Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/T0ksw1nvsRSnOrFdksjqaPkieSU.roa
File: T0ksw1nvsRSnOrFdksjqaPkieSU.roa (raw, json)
Hash identifier: bmu7KbJRbcYBJR7ud8jylerJVlrfrGIB00lzn5M6W20=
Subject key identifier: 4F:49:2C:C3:59:EF:B1:14:A7:3A:B1:5D:92:C8:EA:68:F9:22:79:25
Certificate issuer: /CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Certificate serial: 018CC725F182EE1E304D2AC88BEC15703A32
Authority key identifier: 2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/T0ksw1nvsRSnOrFdksjqaPkieSU.roa
Signing time: Mon 01 Jan 2024 22:30:01 +0000
ROA not before: Mon 01 Jan 2024 22:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29425
IP address blocks: 195.149.105.0/24 maxlen: 24
46.255.136.0/21 maxlen: 21
46.255.142.0/24 maxlen: 24
2a00:95a0::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:f1:82:ee:1e:30:4d:2a:c8:8b:ec:15:70:3a:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e8edab12215e29bd38c1da9b5e396bd0c96be09
Validity
Not Before: Jan 1 22:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f492cc359efb114a73ab15d92c8ea68f9227925
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:1f:7a:7f:cb:3b:f8:2a:f6:52:3b:e5:3d:76:
5a:ed:76:a6:32:7d:66:01:68:70:5b:09:8c:68:99:
65:e1:9a:8c:25:51:1f:ac:93:0d:a5:cd:4f:28:b4:
c7:70:02:48:23:56:59:66:6c:73:b4:57:7d:49:04:
98:b7:90:27:44:48:74:98:f7:71:d1:b6:47:e7:ed:
86:05:b6:78:f6:d7:bb:d3:53:54:10:db:ce:a1:95:
47:6c:99:4f:43:77:4e:57:ea:88:aa:28:bd:09:f4:
57:f0:c3:be:43:5b:bb:3c:5c:92:c4:cb:77:e2:cd:
f8:e1:00:09:d0:3f:23:ab:74:ef:5c:24:64:6f:9b:
3f:a7:68:58:5b:6d:f9:96:b0:ff:0f:e9:af:88:4d:
e4:c1:f6:88:0f:8c:48:0e:c2:ec:f4:87:c4:c3:b6:
65:73:17:41:6c:f2:62:4f:3f:ec:40:30:69:d5:2e:
7f:77:50:32:ee:ab:d9:61:ae:dd:ea:c8:7b:4a:3b:
97:58:dd:81:4b:4f:e7:5b:7d:93:39:97:00:20:96:
7c:91:b8:3a:3e:8a:c7:bf:83:d4:d6:47:df:f8:f5:
ee:d7:49:96:e7:e6:0f:59:3c:24:9d:d3:0c:1d:1e:
1e:8a:88:2a:08:72:21:03:81:68:2d:23:cc:c3:45:
0a:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:49:2C:C3:59:EF:B1:14:A7:3A:B1:5D:92:C8:EA:68:F9:22:79:25
X509v3 Authority Key Identifier:
keyid:2E:8E:DA:B1:22:15:E2:9B:D3:8C:1D:A9:B5:E3:96:BD:0C:96:BE:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lo7asSIV4pvTjB2pteOWvQyWvgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/T0ksw1nvsRSnOrFdksjqaPkieSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/af76e0-6b7d-40ac-9621-643a2fc4473e/1/Lo7asSIV4pvTjB2pteOWvQyWvgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.255.136.0/21
195.149.105.0/24
IPv6:
2a00:95a0::/32
Signature Algorithm: sha256WithRSAEncryption
8b:bb:d6:99:56:09:58:b8:03:87:77:49:81:f4:87:dd:c8:24:
e8:9f:e5:44:58:bf:ee:66:dd:af:a2:d9:7b:f6:ab:c0:3f:e3:
e0:d2:9d:dc:49:89:ca:9c:78:da:63:18:90:5c:6e:56:63:0a:
45:2e:9c:96:63:13:8a:92:53:85:e9:27:d0:be:6a:f9:f1:ec:
ec:8a:65:4a:03:b4:dd:62:57:c0:83:9c:f5:32:dc:b0:2d:07:
59:ea:ee:e1:94:d9:ce:5a:12:6d:e4:d8:18:a3:95:3f:c3:c5:
2b:63:7f:52:39:45:ef:8f:ad:df:c4:6a:4a:04:5f:c5:cb:db:
05:15:43:c6:26:79:bd:9c:fd:10:e8:db:95:89:f1:78:d9:28:
58:78:9d:c9:ee:0d:f3:23:f2:10:ad:70:a2:11:80:87:85:d7:
89:dc:fb:60:f1:66:29:d3:4b:04:e7:25:17:b7:e3:01:cc:ad:
cc:72:85:ea:fc:2c:c7:97:f8:b3:22:81:64:78:4d:a1:24:99:
9b:b6:2c:b3:4a:53:1b:dd:51:a2:1b:59:89:9b:a8:28:06:40:
c3:41:7c:55:95:00:25:81:f7:36:ea:34:62:93:de:d1:a5:14:
d7:7d:c4:44:c9:56:64:29:42:b5:c0:76:ad:55:59:7f:25:b6:
12:be:09:87
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJfGC7h4wTSrIi+wVcDoyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlOGVkYWIxMjIxNWUyOWJkMzhjMWRhOWI1ZTM5NmJkMGM5
NmJlMDkwHhcNMjQwMTAxMjIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjQ5MmNjMzU5ZWZiMTE0YTczYWIxNWQ5MmM4ZWE2OGY5MjI3OTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqR96f8s7+Cr2UjvlPXZa7XamMn1m
AWhwWwmMaJll4ZqMJVEfrJMNpc1PKLTHcAJII1ZZZmxztFd9SQSYt5AnREh0mPdx
0bZH5+2GBbZ49te701NUENvOoZVHbJlPQ3dOV+qIqii9CfRX8MO+Q1u7PFySxMt3
4s344QAJ0D8jq3TvXCRkb5s/p2hYW235lrD/D+mviE3kwfaID4xIDsLs9IfEw7Zl
cxdBbPJiTz/sQDBp1S5/d1Ay7qvZYa7d6sh7SjuXWN2BS0/nW32TOZcAIJZ8kbg6
PorHv4PU1kff+PXu10mW5+YPWTwkndMMHR4eiogqCHIhA4FoLSPMw0UKzwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE9JLMNZ77EUpzqxXZLI6mj5InklMB8GA1UdIwQY
MBaAFC6O2rEiFeKb04wdqbXjlr0Mlr4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG83YXNTSVY0cHZUakIycHRlT1d2UXlXdmdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9hZjc2ZTAtNmI3ZC00MGFjLTk2MjEt
NjQzYTJmYzQ0NzNlLzEvVDBrc3cxbnZzUlNuT3JGZGtzanFhUGtpZVNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9hZjc2ZTAtNmI3ZC00MGFjLTk2MjEtNjQzYTJmYzQ0NzNl
LzEvTG83YXNTSVY0cHZUakIycHRlT1d2UXlXdmdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLv+IAwQA
w5VpMA0EAgACMAcDBQAqAJWgMA0GCSqGSIb3DQEBCwUAA4IBAQCLu9aZVglYuAOH
d0mB9IfdyCTon+VEWL/uZt2votl79qvAP+Pg0p3cSYnKnHjaYxiQXG5WYwpFLpyW
YxOKklOF6SfQvmr58ezsimVKA7TdYlfAg5z1MtywLQdZ6u7hlNnOWhJt5NgYo5U/
w8UrY39SOUXvj63fxGpKBF/Fy9sFFUPGJnm9nP0Q6NuVifF42ShYeJ3J7g3zI/IQ
rXCiEYCHhdeJ3Ptg8WYp00sE5yUXt+MBzK3McoXq/CzHl/izIoFkeE2hJJmbtiyz
SlMb3VGiG1mJm6goBkDDQXxVlQAlgfc26jRik97RpRTXfcREyVZkKUK1wHatVVl/
JbYSvgmH
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:06:29 2025 by rpki-client