Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/twZpjn3mBhv8PCQIS58B_yLD1pI.roa
File: twZpjn3mBhv8PCQIS58B_yLD1pI.roa (raw, json)
Hash identifier: XTXhgRSu9HikTS0LgOjInReBImgHzVPbDyvzMPLJ71k=
Subject key identifier: B7:06:69:8E:7D:E6:06:1B:FC:3C:24:08:4B:9F:01:FF:22:C3:D6:92
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0193D7F86F31CCB68885012E0158BDD0B290
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/twZpjn3mBhv8PCQIS58B_yLD1pI.roa
Signing time: Wed 18 Dec 2024 04:13:23 +0000
ROA not before: Wed 18 Dec 2024 04:13:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.253.64.0/24 maxlen: 24
83.219.98.0/24 maxlen: 24
87.120.68.0/23 maxlen: 24
93.123.74.0/23 maxlen: 24
185.252.160.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 00:24:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:d7:f8:6f:31:cc:b6:88:85:01:2e:01:58:bd:d0:b2:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Dec 18 04:13:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b706698e7de6061bfc3c24084b9f01ff22c3d692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:93:01:ae:10:15:20:ef:8a:7b:8b:54:41:86:
61:50:2f:3d:8a:5e:ea:6b:bf:74:88:ee:9a:5a:f6:
db:85:4d:d1:b5:9e:ac:5f:9c:82:60:05:8c:03:2d:
ad:f8:aa:1a:28:3b:d9:43:48:07:82:87:64:ea:ff:
3d:33:67:9e:5d:e4:76:81:f0:74:b0:b2:11:0b:03:
55:50:7e:38:d0:f8:63:90:4a:62:82:53:b2:df:3c:
f2:c5:fc:34:47:0f:08:54:ae:c4:fc:e1:86:2c:2d:
c6:d5:af:28:b8:2d:5e:49:a7:10:04:49:19:45:8c:
cd:69:2c:61:f1:13:28:df:4f:b8:18:90:61:fc:95:
ac:8a:76:46:5d:82:ca:88:ca:fe:8d:98:b8:f3:41:
18:dc:a2:16:1d:85:47:b9:55:28:39:85:45:03:f8:
4b:11:97:39:6d:95:06:59:f1:e5:2c:de:84:6b:9c:
bc:f5:af:80:a0:f6:91:75:61:2f:5c:17:7d:9f:0a:
52:8e:4a:b2:6b:55:ee:75:80:bd:b3:a1:e3:cf:de:
94:bf:d7:6e:c0:d8:4d:1e:d5:2e:92:17:7a:ac:1b:
79:90:c2:75:5d:21:7c:8e:dd:64:77:4f:8c:3a:2d:
c0:3e:68:61:90:ba:f6:13:87:af:03:22:f6:be:7f:
c6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:06:69:8E:7D:E6:06:1B:FC:3C:24:08:4B:9F:01:FF:22:C3:D6:92
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/twZpjn3mBhv8PCQIS58B_yLD1pI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.64.0/24
83.219.98.0/24
87.120.68.0/23
93.123.74.0/23
185.252.160.0/23
Signature Algorithm: sha256WithRSAEncryption
05:fc:d6:15:64:8c:bf:fb:b4:1d:c1:72:a8:72:2f:b2:8e:78:
b8:ff:68:3e:c1:3e:21:b3:4d:06:db:ec:6f:a6:87:3c:aa:77:
d5:4c:7c:e0:cf:f6:c6:29:77:1f:7f:02:c3:51:27:fc:3d:c4:
b5:a6:2a:f1:f7:96:59:c0:f3:1a:b6:a6:08:12:21:f3:82:3e:
db:27:5c:3c:e4:a9:cd:bb:33:fd:cd:05:df:ad:3b:b4:ee:61:
11:44:3a:91:bc:f4:40:ed:30:1e:8a:ec:d6:6d:ec:44:ba:b6:
df:4b:fa:5b:80:0f:0e:79:d1:c3:1f:be:fd:f2:07:62:aa:f8:
9d:0d:f5:57:96:f5:b2:78:36:bc:e7:46:ac:b0:95:d5:51:ad:
1a:09:56:2c:7a:60:2d:6e:42:05:0b:12:1c:60:60:58:f4:2d:
1d:8f:35:d0:99:c1:7b:70:98:9c:8e:a6:f0:9a:93:fb:2f:84:
be:57:48:5e:20:e1:cf:d1:52:2a:52:64:5c:58:db:18:83:66:
4a:92:6e:76:93:92:70:b9:b1:67:db:40:96:0b:d0:ba:92:6e:
df:e7:6f:2e:fa:51:5e:ff:5f:cf:50:9d:39:e1:93:29:7a:de:
13:70:cd:2a:99:de:b2:7d:3c:c9:c0:a6:5b:87:a5:04:a3:7a:
a8:f8:ed:3f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZPX+G8xzLaIhQEuAVi90LKQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQxMjE4MDQxMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzA2Njk4ZTdkZTYwNjFiZmMzYzI0MDg0YjlmMDFmZjIyYzNkNjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpMBrhAVIO+Ke4tUQYZhUC89il7q
a790iO6aWvbbhU3RtZ6sX5yCYAWMAy2t+KoaKDvZQ0gHgodk6v89M2eeXeR2gfB0
sLIRCwNVUH440PhjkEpiglOy3zzyxfw0Rw8IVK7E/OGGLC3G1a8ouC1eSacQBEkZ
RYzNaSxh8RMo30+4GJBh/JWsinZGXYLKiMr+jZi480EY3KIWHYVHuVUoOYVFA/hL
EZc5bZUGWfHlLN6Ea5y89a+AoPaRdWEvXBd9nwpSjkqya1XudYC9s6Hjz96Uv9du
wNhNHtUukhd6rBt5kMJ1XSF8jt1kd0+MOi3APmhhkLr2E4evAyL2vn/G+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLcGaY595gYb/DwkCEufAf8iw9aSMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdHdacGpuM21CaHY4UENRSVM1OEJfeUxEMXBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABf1AAwQA
U9tiAwQBV3hEAwQBXXtKAwQBufygMA0GCSqGSIb3DQEBCwUAA4IBAQAF/NYVZIy/
+7QdwXKoci+yjni4/2g+wT4hs00G2+xvpoc8qnfVTHzgz/bGKXcffwLDUSf8PcS1
pirx95ZZwPMatqYIEiHzgj7bJ1w85KnNuzP9zQXfrTu07mERRDqRvPRA7TAeiuzW
bexEurbfS/pbgA8OedHDH7798gdiqvidDfVXlvWyeDa850assJXVUa0aCVYsemAt
bkIFCxIcYGBY9C0djzXQmcF7cJicjqbwmpP7L4S+V0heIOHP0VIqUmRcWNsYg2ZK
km52k5JwubFn20CWC9C6km7f528u+lFe/1/PUJ054ZMpet4TcM0qmd6yfTzJwKZb
h6UEo3qo+O0/
-----END CERTIFICATE-----
Generated at Sun Apr 27 14:49:47 2025 by rpki-client