Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/tcRF1Y0s3TGS5oonAYgI3swQvFg.roa
File: tcRF1Y0s3TGS5oonAYgI3swQvFg.roa (raw, json)
Hash identifier: 33pj47NyEFw41XxcpZUk+HM3AD7pxiyetvcaraFLVhI=
Subject key identifier: B5:C4:45:D5:8D:2C:DD:31:92:E6:8A:27:01:88:08:DE:CC:10:BC:58
Certificate issuer: /CN=3fd4d2fdbee3aa3e121428ea7050c9439d8886a9
Certificate serial: 0193E4DA1DCE83485A135F9EDB4D16C01BD0
Authority key identifier: 3F:D4:D2:FD:BE:E3:AA:3E:12:14:28:EA:70:50:C9:43:9D:88:86:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/tcRF1Y0s3TGS5oonAYgI3swQvFg.roa
Signing time: Fri 20 Dec 2024 16:15:19 +0000
ROA not before: Fri 20 Dec 2024 16:15:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62333
IP address blocks: 194.147.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:e4:da:1d:ce:83:48:5a:13:5f:9e:db:4d:16:c0:1b:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd4d2fdbee3aa3e121428ea7050c9439d8886a9
Validity
Not Before: Dec 20 16:15:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5c445d58d2cdd3192e68a27018808decc10bc58
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a1:5c:22:8d:34:fa:05:33:4f:20:f8:47:68:
6a:bf:fb:f4:8a:f4:74:95:7b:e7:4d:e5:09:9b:93:
ea:3e:2e:3f:c2:fb:3e:ae:ab:02:4a:bd:46:6d:cd:
ad:f2:84:29:3c:3f:eb:a9:de:20:86:7a:06:f6:83:
cb:80:28:98:46:a4:3c:dd:f1:29:bd:9a:fa:30:cd:
0f:d4:44:6d:96:3a:cc:19:83:4f:62:05:a6:34:72:
27:4f:42:b2:54:1b:2b:e5:e3:59:e3:61:39:cb:25:
10:eb:ca:39:e0:04:6f:36:95:3e:19:9a:1b:ba:48:
87:4d:a7:18:0b:bf:b7:b1:30:47:1f:51:60:e9:b4:
72:6a:93:31:83:1d:e8:a2:8a:e5:31:f1:a0:c9:d3:
43:63:5b:12:f2:ab:da:1f:fd:4a:1b:ef:05:9d:15:
fc:aa:1c:6b:a1:a3:b6:5c:3c:8e:34:a6:6d:3f:3c:
6f:60:f0:64:0e:47:c1:31:e8:90:88:58:af:fc:93:
1e:b8:ca:4f:b1:18:09:70:12:a1:d8:b1:e0:61:11:
3c:07:5d:5d:df:df:25:45:8d:12:c8:5c:46:71:c4:
7d:39:b4:89:6f:23:3c:aa:21:3e:9f:25:61:37:c0:
f5:c4:29:a7:5e:f0:75:98:1e:cc:08:cd:62:33:15:
a5:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:C4:45:D5:8D:2C:DD:31:92:E6:8A:27:01:88:08:DE:CC:10:BC:58
X509v3 Authority Key Identifier:
keyid:3F:D4:D2:FD:BE:E3:AA:3E:12:14:28:EA:70:50:C9:43:9D:88:86:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/tcRF1Y0s3TGS5oonAYgI3swQvFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/66b692-4bb3-473e-9413-6261e5b1fc20/1/P9TS_b7jqj4SFCjqcFDJQ52Ihqk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.147.224.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:c1:e5:13:4b:f0:7d:ee:36:24:9d:fd:e0:bd:dd:66:b9:1d:
cc:ee:ca:25:96:2f:34:82:9c:8e:f2:23:fe:27:6e:ba:96:d1:
c8:b1:64:dc:51:44:b3:8b:45:23:3c:05:51:03:11:4b:79:f5:
2c:64:b2:af:24:73:b2:f9:35:51:15:f5:e7:a4:9c:ed:c4:12:
7c:4a:80:eb:e6:45:83:0d:74:57:95:cd:be:2e:d0:cc:cb:9b:
5e:a5:0c:eb:41:95:8c:56:16:f2:93:7f:68:ca:3a:0a:6c:f3:
f6:34:98:1e:0a:a9:ab:c7:73:35:27:75:cb:41:9f:e4:2c:65:
ea:e3:b2:97:b8:a9:29:61:18:7a:5e:fb:79:3f:30:f0:33:4d:
1c:a6:dd:ed:c0:1f:e6:09:44:68:57:b4:13:46:6e:d3:f4:b4:
09:63:e2:ee:b5:9b:e8:97:c8:91:77:83:d6:3f:4d:1f:b6:a2:
10:b5:69:26:5e:b6:93:e6:57:c2:8b:e0:48:3b:02:f9:61:72:
e3:4f:4a:bb:70:4a:3b:03:1e:b0:40:16:be:4f:ad:ba:4a:a0:
b1:62:6d:b3:08:12:d9:51:0a:d6:bd:b5:4e:28:a2:36:f5:a9:
93:8a:33:de:e6:3a:1c:fa:b0:11:15:d5:b9:30:24:5a:dc:a3:
cf:c1:88:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPk2h3Og0haE1+e200WwBvQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDRkMmZkYmVlM2FhM2UxMjE0MjhlYTcwNTBjOTQzOWQ4
ODg2YTkwHhcNMjQxMjIwMTYxNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWM0NDVkNThkMmNkZDMxOTJlNjhhMjcwMTg4MDhkZWNjMTBiYzU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaFcIo00+gUzTyD4R2hqv/v0ivR0
lXvnTeUJm5PqPi4/wvs+rqsCSr1Gbc2t8oQpPD/rqd4ghnoG9oPLgCiYRqQ83fEp
vZr6MM0P1ERtljrMGYNPYgWmNHInT0KyVBsr5eNZ42E5yyUQ68o54ARvNpU+GZob
ukiHTacYC7+3sTBHH1Fg6bRyapMxgx3ooorlMfGgydNDY1sS8qvaH/1KG+8FnRX8
qhxroaO2XDyONKZtPzxvYPBkDkfBMeiQiFiv/JMeuMpPsRgJcBKh2LHgYRE8B11d
398lRY0SyFxGccR9ObSJbyM8qiE+nyVhN8D1xCmnXvB1mB7MCM1iMxWl5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLXERdWNLN0xkuaKJwGICN7MELxYMB8GA1UdIwQY
MBaAFD/U0v2+46o+EhQo6nBQyUOdiIapMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlUU19iN2pxajRTRkNqcWNGREpRNTJJaHFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NmI2OTItNGJiMy00NzNlLTk0MTMt
NjI2MWU1YjFmYzIwLzEvdGNSRjFZMHMzVEdTNW9vbkFZZ0kzc3dRdkZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NmI2OTItNGJiMy00NzNlLTk0MTMtNjI2MWU1YjFmYzIw
LzEvUDlUU19iN2pxajRTRkNqcWNGREpRNTJJaHFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpPgMA0G
CSqGSIb3DQEBCwUAA4IBAQCLweUTS/B97jYknf3gvd1muR3M7solli80gpyO8iP+
J266ltHIsWTcUUSzi0UjPAVRAxFLefUsZLKvJHOy+TVRFfXnpJztxBJ8SoDr5kWD
DXRXlc2+LtDMy5tepQzrQZWMVhbyk39oyjoKbPP2NJgeCqmrx3M1J3XLQZ/kLGXq
47KXuKkpYRh6Xvt5PzDwM00cpt3twB/mCURoV7QTRm7T9LQJY+LutZvol8iRd4PW
P00ftqIQtWkmXraT5lfCi+BIOwL5YXLjT0q7cEo7Ax6wQBa+T626SqCxYm2zCBLZ
UQrWvbVOKKI29amTijPe5joc+rARFdW5MCRa3KPPwYjA
-----END CERTIFICATE-----
Generated at Mon Apr 21 04:06:27 2025 by rpki-client