Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/CTsLMxKtd4nTsrax3wxxXl6Gqw4.roa
File: CTsLMxKtd4nTsrax3wxxXl6Gqw4.roa (raw, json)
Hash identifier: AdhlkssLcS2VcbBcvou/o1WZpGIeELsxaLqm4ZjfLio=
Subject key identifier: 09:3B:0B:33:12:AD:77:89:D3:B2:B6:B1:DF:0C:71:5E:5E:86:AB:0E
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 018CC64ADBD5C1C56F8684CF52E115830E1D
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/CTsLMxKtd4nTsrax3wxxXl6Gqw4.roa
Signing time: Mon 01 Jan 2024 18:30:43 +0000
ROA not before: Mon 01 Jan 2024 18:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24679
IP address blocks: 5.1.69.0/24 maxlen: 24
5.1.68.0/24 maxlen: 24
5.1.83.0/24 maxlen: 24
5.1.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:db:d5:c1:c5:6f:86:84:cf:52:e1:15:83:0e:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 18:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=093b0b3312ad7789d3b2b6b1df0c715e5e86ab0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:62:cc:e7:6c:96:80:42:44:ad:ca:7c:06:23:
c6:33:f9:2d:5f:fa:99:a4:f5:d6:65:b2:d5:00:90:
56:80:35:d6:a6:dc:82:1f:23:c9:7e:13:f1:56:51:
88:4a:18:e2:10:58:62:bb:01:16:6f:92:24:63:3c:
e8:6b:d5:fb:12:85:08:ef:1e:dc:9d:6f:73:9a:67:
d7:ab:0f:4f:0e:87:cb:be:47:c6:63:08:ee:b8:97:
bb:6f:c7:3b:9f:b2:13:2e:83:0c:86:b9:91:3a:5a:
f8:46:b5:4c:6b:a2:43:74:f0:58:0f:cf:e4:ee:db:
66:af:f1:23:25:05:0d:4e:76:fa:ed:8b:7d:33:6f:
9b:27:d8:91:94:50:44:d5:3f:fa:ae:94:a6:16:32:
94:ff:de:db:44:bb:f8:c5:2f:43:2c:e1:6d:f4:00:
12:14:9c:80:59:50:24:d3:51:21:7c:55:e6:3b:dc:
32:81:98:31:f4:3e:9c:8b:d2:4c:69:2a:8c:41:9a:
1d:31:63:9c:92:9d:db:13:97:02:f4:1c:0a:86:94:
31:92:4a:b3:ca:8b:fd:55:fb:af:00:53:e1:50:6e:
9f:f7:f0:59:e1:0f:cb:db:d1:a4:95:39:f9:34:c6:
a9:8e:51:44:9e:19:8e:2e:0e:70:5c:0e:24:01:e9:
bf:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:3B:0B:33:12:AD:77:89:D3:B2:B6:B1:DF:0C:71:5E:5E:86:AB:0E
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/CTsLMxKtd4nTsrax3wxxXl6Gqw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.68.0/23
5.1.83.0/24
5.1.88.0/24
Signature Algorithm: sha256WithRSAEncryption
40:ae:5c:08:a8:96:04:70:47:d0:3b:b8:3d:89:1c:0b:14:b5:
7d:43:94:8f:49:7b:71:92:26:45:5c:28:bf:c3:e4:aa:40:43:
70:46:62:a4:86:68:97:38:60:44:4a:a5:eb:57:8d:44:f0:c4:
c9:7f:0b:e5:78:fa:bc:04:6d:c7:20:08:1c:a3:25:d6:90:a1:
17:7c:66:5f:72:46:d8:d6:fc:37:4f:4b:27:bc:1e:b1:62:f6:
79:a2:8c:87:6d:1f:12:ff:94:6b:92:7a:90:19:05:1b:43:44:
e7:f9:5c:a0:b5:20:5f:3f:e2:31:13:2e:fe:68:50:28:6f:27:
5b:31:fe:15:6b:df:93:3a:83:56:b8:d4:63:44:ad:8d:5c:de:
fc:b9:79:ad:d0:80:d9:b0:9d:6b:34:af:d6:82:5f:e5:62:08:
04:cd:56:18:8a:81:a9:f6:83:89:03:4b:33:2c:ae:57:80:d7:
8c:4d:6c:ac:9a:0b:d3:71:07:9d:47:3f:fc:31:aa:d8:4d:7b:
56:28:54:e2:e7:32:e6:05:fd:35:37:be:7f:bd:e6:d9:8a:67:
e3:39:34:40:26:12:e6:b0:44:ea:e1:ee:4e:24:91:f6:ee:00:
c7:f0:a0:c8:3c:c3:55:db:75:db:c1:5d:7a:19:09:fb:51:37:
51:f9:3c:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGStvVwcVvhoTPUuEVgw4dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwMTAxMTgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTNiMGIzMzEyYWQ3Nzg5ZDNiMmI2YjFkZjBjNzE1ZTVlODZhYjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3mLM52yWgEJErcp8BiPGM/ktX/qZ
pPXWZbLVAJBWgDXWptyCHyPJfhPxVlGIShjiEFhiuwEWb5IkYzzoa9X7EoUI7x7c
nW9zmmfXqw9PDofLvkfGYwjuuJe7b8c7n7ITLoMMhrmROlr4RrVMa6JDdPBYD8/k
7ttmr/EjJQUNTnb67Yt9M2+bJ9iRlFBE1T/6rpSmFjKU/97bRLv4xS9DLOFt9AAS
FJyAWVAk01EhfFXmO9wygZgx9D6ci9JMaSqMQZodMWOckp3bE5cC9BwKhpQxkkqz
yov9VfuvAFPhUG6f9/BZ4Q/L29GklTn5NMapjlFEnhmOLg5wXA4kAem/uQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAk7CzMSrXeJ07K2sd8McV5ehqsOMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvQ1RzTE14S3RkNG5Uc3JheDN3eHhYbDZHcXc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBQFEAwQA
BQFTAwQABQFYMA0GCSqGSIb3DQEBCwUAA4IBAQBArlwIqJYEcEfQO7g9iRwLFLV9
Q5SPSXtxkiZFXCi/w+SqQENwRmKkhmiXOGBESqXrV41E8MTJfwvlePq8BG3HIAgc
oyXWkKEXfGZfckbY1vw3T0snvB6xYvZ5ooyHbR8S/5RrknqQGQUbQ0Tn+VygtSBf
P+IxEy7+aFAobydbMf4Va9+TOoNWuNRjRK2NXN78uXmt0IDZsJ1rNK/Wgl/lYggE
zVYYioGp9oOJA0szLK5XgNeMTWysmgvTcQedRz/8MarYTXtWKFTi5zLmBf01N75/
vebZimfjOTRAJhLmsETq4e5OJJH27gDH8KDIPMNV23XbwV16GQn7UTdR+TwW
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:02:46 2025 by rpki-client