Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/td-FXDSr0UO5EI_ymDL82k2ef4U.roa
File: td-FXDSr0UO5EI_ymDL82k2ef4U.roa (raw, json)
Hash identifier: G9xigYntzpvIOWznb1GAU+m57NPm/zZHzOcJt3fg2YE=
Subject key identifier: B5:DF:85:5C:34:AB:D1:43:B9:10:8F:F2:98:32:FC:DA:4D:9E:7F:85
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0193AF2FC1F62CE1CE25473DD63A74E44485
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/td-FXDSr0UO5EI_ymDL82k2ef4U.roa
Signing time: Tue 10 Dec 2024 06:09:22 +0000
ROA not before: Tue 10 Dec 2024 06:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398373
IP address blocks: 194.87.41.0/24 maxlen: 24
194.87.61.0/24 maxlen: 24
194.87.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 10 Dec 2024 06:14:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:af:2f:c1:f6:2c:e1:ce:25:47:3d:d6:3a:74:e4:44:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Dec 10 06:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5df855c34abd143b9108ff29832fcda4d9e7f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f1:ae:ac:72:97:f3:e8:43:d6:4c:43:cc:12:
5c:34:77:4f:65:8f:6c:4c:76:3c:79:0d:f9:9d:f5:
ec:b9:50:84:1b:25:a6:63:8d:68:03:13:30:b7:2e:
54:20:58:ae:ec:b0:be:ba:aa:b3:a6:4d:df:c6:5f:
8e:54:c3:6d:07:2f:d2:da:be:ce:58:5a:98:78:5a:
83:8e:98:22:2b:9b:e3:b0:fb:c6:1f:0c:39:4d:07:
60:ab:c3:ed:5e:6d:48:85:af:81:b6:88:c9:df:20:
31:1d:d1:d5:a9:fc:3e:48:d0:45:52:e1:ac:15:f5:
8e:c9:f6:16:c8:95:e3:2c:8e:54:a0:87:cd:d5:0a:
66:fb:5f:e1:b4:cd:fd:93:a5:af:de:bf:5b:02:0b:
8e:57:16:2b:29:fe:3c:35:15:0c:c1:df:7c:7f:33:
46:27:e4:27:d3:2e:c1:87:5d:c9:3b:3e:41:3e:07:
5d:f9:cb:67:2f:c5:05:03:d4:85:a2:82:37:b1:95:
9b:7d:fa:47:76:ca:c6:10:a7:79:ee:78:e5:80:e2:
68:a3:1c:4c:8b:7d:fc:c8:e8:5b:8f:50:b9:6d:74:
bd:fc:b2:3d:bc:47:4c:50:ca:13:1d:e9:b9:4b:49:
f7:bd:0c:4a:2d:93:7f:23:46:1f:66:9b:4b:1e:28:
24:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:DF:85:5C:34:AB:D1:43:B9:10:8F:F2:98:32:FC:DA:4D:9E:7F:85
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/td-FXDSr0UO5EI_ymDL82k2ef4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.41.0/24
194.87.61.0/24
194.87.192.0/22
Signature Algorithm: sha256WithRSAEncryption
74:4c:be:2b:50:86:17:fb:74:5d:86:02:4c:24:49:6c:e8:0b:
1c:ae:1e:d7:c7:08:0a:5b:fe:2c:3b:e0:08:a5:51:c5:8a:8f:
f0:a9:e2:c7:c6:bf:ae:7e:c8:81:93:cd:46:09:df:f1:cb:96:
9c:65:a6:36:7d:9d:3e:22:fe:d3:78:24:aa:56:6d:2f:fc:45:
de:b1:af:c8:0d:f6:54:20:6a:ee:ad:67:90:58:c7:c6:16:74:
60:43:86:1d:85:b3:96:2d:c6:c4:d3:e4:17:da:1f:aa:33:19:
ba:9d:82:45:ae:61:e9:89:c7:87:43:df:c9:fd:1a:68:47:b2:
f9:2a:5c:18:28:aa:9f:d4:56:e2:7a:41:2f:87:b8:82:e6:48:
53:47:6e:a2:20:fa:a4:e1:fa:b0:30:14:c9:fc:8f:f0:2c:76:
98:28:1f:9e:b7:42:52:a5:58:99:66:65:e0:ba:af:5f:00:76:
9a:a6:ff:da:b0:b3:91:87:61:c1:e8:35:b5:9c:a6:f5:74:9c:
81:bf:ad:14:2b:fd:93:1a:f8:9d:88:10:f6:73:d1:f3:8d:5f:
85:05:30:4e:f3:fb:56:d3:5a:fe:45:33:32:5d:31:ef:45:fb:
3a:30:91:5c:ce:e3:02:e3:04:16:fa:9a:4a:ca:9b:9b:27:a5:
e1:e3:43:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOvL8H2LOHOJUc91jp05ESFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQxMjEwMDYwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWRmODU1YzM0YWJkMTQzYjkxMDhmZjI5ODMyZmNkYTRkOWU3Zjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfGurHKX8+hD1kxDzBJcNHdPZY9s
THY8eQ35nfXsuVCEGyWmY41oAxMwty5UIFiu7LC+uqqzpk3fxl+OVMNtBy/S2r7O
WFqYeFqDjpgiK5vjsPvGHww5TQdgq8PtXm1Iha+BtojJ3yAxHdHVqfw+SNBFUuGs
FfWOyfYWyJXjLI5UoIfN1Qpm+1/htM39k6Wv3r9bAguOVxYrKf48NRUMwd98fzNG
J+Qn0y7Bh13JOz5BPgdd+ctnL8UFA9SFooI3sZWbffpHdsrGEKd57njlgOJooxxM
i338yOhbj1C5bXS9/LI9vEdMUMoTHem5S0n3vQxKLZN/I0YfZptLHigkiQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLXfhVw0q9FDuRCP8pgy/NpNnn+FMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdGQtRlhEU3IwVU81RUlfeW1ETDgyazJlZjRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwlcpAwQA
wlc9AwQCwlfAMA0GCSqGSIb3DQEBCwUAA4IBAQB0TL4rUIYX+3RdhgJMJEls6Asc
rh7XxwgKW/4sO+AIpVHFio/wqeLHxr+ufsiBk81GCd/xy5acZaY2fZ0+Iv7TeCSq
Vm0v/EXesa/IDfZUIGrurWeQWMfGFnRgQ4YdhbOWLcbE0+QX2h+qMxm6nYJFrmHp
iceHQ9/J/RpoR7L5KlwYKKqf1FbiekEvh7iC5khTR26iIPqk4fqwMBTJ/I/wLHaY
KB+et0JSpViZZmXguq9fAHaapv/asLORh2HB6DW1nKb1dJyBv60UK/2TGvidiBD2
c9HzjV+FBTBO8/tW01r+RTMyXTHvRfs6MJFczuMC4wQW+ppKypubJ6Xh40N8
-----END CERTIFICATE-----
Generated at Mon Jun 16 11:04:57 2025 by rpki-client