:b2:f9:d6:d3:2a:3b:78:22:39:
93:e9:73:76:90:2f:16:f6:a1:17:d4:de:70:50:cd:00:82:cd:
f0:0a:9e:fc:a1:4a:32:f6:ae:de:17:26:1c:73:d2:95:0a:fd:
dc:e1:6b:7e:78:44:85:2e:28:ef:e2:86:37:e7:04:ca:51:2c:
10:aa:77:52
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlVJyBlWjSgJpjDDY8jEMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMGE5NDBjZmQyZWVmZTgyZjU3MGZhZmM0ZmRjNWJkMDc5
NDFhMDYwHhcNMjQwMTAyMDAzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGNmNzdlMzZlNTFmNDNhODBhN2U0Mjc3M2NhZmMxNTliMTcxMzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj2/KWXOnZv2+Yx78hgsq28+1zzdu
hfz+PfBH3RxO7exJ0OcI4xJKejh+W8Dt9CFlL2BumGSuCVJ1ODOVCIDa/zqyMgDf
pTrbaiHTizdBVVn1W+6rpCU9DXQ/U8fnqkjwNnRZ9jwUGdFYPvxOSYT5QAfK1c5m
bw4uv8eICGIlB3NcCJ8nXO6jB+M5BqSb0LK+bJoEL1UvKdC4SThA1nXtcS+2gD6D
uvm6l0wTvOpdjkbfMRkLvhtgiY1pjXCZSOV3PDJ6kdqZsECMo4iEMZ5Z/9qXtvBK
6Zg7J9HEGj+PnsJ00RSj6Oi+dqFv4H3BHkrh9hMRnioULqp6QWxFBfzh7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE3Pd+NuUfQ6gKfkJ3PK/BWbFxN5MB8GA1UdIwQY
MBaAFAsKlAz9Lu/oL1cPr8T9xb0HlBoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3dxVURQMHU3LWd2VnctdnhQM0Z2UWVVR2dZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMDU0NzUtYjIyNC00ZWE4LTkxYWUt
NmU0Y2Q4MzZjN2NiLzEvVGM5MzQyNVI5RHFBcC1RbmM4cjhGWnNYRTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMDU0NzUtYjIyNC00ZWE4LTkxYWUtNmU0Y2Q4MzZjN2Ni
LzEvQ3dxVURQMHU3LWd2VnctdnhQM0Z2UWVVR2dZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACLHJED
BACLHJIwDQYJKoZIhvcNAQELBQADggEBAJLAfKU5sjT1ci0KFzjVxDnkTx0vkOp0
Cm8ekEeZcKuVCW7Voyze4FppYWnmQEZ92/0edFxaJ5L3kQcUfZraZKjjCwLsukHM
Z6lmJKIw6PvZfQ6Rnwsze17rPUZuI0euv9wSot+2DqlfBF3xF/MPOjmdgOuL6Tls
W1tDzLkUvYV0QS6nvAygFUARSLN5Fus0loKeLwGI9wbsYzkdvmL+2hN6nFUpg5Oy
bmwt68mWtruCndg1ArkHGRQ6Qm+TUbL51tMqO3giOZPpc3aQLxb2oRfU3nBQzQCC
zfAKnvyhSjL2rt4XJhxz0pUK/dzha354RIUuKO/ihjfnBMpRLBCqd1I=
-----END CERTIFICATE-----
Generated at Mon Apr 7 20:12:34 2025 by rpki-client