Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/TTTBQfMEfrEovOW4COP_cKkR-Ys.roa
File: TTTBQfMEfrEovOW4COP_cKkR-Ys.roa (raw, json)
Hash identifier: VBunDqbEBP8xdFPL2OwH7Xxvylbtk2ypsj+ZBvnTO98=
Subject key identifier: 4D:34:C1:41:F3:04:7E:B1:28:BC:E5:B8:08:E3:FF:70:A9:11:F9:8B
Certificate issuer: /CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Certificate serial: 0193063ED5A0816740896FA965B3EF0FF886
Authority key identifier: 04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/TTTBQfMEfrEovOW4COP_cKkR-Ys.roa
Signing time: Thu 07 Nov 2024 10:50:01 +0000
ROA not before: Thu 07 Nov 2024 10:50:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 82.178.33.0/24 maxlen: 24
82.178.158.0/23 maxlen: 24
134.0.216.0/21 maxlen: 24
213.202.0.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:52:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:06:3e:d5:a0:81:67:40:89:6f:a9:65:b3:ef:0f:f8:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Validity
Not Before: Nov 7 10:50:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d34c141f3047eb128bce5b808e3ff70a911f98b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:01:c5:6f:c4:6c:ac:79:13:3e:5f:be:34:36:
fc:35:39:95:42:33:9a:02:48:86:f3:ce:eb:77:e8:
d6:75:32:e5:d2:b1:4d:49:24:01:d7:e5:5c:09:f6:
bd:3d:8c:eb:29:4c:1e:91:91:5a:e2:1d:08:7f:fa:
61:52:a6:58:4d:b8:c6:c9:ea:0c:6b:35:bb:f7:4f:
4b:79:70:4f:09:c8:cb:af:97:1b:8b:a3:da:4e:51:
54:71:b9:9e:23:5b:6c:cf:53:ae:06:ca:73:d4:a6:
a3:3c:b9:03:a4:e5:cf:cb:64:29:3e:bf:84:2d:e4:
6f:93:56:7c:47:20:b1:14:60:24:4e:be:4f:9b:e9:
24:2d:88:22:6e:69:05:f4:4f:3f:e1:de:a8:18:84:
52:7e:ef:e4:88:70:80:5e:49:3c:c6:6d:61:4d:12:
93:e2:9e:fa:6a:ab:f0:ed:e7:ce:ac:0e:92:08:c8:
91:cd:07:7c:b9:b3:2b:09:58:05:2e:9c:ef:65:45:
0b:44:bd:58:cd:cc:8d:1b:6f:df:9f:8d:e1:bf:b8:
a1:a6:51:9f:1a:d5:10:dc:f7:fe:7f:9c:77:f9:33:
2b:38:c2:5d:24:2c:d2:19:c5:2a:3d:ad:cb:a5:47:
43:a9:93:7f:06:d6:cf:e1:e8:8f:21:9a:c7:d9:99:
fb:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:34:C1:41:F3:04:7E:B1:28:BC:E5:B8:08:E3:FF:70:A9:11:F9:8B
X509v3 Authority Key Identifier:
keyid:04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/TTTBQfMEfrEovOW4COP_cKkR-Ys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.178.33.0/24
82.178.158.0/23
134.0.216.0/21
213.202.0.0/21
Signature Algorithm: sha256WithRSAEncryption
95:3a:5f:ad:d7:93:7c:5a:7e:1d:1e:0e:d5:21:53:e6:35:fe:
a8:01:db:d0:65:6e:d2:ae:5a:2a:10:10:bc:46:63:76:50:a6:
62:61:86:fb:2d:d9:4d:c0:c0:6c:57:5b:82:fd:82:30:bf:f3:
68:41:5b:80:08:be:06:3b:42:b3:26:7e:1f:40:b3:d9:38:a7:
5a:72:f2:5f:a5:91:b6:f7:64:d3:d7:2a:dd:06:25:d5:d7:46:
8b:f4:3e:dc:ee:88:b1:22:4d:ff:e9:aa:aa:5d:0c:25:ab:3b:
9d:f7:9b:e1:55:6a:3c:1e:dd:90:af:d4:8c:d7:44:c3:ee:08:
1c:22:94:62:c0:b5:de:bb:54:26:53:9b:64:91:9e:3a:e1:8a:
4e:66:ac:1b:5c:21:97:40:6c:95:4a:31:74:ab:1c:d7:34:5c:
36:38:d4:52:4e:80:6c:dd:71:d8:1f:bc:db:55:f7:70:97:7d:
92:1c:99:30:a9:7e:ad:a6:c3:83:bc:5a:52:f2:66:2f:53:ab:
f4:88:c9:d0:ce:e8:48:b5:62:dd:20:9c:7e:8f:ae:f4:08:59:
10:69:1c:eb:d7:55:f5:19:ad:39:c3:a6:f7:46:de:1a:04:2c:
f0:72:68:41:19:d8:d4:9f:59:2d:2a:9a:c0:ab:9b:f3:78:76:
72:1a:d2:2c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMGPtWggWdAiW+pZbPvD/iGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmQ5ZjRkNmFmZjM4M2M1OWU5ZGU3ODAyZGJlZTAyNGVl
ODg3ZGMwHhcNMjQxMTA3MTA1MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDM0YzE0MWYzMDQ3ZWIxMjhiY2U1YjgwOGUzZmY3MGE5MTFmOThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvAHFb8RsrHkTPl++NDb8NTmVQjOa
AkiG887rd+jWdTLl0rFNSSQB1+VcCfa9PYzrKUwekZFa4h0If/phUqZYTbjGyeoM
azW7909LeXBPCcjLr5cbi6PaTlFUcbmeI1tsz1OuBspz1KajPLkDpOXPy2QpPr+E
LeRvk1Z8RyCxFGAkTr5Pm+kkLYgibmkF9E8/4d6oGIRSfu/kiHCAXkk8xm1hTRKT
4p76aqvw7efOrA6SCMiRzQd8ubMrCVgFLpzvZUULRL1YzcyNG2/fn43hv7ihplGf
GtUQ3Pf+f5x3+TMrOMJdJCzSGcUqPa3LpUdDqZN/BtbP4eiPIZrH2Zn7qwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE00wUHzBH6xKLzluAjj/3CpEfmLMB8GA1UdIwQY
MBaAFAQtn01q/zg8WeneeALb7gJO6IfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEt
YWFlMTQ0NzYwM2MwLzEvVFRUQlFmTUVmckVvdk9XNENPUF9jS2tSLVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEtYWFlMTQ0NzYwM2Mw
LzEvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUrIhAwQB
UrKeAwQDhgDYAwQD1coAMA0GCSqGSIb3DQEBCwUAA4IBAQCVOl+t15N8Wn4dHg7V
IVPmNf6oAdvQZW7SrloqEBC8RmN2UKZiYYb7LdlNwMBsV1uC/YIwv/NoQVuACL4G
O0KzJn4fQLPZOKdacvJfpZG292TT1yrdBiXV10aL9D7c7oixIk3/6aqqXQwlqzud
95vhVWo8Ht2Qr9SM10TD7ggcIpRiwLXeu1QmU5tkkZ464YpOZqwbXCGXQGyVSjF0
qxzXNFw2ONRSToBs3XHYH7zbVfdwl32SHJkwqX6tpsODvFpS8mYvU6v0iMnQzuhI
tWLdIJx+j670CFkQaRzr11X1Ga05w6b3Rt4aBCzwcmhBGdjUn1ktKprAq5vzeHZy
GtIs
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:55 2025 by rpki-client