Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/TkzmdKdpmagrf7kEdNjlEjiH9PY.roa
File: TkzmdKdpmagrf7kEdNjlEjiH9PY.roa (raw, json)
Hash identifier: yREBMToKxfFyM2WgcA6rsQQofM7SzDvHaIudvYoJZj4=
Subject key identifier: 4E:4C:E6:74:A7:69:99:A8:2B:7F:B9:04:74:D8:E5:12:38:87:F4:F6
Certificate issuer: /CN=6b84f4a296bce14d6deed25116aa70b60bcce4a4
Certificate serial: 018D0790198CBC51B538BC25152D1E063248
Authority key identifier: 6B:84:F4:A2:96:BC:E1:4D:6D:EE:D2:51:16:AA:70:B6:0B:CC:E4:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a4T0opa84U1t7tJRFqpwtgvM5KQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/TkzmdKdpmagrf7kEdNjlEjiH9PY.roa
Signing time: Sun 14 Jan 2024 10:41:40 +0000
ROA not before: Sun 14 Jan 2024 10:41:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.180.60.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:90:19:8c:bc:51:b5:38:bc:25:15:2d:1e:06:32:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b84f4a296bce14d6deed25116aa70b60bcce4a4
Validity
Not Before: Jan 14 10:41:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e4ce674a76999a82b7fb90474d8e5123887f4f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bd:ac:72:2a:51:75:27:f2:ce:0d:f5:68:09:
a3:38:08:88:fe:4c:e3:e0:1f:5d:6b:8e:1e:a4:7a:
8f:7f:b8:1a:e2:c3:84:42:dd:9b:cf:27:80:f8:10:
ea:d9:14:04:dc:f9:1e:0d:b2:6c:f5:a3:62:b9:0a:
a1:18:a9:9b:57:69:6f:11:a8:75:8f:82:8a:d6:64:
ab:42:51:95:4f:a3:2f:27:8c:94:71:27:b3:02:dd:
ff:ce:06:68:66:90:66:ba:a6:09:df:8d:aa:63:ed:
06:b4:a4:11:d5:ad:92:25:a5:66:e4:54:43:5e:95:
58:80:66:94:46:a7:53:49:6b:a8:7d:c8:d7:9a:ef:
cb:ba:fa:53:4c:0b:f6:ff:f0:f6:c6:40:19:c1:67:
2a:86:08:40:34:2a:89:b1:34:16:fa:db:dc:a9:4d:
d2:12:49:41:e1:91:96:1a:a2:c9:e5:dc:17:f2:f6:
b6:8a:06:52:b6:00:d9:b8:65:d8:38:6c:2a:b0:47:
03:e9:2c:46:2d:0a:d2:ae:be:d6:5b:99:25:07:70:
73:cb:fc:1d:fc:3f:47:b4:e2:b2:47:90:c4:d4:32:
4d:ce:86:fd:61:0e:90:fc:6e:f3:3c:22:61:55:97:
ce:c9:3d:33:78:61:33:fa:f4:14:20:e9:dc:52:cd:
8e:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:4C:E6:74:A7:69:99:A8:2B:7F:B9:04:74:D8:E5:12:38:87:F4:F6
X509v3 Authority Key Identifier:
keyid:6B:84:F4:A2:96:BC:E1:4D:6D:EE:D2:51:16:AA:70:B6:0B:CC:E4:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4T0opa84U1t7tJRFqpwtgvM5KQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/TkzmdKdpmagrf7kEdNjlEjiH9PY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/844fd9-fef1-44d9-a6c9-14fab0244948/1/a4T0opa84U1t7tJRFqpwtgvM5KQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.180.60.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:be:1e:ba:cb:88:ae:24:1b:73:8b:67:d5:b5:b1:e3:53:12:
3b:f1:5f:3e:55:5a:be:c1:80:46:f7:a3:f4:62:b2:21:c8:dc:
cf:90:bb:bd:02:8e:20:d3:5f:bd:ea:48:7e:e8:93:35:40:59:
b5:5c:6c:1f:8e:75:76:a7:a7:f1:fd:6c:13:f9:9e:2e:ad:fc:
49:32:a2:77:74:b8:7a:d6:e1:22:cb:48:e3:d0:76:f6:32:0b:
c2:88:42:da:4f:1d:72:c5:43:95:14:c0:fe:50:a5:59:e9:4b:
b1:8f:3f:97:8c:cd:de:16:29:3e:01:a8:d8:f4:73:c8:60:a1:
29:80:3a:e8:a3:34:b8:2f:93:75:8c:53:24:1b:64:28:8c:9e:
00:03:d3:00:c9:0e:fa:4a:9f:49:cf:0b:2e:bb:ec:03:45:4e:
30:60:d7:6f:f6:11:13:37:a5:ec:82:d8:d2:00:98:91:69:7b:
b9:a1:2e:25:bf:00:0f:98:d5:af:1e:1b:f7:af:6d:4d:72:32:
4b:cb:26:11:94:80:cd:1b:f0:a0:0b:5e:39:34:54:40:33:02:
52:d2:3f:bd:66:c3:86:a7:fd:80:36:21:42:44:e3:a8:d1:ae:
d1:d9:44:f1:d0:71:fe:c2:83:99:69:95:8b:5b:cb:18:10:49:
c7:40:5a:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0HkBmMvFG1OLwlFS0eBjJIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiODRmNGEyOTZiY2UxNGQ2ZGVlZDI1MTE2YWE3MGI2MGJj
Y2U0YTQwHhcNMjQwMTE0MTA0MTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTRjZTY3NGE3Njk5OWE4MmI3ZmI5MDQ3NGQ4ZTUxMjM4ODdmNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi72scipRdSfyzg31aAmjOAiI/kzj
4B9da44epHqPf7ga4sOEQt2bzyeA+BDq2RQE3PkeDbJs9aNiuQqhGKmbV2lvEah1
j4KK1mSrQlGVT6MvJ4yUcSezAt3/zgZoZpBmuqYJ342qY+0GtKQR1a2SJaVm5FRD
XpVYgGaURqdTSWuofcjXmu/LuvpTTAv2//D2xkAZwWcqhghANCqJsTQW+tvcqU3S
EklB4ZGWGqLJ5dwX8va2igZStgDZuGXYOGwqsEcD6SxGLQrSrr7WW5klB3Bzy/wd
/D9HtOKyR5DE1DJNzob9YQ6Q/G7zPCJhVZfOyT0zeGEz+vQUIOncUs2OqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5M5nSnaZmoK3+5BHTY5RI4h/T2MB8GA1UdIwQY
MBaAFGuE9KKWvOFNbe7SURaqcLYLzOSkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTRUMG9wYTg0VTF0N3RKUkZxcHd0Z3ZNNUtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NDRmZDktZmVmMS00NGQ5LWE2Yzkt
MTRmYWIwMjQ0OTQ4LzEvVGt6bWRLZHBtYWdyZjdrRWROamxFamlIOVBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NDRmZDktZmVmMS00NGQ5LWE2YzktMTRmYWIwMjQ0OTQ4
LzEvYTRUMG9wYTg0VTF0N3RKUkZxcHd0Z3ZNNUtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCubQ8MA0G
CSqGSIb3DQEBCwUAA4IBAQAfvh66y4iuJBtzi2fVtbHjUxI78V8+VVq+wYBG96P0
YrIhyNzPkLu9Ao4g01+96kh+6JM1QFm1XGwfjnV2p6fx/WwT+Z4urfxJMqJ3dLh6
1uEiy0jj0Hb2MgvCiELaTx1yxUOVFMD+UKVZ6Uuxjz+XjM3eFik+AajY9HPIYKEp
gDroozS4L5N1jFMkG2QojJ4AA9MAyQ76Sp9Jzwsuu+wDRU4wYNdv9hETN6XsgtjS
AJiRaXu5oS4lvwAPmNWvHhv3r21NcjJLyyYRlIDNG/CgC145NFRAMwJS0j+9ZsOG
p/2ANiFCROOo0a7R2UTx0HH+woOZaZWLW8sYEEnHQFoC
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:53 2025 by rpki-client