Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/TzGNdwOGiHdWQQ3oQSVDM-WAk08.roa
File: TzGNdwOGiHdWQQ3oQSVDM-WAk08.roa (raw, json)
Hash identifier: +aru/ZoGYoxzYZzASpVEb7kSR/437saPaPngsP3xS2I=
Subject key identifier: 4F:31:8D:77:03:86:88:77:56:41:0D:E8:41:25:43:33:E5:80:93:4F
Certificate issuer: /CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21
Certificate serial: 018CCA2A3E7E5638F62479BF870D0F2DF1DB
Authority key identifier: 4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/TzGNdwOGiHdWQQ3oQSVDM-WAk08.roa
Signing time: Tue 02 Jan 2024 12:33:35 +0000
ROA not before: Tue 02 Jan 2024 12:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213052
IP address blocks: 185.244.162.0/24 maxlen: 24
2a12:4440::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:3e:7e:56:38:f6:24:79:bf:87:0d:0f:2d:f1:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fa5cde524f7810d5868bc49ab0bf6621f44dc21
Validity
Not Before: Jan 2 12:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f318d770386887756410de841254333e580934f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:18:1d:60:6a:eb:91:f4:eb:a8:cb:a8:cc:39:
88:d3:93:ab:4b:2e:f3:1b:1a:95:b8:43:66:c0:f7:
86:e6:05:b3:e3:18:3b:13:48:ff:25:35:f7:3c:e8:
d4:c4:45:dd:f9:7d:86:bb:1a:12:85:df:aa:8f:7b:
2d:93:75:74:ca:e1:99:c6:61:94:b3:5f:98:6a:a4:
a0:f5:d8:8a:42:5b:81:85:42:ba:8c:90:5f:55:f9:
00:a2:25:41:d7:a8:98:4c:a6:63:4d:ad:0b:65:64:
10:13:ac:a5:e0:1d:68:24:bb:bc:b1:4d:0b:44:3a:
fe:75:98:c3:68:55:c5:df:52:85:b1:28:ce:dd:60:
6a:eb:b1:36:78:a5:ab:9f:3c:85:6c:d2:9d:7d:3e:
f7:dd:ad:46:7c:6e:87:6d:cf:2b:34:9f:5c:4f:66:
2a:d8:4a:52:a9:a9:c4:0d:0d:72:10:63:52:ce:6a:
fa:d1:03:4f:a4:9f:8f:db:8d:64:c8:fb:82:26:11:
33:6f:a7:54:a7:9a:8c:c3:35:77:6b:60:29:2e:a6:
41:28:41:a8:c8:36:a1:9c:0a:7f:a3:35:ce:fb:92:
9f:71:75:6b:7c:5e:72:3d:53:3b:7e:47:76:c3:7d:
79:4b:45:72:d0:da:61:eb:ab:b9:ce:d6:91:65:b0:
3e:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:31:8D:77:03:86:88:77:56:41:0D:E8:41:25:43:33:E5:80:93:4F
X509v3 Authority Key Identifier:
keyid:4F:A5:CD:E5:24:F7:81:0D:58:68:BC:49:AB:0B:F6:62:1F:44:DC:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/TzGNdwOGiHdWQQ3oQSVDM-WAk08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/d6088c-3110-41e1-b996-32d4ad8f56de/1/T6XN5ST3gQ1YaLxJqwv2Yh9E3CE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.162.0/24
IPv6:
2a12:4440::/32
Signature Algorithm: sha256WithRSAEncryption
4e:6b:08:06:c0:a5:49:6f:43:7c:f4:84:15:2d:f4:01:11:fd:
a6:d6:43:6f:90:3a:f1:6a:3c:46:dd:d2:af:99:08:9f:9d:2b:
d4:b3:14:e3:85:f5:fd:e0:4d:a1:58:87:4b:1e:eb:4b:d8:d3:
f5:05:83:f3:c4:65:fb:5e:b0:51:5c:51:9b:a7:54:17:0b:d3:
08:cd:e2:dc:ca:bb:a7:1e:d6:25:b0:f4:64:e0:58:0c:fc:ea:
88:47:54:1f:3d:6a:67:fa:44:29:31:d9:65:40:82:9d:09:f1:
f9:68:1e:70:ef:3a:27:78:63:6a:3c:40:60:db:23:96:a1:94:
b9:8a:ff:1c:df:80:36:45:27:9f:78:e0:51:6c:54:ae:32:de:
1b:8e:33:77:96:79:29:47:0d:eb:4d:55:0e:98:b7:3a:b4:85:
2e:c0:23:cd:ae:45:98:57:1e:d1:38:1e:c6:07:1b:e6:1f:e9:
b8:ad:d8:e9:6f:ca:37:4d:36:98:0d:d6:61:66:ca:c2:39:14:
fe:d3:66:84:46:14:00:57:76:1e:07:ef:7f:1b:7d:35:98:7a:
c0:ca:0e:a5:07:98:ea:01:fd:58:53:90:cb:8b:be:14:b4:76:
94:9c:cb:ec:d6:8d:82:7e:ff:66:8a:79:8e:a3:92:f3:f5:28:
ee:bd:44:f0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKj5+Vjj2JHm/hw0PLfHbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYTVjZGU1MjRmNzgxMGQ1ODY4YmM0OWFiMGJmNjYyMWY0
NGRjMjEwHhcNMjQwMTAyMTIzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjMxOGQ3NzAzODY4ODc3NTY0MTBkZTg0MTI1NDMzM2U1ODA5MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRgdYGrrkfTrqMuozDmI05OrSy7z
GxqVuENmwPeG5gWz4xg7E0j/JTX3POjUxEXd+X2GuxoShd+qj3stk3V0yuGZxmGU
s1+YaqSg9diKQluBhUK6jJBfVfkAoiVB16iYTKZjTa0LZWQQE6yl4B1oJLu8sU0L
RDr+dZjDaFXF31KFsSjO3WBq67E2eKWrnzyFbNKdfT733a1GfG6Hbc8rNJ9cT2Yq
2EpSqanEDQ1yEGNSzmr60QNPpJ+P241kyPuCJhEzb6dUp5qMwzV3a2ApLqZBKEGo
yDahnAp/ozXO+5KfcXVrfF5yPVM7fkd2w315S0Vy0Nph66u5ztaRZbA+cwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE8xjXcDhoh3VkEN6EElQzPlgJNPMB8GA1UdIwQY
MBaAFE+lzeUk94ENWGi8SasL9mIfRNwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYt
MzJkNGFkOGY1NmRlLzEvVHpHTmR3T0dpSGRXUVEzb1FTVkRNLVdBazA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9kNjA4OGMtMzExMC00MWUxLWI5OTYtMzJkNGFkOGY1NmRl
LzEvVDZYTjVTVDNnUTFZYUx4SnF3djJZaDlFM0NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufSiMA0E
AgACMAcDBQAqEkRAMA0GCSqGSIb3DQEBCwUAA4IBAQBOawgGwKVJb0N89IQVLfQB
Ef2m1kNvkDrxajxG3dKvmQifnSvUsxTjhfX94E2hWIdLHutL2NP1BYPzxGX7XrBR
XFGbp1QXC9MIzeLcyrunHtYlsPRk4FgM/OqIR1QfPWpn+kQpMdllQIKdCfH5aB5w
7zoneGNqPEBg2yOWoZS5iv8c34A2RSefeOBRbFSuMt4bjjN3lnkpRw3rTVUOmLc6
tIUuwCPNrkWYVx7ROB7GBxvmH+m4rdjpb8o3TTaYDdZhZsrCORT+02aERhQAV3Ye
B+9/G301mHrAyg6lB5jqAf1YU5DLi74UtHaUnMvs1o2Cfv9minmOo5Lz9SjuvUTw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:42:56 2025 by rpki-client