Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/TDc3ka2Fo9WXXgLcWaRVKMtDe7M.roa
File: TDc3ka2Fo9WXXgLcWaRVKMtDe7M.roa (raw, json)
Hash identifier: XuUGCHDfsDaIIJ4p0JTh4kMQ7xk4pd2p+mpv+2wgLCU=
Subject key identifier: 4C:37:37:91:AD:85:A3:D5:97:5E:02:DC:59:A4:55:28:CB:43:7B:B3
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018F15E00244E45401E917B461A8954148CF
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/TDc3ka2Fo9WXXgLcWaRVKMtDe7M.roa
Signing time: Thu 25 Apr 2024 15:29:13 +0000
ROA not before: Thu 25 Apr 2024 15:29:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52053
IP address blocks: 185.255.112.0/24 maxlen: 24
192.144.34.0/24 maxlen: 24
193.38.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 26 Apr 2024 14:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:e0:02:44:e4:54:01:e9:17:b4:61:a8:95:41:48:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Apr 25 15:29:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c373791ad85a3d5975e02dc59a45528cb437bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:80:4b:f0:3b:93:ec:ef:23:83:0d:3f:a1:9f:
9e:15:98:e8:07:8d:f9:d7:35:57:30:45:29:c7:2f:
2b:ba:22:59:01:65:1e:14:89:da:6b:c1:32:94:5e:
46:6f:d7:19:90:ed:b2:0c:f7:6e:09:58:b4:81:06:
90:8e:d0:8d:96:06:c6:a0:f9:1a:05:77:d6:0a:f7:
3e:c5:bd:4c:2f:b7:b0:61:53:d1:78:67:aa:de:82:
6e:c0:5a:91:af:f1:04:54:f9:36:b6:b7:90:64:c0:
41:a6:c6:40:09:d9:d0:fd:64:1c:16:94:7c:84:b8:
03:49:e0:2c:c8:11:4a:2f:c2:6d:49:41:a8:fa:1f:
01:63:2b:8f:ff:38:de:5b:d1:e2:8b:b0:a2:2a:9a:
96:f6:16:a9:32:90:42:31:85:e0:74:7a:a1:bf:d9:
20:2f:84:15:50:8a:4d:c4:6f:d8:d6:99:74:20:c8:
c4:db:fc:2e:d5:40:39:df:71:7b:d4:ba:6f:e8:46:
fc:81:c4:c3:43:fa:a5:82:32:a3:d4:8d:8a:d2:39:
24:b0:a6:27:13:82:35:52:ea:35:53:c0:79:38:db:
cd:ab:45:24:ba:21:52:9f:8a:11:91:b8:9e:e2:46:
94:b9:cb:0b:87:3c:99:89:b8:40:bb:f4:ba:af:d7:
1c:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:37:37:91:AD:85:A3:D5:97:5E:02:DC:59:A4:55:28:CB:43:7B:B3
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/TDc3ka2Fo9WXXgLcWaRVKMtDe7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.255.112.0/24
192.144.34.0/24
193.38.250.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:8e:80:eb:8d:4e:e4:bb:e7:df:4f:3d:16:e1:91:7e:b8:6c:
f2:75:79:23:2e:3b:b2:e5:a2:0c:8d:d5:1a:ee:34:66:7c:07:
c2:91:c6:5a:91:88:5b:d1:8a:d3:56:6d:5c:78:28:c4:52:18:
a7:89:f4:19:cb:b2:34:0c:c3:14:a2:39:32:48:66:79:28:63:
a8:ed:bc:b5:8d:0c:ab:13:19:01:97:ac:9c:e2:ea:da:dc:ec:
ff:da:8a:21:34:4b:9a:1e:d8:1c:03:fe:df:bd:5a:37:8e:6c:
82:01:48:a3:27:4f:29:81:ef:82:54:b3:bf:ad:32:45:a6:22:
ed:39:9c:09:8c:5c:b6:db:32:6f:07:7d:2d:0b:2d:3e:7f:51:
a6:e2:d3:9b:e4:fa:b1:a9:d3:1b:73:56:3f:b7:ef:14:9e:28:
63:1e:e5:62:6c:a3:6e:c0:e4:32:34:8e:d4:2a:0c:c2:f2:03:
54:09:1a:37:51:08:42:09:45:de:e4:2e:ae:e5:01:ef:df:af:
75:3f:d5:74:a0:9f:1c:5c:4e:d8:fe:28:cc:85:00:85:07:ac:
42:36:9b:7c:12:8d:04:28:1c:63:28:a2:ac:e0:93:b1:76:97:
87:ca:22:85:69:8d:c9:c3:4b:0d:da:34:90:ee:48:07:ad:44:
5e:a8:40:48
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8V4AJE5FQB6Re0YaiVQUjPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNDI1MTUyOTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzM3Mzc5MWFkODVhM2Q1OTc1ZTAyZGM1OWE0NTUyOGNiNDM3YmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjIBL8DuT7O8jgw0/oZ+eFZjoB435
1zVXMEUpxy8ruiJZAWUeFInaa8EylF5Gb9cZkO2yDPduCVi0gQaQjtCNlgbGoPka
BXfWCvc+xb1ML7ewYVPReGeq3oJuwFqRr/EEVPk2treQZMBBpsZACdnQ/WQcFpR8
hLgDSeAsyBFKL8JtSUGo+h8BYyuP/zjeW9Hii7CiKpqW9hapMpBCMYXgdHqhv9kg
L4QVUIpNxG/Y1pl0IMjE2/wu1UA533F71Lpv6Eb8gcTDQ/qlgjKj1I2K0jkksKYn
E4I1Uuo1U8B5ONvNq0UkuiFSn4oRkbie4kaUucsLhzyZibhAu/S6r9ccUwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEw3N5GthaPVl14C3FmkVSjLQ3uzMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvVERjM2thMkZvOVdYWGdMY1dhUlZLTXREZTdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuf9wAwQA
wJAiAwQAwSb6MA0GCSqGSIb3DQEBCwUAA4IBAQAejoDrjU7ku+ffTz0W4ZF+uGzy
dXkjLjuy5aIMjdUa7jRmfAfCkcZakYhb0YrTVm1ceCjEUhinifQZy7I0DMMUojky
SGZ5KGOo7by1jQyrExkBl6yc4ura3Oz/2oohNEuaHtgcA/7fvVo3jmyCAUijJ08p
ge+CVLO/rTJFpiLtOZwJjFy22zJvB30tCy0+f1Gm4tOb5PqxqdMbc1Y/t+8Unihj
HuVibKNuwOQyNI7UKgzC8gNUCRo3UQhCCUXe5C6u5QHv3691P9V0oJ8cXE7Y/ijM
hQCFB6xCNpt8Eo0EKBxjKKKs4JOxdpeHyiKFaY3Jw0sN2jSQ7kgHrUReqEBI
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:31:27 2025 by rpki-client