Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/TlUV7vMtKlaoVZyIH2_6SBQMfd4.roa
File: TlUV7vMtKlaoVZyIH2_6SBQMfd4.roa (raw, json)
Hash identifier: QLoi2FJm4J5R9l5OU4tANts2v3lt/2CiT9DCGMmn9Lo=
Subject key identifier: 4E:55:15:EE:F3:2D:2A:56:A8:55:9C:88:1F:6F:FA:48:14:0C:7D:DE
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 01945034A5DA37EB689725735026D4DFB1D4
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/TlUV7vMtKlaoVZyIH2_6SBQMfd4.roa
Signing time: Fri 10 Jan 2025 12:33:35 +0000
ROA not before: Fri 10 Jan 2025 12:33:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 217.25.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 Jan 2025 20:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:34:a5:da:37:eb:68:97:25:73:50:26:d4:df:b1:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Jan 10 12:33:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e5515eef32d2a56a8559c881f6ffa48140c7dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ea:84:79:c0:d8:77:dc:d2:c1:7c:3d:08:bc:
b8:8b:6c:73:e0:7f:db:7d:8a:52:ba:8d:be:bd:0f:
9b:9c:88:34:40:c2:22:de:8f:f0:ad:45:f4:d3:59:
54:65:68:62:3c:bd:87:f1:03:1c:6f:f1:66:97:ea:
6f:27:ca:cd:82:7d:66:aa:85:15:92:59:84:e5:56:
15:bf:a6:a6:83:76:68:11:1a:05:4f:7d:10:67:48:
2d:a0:78:81:4b:45:3b:ab:33:9d:fe:e3:e0:75:ec:
23:a3:eb:0b:a9:1e:bd:44:07:0c:d3:9b:ae:ad:3b:
05:1f:fa:ea:f4:46:08:7c:01:77:bc:90:9e:6d:2e:
c7:05:39:1c:8a:ab:6b:38:27:7d:55:94:81:80:fd:
fd:e1:05:82:c2:0e:ac:ea:fc:0b:35:af:b8:1c:d4:
e5:35:67:8e:30:8b:e2:c0:3e:37:e1:23:f5:04:d4:
39:87:69:26:b6:d6:e5:6d:dd:ac:71:04:1d:51:8a:
d6:14:16:28:59:68:8a:56:6f:29:bb:54:50:70:93:
ca:40:7d:ce:95:8b:13:af:11:88:79:df:ad:08:35:
3c:60:f6:d5:cd:e5:0f:35:27:85:6c:27:f7:8c:44:
e5:7f:82:4e:73:3e:db:1a:63:1e:3c:5b:c3:e3:cd:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:55:15:EE:F3:2D:2A:56:A8:55:9C:88:1F:6F:FA:48:14:0C:7D:DE
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/TlUV7vMtKlaoVZyIH2_6SBQMfd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.25.12.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:ea:ea:cd:b7:9a:53:5f:4e:b1:39:af:e7:e0:da:06:3b:57:
ce:e0:20:31:ff:f2:38:0a:53:b1:89:3a:1f:b8:5c:ae:a3:43:
1b:1d:c0:f6:f2:cf:6f:31:27:f8:8b:69:f2:cd:f4:55:4c:71:
96:72:86:6b:47:2b:7d:91:33:eb:93:ec:6b:0e:c3:00:60:0f:
b0:88:1f:21:78:d1:87:ce:3c:be:3b:b9:6c:f7:13:ed:05:0d:
05:22:0c:5e:2f:45:8f:79:56:d7:82:8e:28:4f:5e:93:a4:68:
63:4e:6b:fe:a6:a7:61:05:c1:cb:7d:ad:54:ee:54:75:94:c7:
00:94:4b:67:b9:7a:53:4a:22:c7:e6:53:14:89:c2:99:b5:09:
25:b0:ae:e4:25:7e:45:da:dc:b0:6e:94:b7:b4:8f:55:51:cb:
8c:c1:61:15:79:cf:4b:25:b4:4e:b3:6d:dc:d7:7d:b5:3c:96:
ca:4f:a5:07:5e:35:9f:66:e2:7c:f0:54:c6:50:e1:d0:d5:7a:
10:94:51:ea:1b:ac:1e:76:c8:dc:fc:a9:03:18:8c:14:1a:eb:
e6:92:8b:64:e0:69:08:0e:e3:15:c7:27:58:89:ee:81:4d:27:
76:48:9a:1d:ce:71:0d:56:f7:07:eb:6b:6d:ec:5b:1d:34:ab:
a7:60:bd:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRQNKXaN+tolyVzUCbU37HUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwMTEwMTIzMzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTU1MTVlZWYzMmQyYTU2YTg1NTljODgxZjZmZmE0ODE0MGM3ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAteqEecDYd9zSwXw9CLy4i2xz4H/b
fYpSuo2+vQ+bnIg0QMIi3o/wrUX001lUZWhiPL2H8QMcb/Fml+pvJ8rNgn1mqoUV
klmE5VYVv6amg3ZoERoFT30QZ0gtoHiBS0U7qzOd/uPgdewjo+sLqR69RAcM05uu
rTsFH/rq9EYIfAF3vJCebS7HBTkciqtrOCd9VZSBgP394QWCwg6s6vwLNa+4HNTl
NWeOMIviwD434SP1BNQ5h2kmttblbd2scQQdUYrWFBYoWWiKVm8pu1RQcJPKQH3O
lYsTrxGIed+tCDU8YPbVzeUPNSeFbCf3jETlf4JOcz7bGmMePFvD481f2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5VFe7zLSpWqFWciB9v+kgUDH3eMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvVGxVVjd2TXRLbGFvVlp5SUgyXzZTQlFNZmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2RkMMA0G
CSqGSIb3DQEBCwUAA4IBAQCN6urNt5pTX06xOa/n4NoGO1fO4CAx//I4ClOxiTof
uFyuo0MbHcD28s9vMSf4i2nyzfRVTHGWcoZrRyt9kTPrk+xrDsMAYA+wiB8heNGH
zjy+O7ls9xPtBQ0FIgxeL0WPeVbXgo4oT16TpGhjTmv+pqdhBcHLfa1U7lR1lMcA
lEtnuXpTSiLH5lMUicKZtQklsK7kJX5F2tywbpS3tI9VUcuMwWEVec9LJbROs23c
1321PJbKT6UHXjWfZuJ88FTGUOHQ1XoQlFHqG6wedsjc/KkDGIwUGuvmkotk4GkI
DuMVxydYie6BTSd2SJodznENVvcH62tt7FsdNKunYL0t
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:03:02 2025 by rpki-client