Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/tzibh-Ay2YFxRWkFrkcM6lguEqg.roa
File: tzibh-Ay2YFxRWkFrkcM6lguEqg.roa (raw, json)
Hash identifier: fgRWBEWsjZexSdEFfch7QJ9Raz8uqwQ32y4uOLUc/gc=
Subject key identifier: B7:38:9B:87:E0:32:D9:81:71:45:69:05:AE:47:0C:EA:58:2E:12:A8
Certificate issuer: /CN=c4b1b458abf797dedcc661e54a685f651834b5d1
Certificate serial: 018CC8DED8FFC8859C248D923FA4E0EE3DAA
Authority key identifier: C4:B1:B4:58:AB:F7:97:DE:DC:C6:61:E5:4A:68:5F:65:18:34:B5:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xLG0WKv3l97cxmHlSmhfZRg0tdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/tzibh-Ay2YFxRWkFrkcM6lguEqg.roa
Signing time: Tue 02 Jan 2024 06:31:36 +0000
ROA not before: Tue 02 Jan 2024 06:31:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41685
IP address blocks: 78.25.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:d8:ff:c8:85:9c:24:8d:92:3f:a4:e0:ee:3d:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c4b1b458abf797dedcc661e54a685f651834b5d1
Validity
Not Before: Jan 2 06:31:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7389b87e032d98171456905ae470cea582e12a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:35:2e:c2:fe:ce:bb:32:0d:3c:c4:c7:06:51:
33:9f:c7:b3:3a:61:64:e0:f9:49:60:72:c1:c3:e7:
19:2b:ea:3c:8f:63:75:2b:c6:62:7b:8f:fc:e1:dc:
87:47:24:0d:b9:fb:ef:3e:00:50:46:02:cf:da:1b:
bc:4d:57:3e:cd:e6:e6:79:ba:50:16:0c:4c:73:aa:
49:8f:43:6a:88:f0:c8:29:f0:44:7c:de:3e:a6:11:
34:1e:49:31:5a:81:68:13:e2:5b:7e:50:a0:b2:a6:
1d:06:9f:f1:c1:bb:8f:ff:78:c5:5c:29:ec:1e:33:
87:36:76:cf:dc:26:d0:c3:31:32:b3:50:d1:2c:82:
5f:da:60:70:03:ac:ce:04:42:f6:94:2e:c2:16:f3:
bc:ec:20:ef:ae:70:89:f5:69:7a:4f:58:0e:b9:f9:
f7:8d:66:67:7b:25:66:df:e6:d9:39:47:0f:25:8f:
72:93:85:8e:53:dd:42:e8:de:23:1d:bc:f1:0c:47:
b4:c2:88:cc:55:31:7f:8d:90:06:fa:f2:8e:a2:0c:
93:50:6e:bc:16:7f:aa:90:1b:5b:fa:1e:9f:65:dd:
8f:2d:0c:84:17:25:5a:de:b4:84:db:5e:e0:16:92:
c7:b8:93:8d:a7:e5:00:6c:fd:af:11:ec:9d:c2:31:
85:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:38:9B:87:E0:32:D9:81:71:45:69:05:AE:47:0C:EA:58:2E:12:A8
X509v3 Authority Key Identifier:
keyid:C4:B1:B4:58:AB:F7:97:DE:DC:C6:61:E5:4A:68:5F:65:18:34:B5:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xLG0WKv3l97cxmHlSmhfZRg0tdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/tzibh-Ay2YFxRWkFrkcM6lguEqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/260e24-2040-4a5c-92cf-ec58a3125ee5/1/xLG0WKv3l97cxmHlSmhfZRg0tdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.25.1.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:06:5b:4d:04:b3:8c:68:e8:4c:db:bb:c7:17:c6:5b:47:e9:
47:9a:de:cd:04:31:f7:b1:25:0e:40:0a:18:ef:da:73:9b:3c:
3f:71:75:ac:be:10:18:36:9a:8c:1d:27:79:a9:c3:56:80:ef:
86:a2:f6:cf:44:35:a8:00:1f:90:2a:64:fe:39:45:c9:fb:86:
22:61:d5:c4:4c:12:3e:96:b9:0d:7d:ed:9f:13:7f:95:71:7d:
1f:82:bc:d7:ff:d9:35:b6:a1:d2:a5:9b:9c:2c:15:f1:4f:84:
ea:f8:b9:fc:00:75:db:a8:51:60:55:b8:df:1d:7f:ae:8b:a6:
18:6a:e8:5e:fe:ed:71:af:36:51:a4:15:5c:93:05:9c:4a:78:
c0:d6:77:1d:87:49:62:e4:de:03:ad:ee:58:e6:a9:e1:88:3c:
5d:42:eb:9c:e2:b6:0c:10:30:a6:16:1b:a9:0b:d1:b5:fb:2c:
28:68:7b:08:d2:59:b0:26:be:19:c1:32:c4:66:43:a2:47:f3:
4e:eb:c0:28:b4:40:ea:a5:ba:00:5c:86:b9:37:d5:88:cb:5d:
05:f4:ea:ec:ec:6d:c1:79:17:9c:74:de:e9:94:58:ff:a9:e0:
22:84:2a:6d:a3:bd:90:56:2e:58:80:bb:c7:f5:b1:c7:4e:be:
97:e5:64:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3tj/yIWcJI2SP6Tg7j2qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0YjFiNDU4YWJmNzk3ZGVkY2M2NjFlNTRhNjg1ZjY1MTgz
NGI1ZDEwHhcNMjQwMTAyMDYzMTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzM4OWI4N2UwMzJkOTgxNzE0NTY5MDVhZTQ3MGNlYTU4MmUxMmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDUuwv7OuzINPMTHBlEzn8ezOmFk
4PlJYHLBw+cZK+o8j2N1K8Zie4/84dyHRyQNufvvPgBQRgLP2hu8TVc+zebmebpQ
FgxMc6pJj0NqiPDIKfBEfN4+phE0HkkxWoFoE+JbflCgsqYdBp/xwbuP/3jFXCns
HjOHNnbP3CbQwzEys1DRLIJf2mBwA6zOBEL2lC7CFvO87CDvrnCJ9Wl6T1gOufn3
jWZneyVm3+bZOUcPJY9yk4WOU91C6N4jHbzxDEe0wojMVTF/jZAG+vKOogyTUG68
Fn+qkBtb+h6fZd2PLQyEFyVa3rSE217gFpLHuJONp+UAbP2vEeydwjGFEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLc4m4fgMtmBcUVpBa5HDOpYLhKoMB8GA1UdIwQY
MBaAFMSxtFir95fe3MZh5UpoX2UYNLXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveExHMFdLdjNsOTdjeG1IbFNtaGZaUmcwdGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8yNjBlMjQtMjA0MC00YTVjLTkyY2Yt
ZWM1OGEzMTI1ZWU1LzEvdHppYmgtQXkyWUZ4UldrRnJrY002bGd1RXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8yNjBlMjQtMjA0MC00YTVjLTkyY2YtZWM1OGEzMTI1ZWU1
LzEveExHMFdLdjNsOTdjeG1IbFNtaGZaUmcwdGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAThkBMA0G
CSqGSIb3DQEBCwUAA4IBAQAvBltNBLOMaOhM27vHF8ZbR+lHmt7NBDH3sSUOQAoY
79pzmzw/cXWsvhAYNpqMHSd5qcNWgO+GovbPRDWoAB+QKmT+OUXJ+4YiYdXETBI+
lrkNfe2fE3+VcX0fgrzX/9k1tqHSpZucLBXxT4Tq+Ln8AHXbqFFgVbjfHX+ui6YY
auhe/u1xrzZRpBVckwWcSnjA1ncdh0li5N4Dre5Y5qnhiDxdQuuc4rYMEDCmFhup
C9G1+ywoaHsI0lmwJr4ZwTLEZkOiR/NO68AotEDqpboAXIa5N9WIy10F9Ors7G3B
eRecdN7plFj/qeAihCpto72QVi5YgLvH9bHHTr6X5WTf
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:21:36 2025 by rpki-client