Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/tUynBN2uwkFb1lLgMeSI03qUsy0.roa
File: tUynBN2uwkFb1lLgMeSI03qUsy0.roa (raw, json)
Hash identifier: 7p/PY2byGwl6wucOFjOT3vfhNx+H77PdRisYCe0gKec=
Subject key identifier: B5:4C:A7:04:DD:AE:C2:41:5B:D6:52:E0:31:E4:88:D3:7A:94:B3:2D
Certificate issuer: /CN=bfaea358aeeeb7d0b9e0f93d23f67d29a7ec62c8
Certificate serial: 019427B3FE25D3A62F936FFC173152B124F2
Authority key identifier: BF:AE:A3:58:AE:EE:B7:D0:B9:E0:F9:3D:23:F6:7D:29:A7:EC:62:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v66jWK7ut9C54Pk9I_Z9KafsYsg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/tUynBN2uwkFb1lLgMeSI03qUsy0.roa
Signing time: Thu 02 Jan 2025 15:48:14 +0000
ROA not before: Thu 02 Jan 2025 15:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1820
IP address blocks: 146.19.54.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 15 Jan 2025 13:36:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:fe:25:d3:a6:2f:93:6f:fc:17:31:52:b1:24:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfaea358aeeeb7d0b9e0f93d23f67d29a7ec62c8
Validity
Not Before: Jan 2 15:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b54ca704ddaec2415bd652e031e488d37a94b32d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:3f:b2:41:e2:a7:00:6e:02:e2:93:81:ef:4d:
b2:60:33:5c:c3:27:18:8d:ed:cc:be:1c:0b:aa:fe:
26:42:01:09:5a:f6:8d:e8:e3:e2:c9:17:5c:db:83:
83:29:52:07:89:e1:93:e0:d9:4f:39:ce:8a:e8:d7:
b5:86:a1:73:f3:65:c8:49:06:15:7d:a3:52:91:f1:
98:c8:b5:ad:9a:fe:5c:eb:25:45:1d:27:68:31:1e:
df:da:8d:21:07:d2:52:7c:ab:46:89:41:29:77:3a:
7e:01:7b:0a:d3:c7:fc:20:36:bf:df:37:3d:f4:f7:
50:d1:2b:0c:b6:ce:03:77:c2:ea:0e:92:39:02:f0:
85:69:ed:6f:a3:08:b8:30:6a:d6:ce:94:68:38:ce:
65:05:56:73:1a:2a:70:e1:1d:d3:cd:7d:59:11:ca:
41:40:17:b4:65:36:49:71:6d:4c:6b:52:57:c1:bc:
7e:73:0d:fd:5f:52:76:19:ce:85:15:6f:8d:2d:a3:
e9:b3:28:9e:03:2a:36:2e:a9:a9:33:11:2a:c4:46:
2c:d7:04:bd:9e:f2:e4:bb:ec:a3:a3:07:4e:9f:4a:
8e:54:e7:7e:0a:12:14:97:ac:8a:a5:04:e1:1a:f7:
57:7f:3a:29:fc:c2:65:95:23:44:97:fb:0d:0a:14:
2f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4C:A7:04:DD:AE:C2:41:5B:D6:52:E0:31:E4:88:D3:7A:94:B3:2D
X509v3 Authority Key Identifier:
keyid:BF:AE:A3:58:AE:EE:B7:D0:B9:E0:F9:3D:23:F6:7D:29:A7:EC:62:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v66jWK7ut9C54Pk9I_Z9KafsYsg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/tUynBN2uwkFb1lLgMeSI03qUsy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/288416-a46e-49c3-9337-249ce0c312b3/1/v66jWK7ut9C54Pk9I_Z9KafsYsg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.54.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:8f:1a:c9:02:01:98:a5:8c:e8:af:3c:f7:d5:6d:2c:85:40:
1b:9b:de:60:a9:fb:e9:96:a8:d3:f8:f5:a2:9b:79:a9:03:e8:
1e:5d:b9:2f:f7:82:74:75:2b:ca:8c:2a:cc:78:af:80:e7:b9:
59:54:a1:95:5d:42:b1:b1:5f:c5:83:f9:2f:ac:21:44:ed:bd:
22:b9:dd:d1:37:5a:bf:c4:49:c2:d8:b2:83:8e:1b:6c:de:d0:
1e:1a:67:76:78:4b:18:42:9f:98:cc:87:5d:78:90:e6:a7:53:
a5:e4:52:0e:8c:be:da:30:df:91:2a:84:e6:5a:08:a1:16:7b:
9e:28:83:14:39:6f:f9:2e:b1:67:47:6a:e1:17:6e:40:ab:07:
a6:d1:dc:6a:6f:ec:90:09:bd:a4:8c:df:ba:b2:77:76:2e:36:
3e:01:73:fd:fe:b3:d1:c4:96:45:fc:ca:ad:54:ae:da:b9:e4:
51:33:db:11:92:05:6a:42:d3:6f:a9:3d:c2:4b:4a:f3:4e:0c:
1e:04:a4:38:13:db:2b:c3:0a:b4:55:67:bb:ad:12:16:78:1e:
2c:ff:13:78:8a:58:97:0f:80:d3:7e:23:82:a7:8e:90:e9:5f:
c4:e1:64:55:ba:49:f2:fc:f7:b3:e6:b5:d9:75:87:ee:5f:d7:
19:6d:ac:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns/4l06Yvk2/8FzFSsSTyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYWVhMzU4YWVlZWI3ZDBiOWUwZjkzZDIzZjY3ZDI5YTdl
YzYyYzgwHhcNMjUwMTAyMTU0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRjYTcwNGRkYWVjMjQxNWJkNjUyZTAzMWU0ODhkMzdhOTRiMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5D+yQeKnAG4C4pOB702yYDNcwycY
je3MvhwLqv4mQgEJWvaN6OPiyRdc24ODKVIHieGT4NlPOc6K6Ne1hqFz82XISQYV
faNSkfGYyLWtmv5c6yVFHSdoMR7f2o0hB9JSfKtGiUEpdzp+AXsK08f8IDa/3zc9
9PdQ0SsMts4Dd8LqDpI5AvCFae1vowi4MGrWzpRoOM5lBVZzGipw4R3TzX1ZEcpB
QBe0ZTZJcW1Ma1JXwbx+cw39X1J2Gc6FFW+NLaPpsyieAyo2LqmpMxEqxEYs1wS9
nvLku+yjowdOn0qOVOd+ChIUl6yKpQThGvdXfzop/MJllSNEl/sNChQv5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLVMpwTdrsJBW9ZS4DHkiNN6lLMtMB8GA1UdIwQY
MBaAFL+uo1iu7rfQueD5PSP2fSmn7GLIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjY2aldLN3V0OUM1NFBrOUlfWjlLYWZzWXNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC8yODg0MTYtYTQ2ZS00OWMzLTkzMzct
MjQ5Y2UwYzMxMmIzLzEvdFV5bkJOMnV3a0ZiMWxMZ01lU0kwM3FVc3kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC8yODg0MTYtYTQ2ZS00OWMzLTkzMzctMjQ5Y2UwYzMxMmIz
LzEvdjY2aldLN3V0OUM1NFBrOUlfWjlLYWZzWXNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkhM2MA0G
CSqGSIb3DQEBCwUAA4IBAQCyjxrJAgGYpYzorzz31W0shUAbm95gqfvplqjT+PWi
m3mpA+geXbkv94J0dSvKjCrMeK+A57lZVKGVXUKxsV/Fg/kvrCFE7b0iud3RN1q/
xEnC2LKDjhts3tAeGmd2eEsYQp+YzIddeJDmp1Ol5FIOjL7aMN+RKoTmWgihFnue
KIMUOW/5LrFnR2rhF25Aqwem0dxqb+yQCb2kjN+6snd2LjY+AXP9/rPRxJZF/Mqt
VK7aueRRM9sRkgVqQtNvqT3CS0rzTgweBKQ4E9srwwq0VWe7rRIWeB4s/xN4iliX
D4DTfiOCp46Q6V/E4WRVukny/Pez5rXZdYfuX9cZbaww
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:53:22 2025 by rpki-client