Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/tFLBMH4XurGHSc29IFzCov8oJ1s.roa
File: tFLBMH4XurGHSc29IFzCov8oJ1s.roa (raw, json)
Hash identifier: DLZBxJyrI81yH45saXHuQ5zfsIEJ4wl7R8h/VGfzd+E=
Subject key identifier: B4:52:C1:30:7E:17:BA:B1:87:49:CD:BD:20:5C:C2:A2:FF:28:27:5B
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 0194073DD0D2A65B45B753095F19E89B645B
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/tFLBMH4XurGHSc29IFzCov8oJ1s.roa
Signing time: Fri 27 Dec 2024 08:31:19 +0000
ROA not before: Fri 27 Dec 2024 08:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59432
IP address blocks: 194.143.209.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.20.0/24 maxlen: 24
213.220.58.0/24 maxlen: 24
213.220.59.0/24 maxlen: 24
213.220.60.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:3d:d0:d2:a6:5b:45:b7:53:09:5f:19:e8:9b:64:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Dec 27 08:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b452c1307e17bab18749cdbd205cc2a2ff28275b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d7:d8:d3:37:fd:55:52:c7:79:84:bf:18:9b:
b3:c6:cd:49:6a:a9:d8:bd:87:8d:d6:30:c3:7a:46:
1e:28:94:66:81:dd:7f:ff:37:eb:13:bf:21:fb:55:
3e:d1:6b:86:e3:6a:a8:f5:fb:5a:db:21:b1:c6:23:
d9:0e:c1:ac:13:63:e2:fb:62:65:5a:45:b5:ea:04:
34:d5:2f:54:80:d2:c5:2b:4b:63:a5:4e:a2:4e:de:
e5:ca:ae:a1:60:f9:e9:3b:9d:35:74:b6:92:87:dc:
8d:45:d5:fc:f3:c2:13:99:19:6a:43:26:22:a3:76:
a9:53:75:38:c3:aa:89:c9:90:ce:ff:e2:33:f8:ec:
ea:c0:a5:ad:fa:e6:cf:1f:5b:f1:20:a1:a9:de:19:
68:b6:76:0f:86:7c:f3:29:d1:b3:84:81:cd:3e:4b:
86:0d:8f:27:a0:1d:46:be:c8:f6:ed:8f:0b:8d:ca:
a0:f6:bf:3a:37:00:d9:0b:0b:0f:57:5d:d0:3c:c5:
0c:48:ef:8f:a7:c6:3e:20:a4:96:80:62:83:32:3f:
50:2e:ac:ab:94:57:6b:db:6c:e3:2a:23:8f:00:89:
77:b3:61:b0:12:d3:27:e5:9c:80:9e:d5:c2:e2:a5:
fa:85:dd:fe:bf:1a:1b:bb:20:37:18:95:b2:f4:30:
ab:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:52:C1:30:7E:17:BA:B1:87:49:CD:BD:20:5C:C2:A2:FF:28:27:5B
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/tFLBMH4XurGHSc29IFzCov8oJ1s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.143.209.0/24
195.114.192.0/24
195.114.198.0/24
195.114.205.0/24
213.220.20.0/24
213.220.58.0-213.220.60.255
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
58:23:9e:b2:2f:88:f7:14:c9:38:52:6d:8d:aa:11:e0:01:c9:
64:49:92:b6:d6:e9:68:39:3c:94:a9:ac:0f:79:14:41:36:f6:
54:3f:a3:fd:50:89:83:f8:cf:25:e7:6e:0a:24:24:8d:c3:65:
49:06:32:e2:fc:f9:75:dd:bc:92:98:c1:5d:26:2c:fb:df:46:
a9:80:ea:ce:ff:3f:3c:76:55:29:4f:b0:ef:39:f8:2b:fc:ff:
bc:6d:fc:94:d7:b9:8e:24:97:03:cb:b9:46:f4:cd:cc:a1:de:
9b:fa:0b:44:70:02:63:81:9f:fa:5d:7e:98:d4:23:d0:3f:c4:
cb:67:f2:62:30:31:4a:ee:b7:fe:ad:e9:a6:10:a7:fb:ad:c7:
fd:9f:b4:60:a3:c5:33:3f:70:55:c6:63:82:10:b2:7d:b8:15:
49:83:55:37:bd:79:1d:a4:c8:ee:b9:f4:d1:01:cd:8c:97:b0:
66:f9:c9:74:11:49:ac:85:db:f6:cf:5c:9d:72:4a:57:9d:44:
13:43:6e:bd:38:de:92:c5:94:6e:00:63:19:ab:78:dc:6d:83:
1d:d2:c6:9f:cd:f4:80:cd:b9:27:91:d1:67:de:65:0a:4b:53:
f2:52:b3:f1:9c:13:c4:de:46:e0:7e:d3:2d:ca:ce:b6:69:8a:
a0:b5:c1:5a
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQHPdDSpltFt1MJXxnom2RbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQxMjI3MDgzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDUyYzEzMDdlMTdiYWIxODc0OWNkYmQyMDVjYzJhMmZmMjgyNzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9fY0zf9VVLHeYS/GJuzxs1JaqnY
vYeN1jDDekYeKJRmgd1//zfrE78h+1U+0WuG42qo9fta2yGxxiPZDsGsE2Pi+2Jl
WkW16gQ01S9UgNLFK0tjpU6iTt7lyq6hYPnpO501dLaSh9yNRdX888ITmRlqQyYi
o3apU3U4w6qJyZDO/+Iz+OzqwKWt+ubPH1vxIKGp3hlotnYPhnzzKdGzhIHNPkuG
DY8noB1Gvsj27Y8Ljcqg9r86NwDZCwsPV13QPMUMSO+Pp8Y+IKSWgGKDMj9QLqyr
lFdr22zjKiOPAIl3s2GwEtMn5ZyAntXC4qX6hd3+vxobuyA3GJWy9DCrVwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFLRSwTB+F7qxh0nNvSBcwqL/KCdbMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvdEZMQk1INFh1ckdIU2MyOUlGekNvdjhvSjFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAwo/RAwQA
w3LAAwQAw3LGAwQAw3LNAwQA1dwUMAwDBAHV3DoDBADV3DwDBADV3D4wDQYJKoZI
hvcNAQELBQADggEBAFgjnrIviPcUyThSbY2qEeAByWRJkrbW6Wg5PJSprA95FEE2
9lQ/o/1QiYP4zyXnbgokJI3DZUkGMuL8+XXdvJKYwV0mLPvfRqmA6s7/Pzx2VSlP
sO85+Cv8/7xt/JTXuY4klwPLuUb0zcyh3pv6C0RwAmOBn/pdfpjUI9A/xMtn8mIw
MUrut/6t6aYQp/utx/2ftGCjxTM/cFXGY4IQsn24FUmDVTe9eR2kyO659NEBzYyX
sGb5yXQRSayF2/bPXJ1ySledRBNDbr043pLFlG4AYxmreNxtgx3Sxp/N9IDNuSeR
0WfeZQpLU/JSs/GcE8TeRuB+0y3KzrZpiqC1wVo=
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:11:19 2025 by rpki-client