Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/tNe6Hc1PXnhTBWXei2RjM_J5_Vc.roa
File: tNe6Hc1PXnhTBWXei2RjM_J5_Vc.roa (raw, json)
Hash identifier: fFS+4FijofseuSwI/cd8tweKbPxpEjrC2ERUD2U2gVw=
Subject key identifier: B4:D7:BA:1D:CD:4F:5E:78:53:05:65:DE:8B:64:63:33:F2:79:FD:57
Certificate issuer: /CN=fb5d3e114fbce2cf0f920431c56a7c73dfda5a7e
Certificate serial: 018EE18840FF491BEACBDF72FA0CB587A924
Authority key identifier: FB:5D:3E:11:4F:BC:E2:CF:0F:92:04:31:C5:6A:7C:73:DF:DA:5A:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-10-EU-84s8PkgQxxWp8c9_aWn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/tNe6Hc1PXnhTBWXei2RjM_J5_Vc.roa
Signing time: Mon 15 Apr 2024 11:33:06 +0000
ROA not before: Mon 15 Apr 2024 11:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57032
IP address blocks: 2.57.239.0/24 maxlen: 24
2a12:9bc0::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:88:40:ff:49:1b:ea:cb:df:72:fa:0c:b5:87:a9:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb5d3e114fbce2cf0f920431c56a7c73dfda5a7e
Validity
Not Before: Apr 15 11:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4d7ba1dcd4f5e78530565de8b646333f279fd57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0a:a3:0f:3e:35:bd:f4:78:53:24:73:fb:dd:
bc:50:22:4f:84:4d:a6:11:1e:b4:8f:c7:30:e4:a0:
2e:51:99:cc:6f:8f:1b:03:c9:f8:51:6d:e0:49:39:
b2:34:b5:83:f5:3b:55:2a:80:e2:eb:be:91:e3:22:
24:26:8a:a4:bf:ae:fd:91:ca:9d:75:84:7e:4a:4a:
7f:c1:4c:c4:95:97:c7:26:e5:39:50:19:52:b8:85:
ba:d7:f2:07:ac:57:07:5e:c7:63:50:0e:4d:37:77:
d9:9f:05:1e:1b:e6:74:ed:dc:ae:a6:8a:1b:a6:54:
73:fc:ce:ba:e6:24:7e:ba:1b:72:8f:bb:e9:22:62:
b6:ee:b4:b9:52:9e:93:40:03:26:05:be:26:d7:fd:
13:c6:14:2c:f8:57:38:77:88:75:7e:5b:64:48:33:
ca:85:20:6a:7e:3c:ff:24:9f:34:63:46:6e:a0:5c:
88:19:47:84:95:be:9b:1e:73:81:99:4d:75:3f:5c:
60:37:53:a7:cd:4e:7b:16:0e:83:89:9c:a9:b7:c7:
4d:07:b8:a7:9a:9c:f5:bd:ae:54:ed:ae:4d:72:39:
2e:b8:92:02:81:33:58:8f:c8:ad:6a:55:0e:65:de:
b7:ef:c8:c7:05:3e:fc:0b:10:3e:f2:d4:0c:09:d4:
df:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:D7:BA:1D:CD:4F:5E:78:53:05:65:DE:8B:64:63:33:F2:79:FD:57
X509v3 Authority Key Identifier:
keyid:FB:5D:3E:11:4F:BC:E2:CF:0F:92:04:31:C5:6A:7C:73:DF:DA:5A:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-10-EU-84s8PkgQxxWp8c9_aWn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/tNe6Hc1PXnhTBWXei2RjM_J5_Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/e70d98-426e-46fe-afaf-82139f3b433c/1/1-10-EU-84s8PkgQxxWp8c9_aWn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.239.0/24
IPv6:
2a12:9bc0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:21:62:dd:a0:35:3b:fb:87:c8:1e:48:3a:ab:5f:0d:b0:0d:
2a:7a:c4:8e:80:a3:57:d1:7c:89:3a:58:e2:77:d4:a6:bf:d1:
7f:9f:96:05:39:44:ed:93:c0:58:e1:3b:ae:6e:4a:d2:81:f1:
b6:3b:8d:4e:32:78:9c:31:ed:1c:fc:09:f5:7a:d1:5f:34:e8:
b6:55:ae:90:01:6f:c0:70:9c:f3:cb:8f:4d:81:54:99:2d:0d:
39:81:c1:a9:93:1e:e9:01:24:eb:b1:2c:19:c7:fc:15:72:59:
89:41:6f:22:36:56:fd:22:58:df:84:09:94:3f:2d:de:78:23:
b4:e9:63:00:43:65:39:72:a1:77:f7:e3:d9:e6:0f:65:f3:db:
00:1c:f8:cd:38:48:f6:08:06:cd:ba:75:1b:b2:a4:83:b0:71:
27:4c:09:4f:f8:4f:57:98:36:6f:09:b2:9f:1a:ba:c4:8f:52:
2b:f7:bf:7b:12:18:ab:dc:e9:8f:f2:38:c9:d0:18:e0:7d:6c:
df:e6:ea:80:27:0c:e9:9c:8d:ac:cb:17:23:a4:3f:12:29:ef:
8b:c7:30:fb:c4:11:42:63:a5:31:dc:03:e7:4a:02:f2:71:d1:
73:f3:57:a6:c0:77:eb:af:b4:dd:94:fa:da:fb:de:8e:9d:52:
89:49:e7:f7
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY7hiED/SRvqy99y+gy1h6kkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiNWQzZTExNGZiY2UyY2YwZjkyMDQzMWM1NmE3YzczZGZk
YTVhN2UwHhcNMjQwNDE1MTEzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGQ3YmExZGNkNGY1ZTc4NTMwNTY1ZGU4YjY0NjMzM2YyNzlmZDU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAqjDz41vfR4UyRz+928UCJPhE2m
ER60j8cw5KAuUZnMb48bA8n4UW3gSTmyNLWD9TtVKoDi676R4yIkJoqkv679kcqd
dYR+Skp/wUzElZfHJuU5UBlSuIW61/IHrFcHXsdjUA5NN3fZnwUeG+Z07dyupoob
plRz/M665iR+uhtyj7vpImK27rS5Up6TQAMmBb4m1/0TxhQs+Fc4d4h1fltkSDPK
hSBqfjz/JJ80Y0ZuoFyIGUeElb6bHnOBmU11P1xgN1OnzU57Fg6DiZypt8dNB7in
mpz1va5U7a5NcjkuuJICgTNYj8italUOZd6378jHBT78CxA+8tQMCdTf5QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFLTXuh3NT154UwVl3otkYzPyef1XMB8GA1UdIwQY
MBaAFPtdPhFPvOLPD5IEMcVqfHPf2lp+MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS0xMC1FVS04NHM4UGtnUXh4V3A4YzlfYVduNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjIvZTcwZDk4LTQyNmUtNDZmZS1hZmFm
LTgyMTM5ZjNiNDMzYy8xL3ROZTZIYzFQWG5oVEJXWGVpMlJqTV9KNV9WYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjIvZTcwZDk4LTQyNmUtNDZmZS1hZmFmLTgyMTM5ZjNiNDMz
Yy8xLzEtMTAtRVUtODRzOFBrZ1F4eFdwOGM5X2FXbjQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAACOe8w
DQQCAAIwBwMFAyoSm8AwDQYJKoZIhvcNAQELBQADggEBADohYt2gNTv7h8geSDqr
Xw2wDSp6xI6Ao1fRfIk6WOJ31Ka/0X+flgU5RO2TwFjhO65uStKB8bY7jU4yeJwx
7Rz8CfV60V806LZVrpABb8BwnPPLj02BVJktDTmBwamTHukBJOuxLBnH/BVyWYlB
byI2Vv0iWN+ECZQ/Ld54I7TpYwBDZTlyoXf349nmD2Xz2wAc+M04SPYIBs26dRuy
pIOwcSdMCU/4T1eYNm8Jsp8ausSPUiv3v3sSGKvc6Y/yOMnQGOB9bN/m6oAnDOmc
jazLFyOkPxIp74vHMPvEEUJjpTHcA+dKAvJx0XPzV6bAd+uvtN2U+tr73o6dUolJ
5/c=
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:49:18 2025 by rpki-client