Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/TckDX7XIKRyb7fmT8LghksCP13A.roa
File: TckDX7XIKRyb7fmT8LghksCP13A.roa (raw, json)
Hash identifier: tT5afxMxfFIZuLkt3bhCYp0Ei/IbQAZm0simatvc4WI=
Subject key identifier: 4D:C9:03:5F:B5:C8:29:1C:9B:ED:F9:93:F0:B8:21:92:C0:8F:D7:70
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019427469AD9948D9E4216CDF469C7BCD255
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/TckDX7XIKRyb7fmT8LghksCP13A.roa
Signing time: Thu 02 Jan 2025 13:48:46 +0000
ROA not before: Thu 02 Jan 2025 13:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
2a10:9440:1::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 09 Jan 2025 14:47:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:9a:d9:94:8d:9e:42:16:cd:f4:69:c7:bc:d2:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4dc9035fb5c8291c9bedf993f0b82192c08fd770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:51:38:a7:0f:4f:d9:3d:19:67:7e:e1:94:b4:
69:65:36:f2:86:89:92:8f:77:50:32:07:8e:f9:09:
6e:ed:8e:f3:d7:75:68:86:73:f8:e3:f6:af:88:f9:
82:4c:79:30:55:7d:b0:8d:ba:bb:a1:a4:45:e6:3a:
7c:56:3b:b9:11:32:c9:23:ca:da:22:d6:44:31:b2:
c1:b7:00:d6:7b:3d:71:b5:ce:a7:47:88:bb:be:f8:
00:32:77:8e:d5:5a:f4:4e:31:db:45:26:b4:88:3a:
ab:83:6c:0d:35:6a:6c:a8:48:45:30:b3:b9:af:65:
84:20:e4:1a:0a:19:3c:c5:46:eb:fd:36:a3:74:9c:
ca:4b:b1:7a:15:18:4c:71:0d:a6:43:9e:47:03:94:
8d:51:b4:ee:58:9e:0b:21:d3:f2:f2:c3:29:ac:ea:
e7:f5:7a:e3:c1:7d:d1:1b:c2:46:b2:e7:52:3c:63:
d2:16:3d:d8:a3:8c:a7:22:39:4a:75:04:be:34:d1:
06:86:f5:e7:0b:a3:60:2c:01:86:ca:bf:83:ec:1f:
8a:07:f2:0f:1d:31:5e:56:3b:c4:9d:f9:96:bf:6b:
2d:bb:4a:70:cd:bd:26:92:fa:4f:e9:ea:7f:ef:28:
2b:59:e8:37:ab:f5:4a:9c:ab:cb:da:90:97:8a:9c:
e8:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C9:03:5F:B5:C8:29:1C:9B:ED:F9:93:F0:B8:21:92:C0:8F:D7:70
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/TckDX7XIKRyb7fmT8LghksCP13A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.92.142.0/23
77.92.152.0/24
78.135.86.0/24
188.132.206.0/23
IPv6:
2a10:9440:1::/48
Signature Algorithm: sha256WithRSAEncryption
45:fc:3b:81:28:b5:1a:bf:6d:cc:8a:8b:e3:fc:0d:1f:18:1b:
36:9d:b9:8a:7d:9f:d6:19:fc:74:5e:43:79:89:99:89:5f:b8:
9a:9c:e3:61:e0:57:17:c7:05:80:b3:79:ef:4c:09:57:bb:42:
ad:43:a2:ef:34:b3:bd:69:df:d1:10:14:d4:43:45:37:77:10:
32:7b:25:d9:64:58:33:8d:e8:45:c5:3c:25:c0:08:9e:59:c3:
90:64:96:99:8a:b3:2b:8d:e6:01:49:cc:d3:81:26:df:48:d3:
c0:1a:53:21:b8:b2:9f:a0:55:36:af:88:65:1e:07:a9:3d:15:
1d:d9:dc:37:8a:8f:01:cf:ce:c8:46:00:9d:9d:87:7e:77:a3:
6c:57:fa:b3:ad:08:c4:83:04:69:5a:79:69:c0:a2:75:e0:03:
b5:f1:17:b6:4f:ae:70:42:29:59:5f:61:07:cc:4f:6f:f3:55:
0c:bb:d1:b0:18:2d:db:5e:19:68:0f:b0:cc:b1:d0:7b:4c:cf:
0c:89:f8:ed:11:7a:71:c8:69:d0:a2:4e:ca:94:bd:ea:fa:0c:
ab:2e:64:03:43:ba:b6:3c:da:83:0d:a9:0c:de:6b:12:4b:5b:
12:34:7a:51:e8:12:0f:e4:34:2f:b4:74:e5:a4:6e:87:87:e8:
fb:fd:23:3e
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQnRprZlI2eQhbN9GnHvNJVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGM5MDM1ZmI1YzgyOTFjOWJlZGY5OTNmMGI4MjE5MmMwOGZkNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvFE4pw9P2T0ZZ37hlLRpZTbyhomS
j3dQMgeO+Qlu7Y7z13VohnP44/aviPmCTHkwVX2wjbq7oaRF5jp8Vju5ETLJI8ra
ItZEMbLBtwDWez1xtc6nR4i7vvgAMneO1Vr0TjHbRSa0iDqrg2wNNWpsqEhFMLO5
r2WEIOQaChk8xUbr/TajdJzKS7F6FRhMcQ2mQ55HA5SNUbTuWJ4LIdPy8sMprOrn
9XrjwX3RG8JGsudSPGPSFj3Yo4ynIjlKdQS+NNEGhvXnC6NgLAGGyr+D7B+KB/IP
HTFeVjvEnfmWv2stu0pwzb0mkvpP6ep/7ygrWeg3q/VKnKvL2pCXipzoXQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFE3JA1+1yCkcm+35k/C4IZLAj9dwMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvVGNrRFg3WElLUnliN2ZtVDhMZ2hrc0NQMTNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBTVyOAwQA
TVyYAwQATodWAwQBvITOMA8EAgACMAkDBwAqEJRAAAEwDQYJKoZIhvcNAQELBQAD
ggEBAEX8O4EotRq/bcyKi+P8DR8YGzaduYp9n9YZ/HReQ3mJmYlfuJqc42HgVxfH
BYCzee9MCVe7Qq1Dou80s71p39EQFNRDRTd3EDJ7JdlkWDON6EXFPCXACJ5Zw5Bk
lpmKsyuN5gFJzNOBJt9I08AaUyG4sp+gVTaviGUeB6k9FR3Z3DeKjwHPzshGAJ2d
h353o2xX+rOtCMSDBGlaeWnAonXgA7XxF7ZPrnBCKVlfYQfMT2/zVQy70bAYLdte
GWgPsMyx0HtMzwyJ+O0RenHIadCiTsqUver6DKsuZANDurY82oMNqQzeaxJLWxI0
elHoEg/kNC+0dOWkboeH6Pv9Iz4=
-----END CERTIFICATE-----
Generated at Mon Apr 28 06:09:00 2025 by rpki-client