Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa
File: TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa (raw, json)
Hash identifier: Zo68EGQZtR1cAPx53mGB1Gyz2xKNLgvwSkOJs7d9538=
Subject key identifier: 4D:98:73:B7:53:E4:51:C6:07:C1:E6:8A:C7:14:EC:FB:7C:68:4F:86
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0193FBEC2BE937CE1F4483CCF7B8AAF2FB8D
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa
Signing time: Wed 25 Dec 2024 03:46:19 +0000
ROA not before: Wed 25 Dec 2024 03:46:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214526
IP address blocks: 109.122.240.0/20 maxlen: 24
109.122.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 25 Dec 2024 03:50:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:fb:ec:2b:e9:37:ce:1f:44:83:cc:f7:b8:aa:f2:fb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Dec 25 03:46:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d9873b753e451c607c1e68ac714ecfb7c684f86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:da:47:80:66:b5:21:54:48:65:fb:28:9d:fe:
02:10:3e:04:64:fc:54:24:bc:a2:7e:ae:8f:53:94:
c1:f3:b7:17:a0:af:7a:34:74:59:11:ee:e4:59:36:
92:18:5b:58:05:b1:77:e5:f1:f4:0a:44:c0:f3:cc:
af:26:15:b0:a1:7e:1c:a1:3c:6f:7b:c2:30:ee:74:
3b:ee:a9:1c:67:5a:7e:1b:29:cb:30:64:b9:fb:78:
a4:87:99:ef:8d:62:f7:8f:9a:31:5c:ce:00:c0:af:
80:13:6c:d1:dc:25:9a:9f:42:4a:81:7e:b8:7d:0d:
dd:34:97:7d:c4:31:80:08:7b:68:db:d7:10:8a:4e:
0f:89:8d:f3:35:21:a2:f2:f6:6c:66:19:e0:fa:82:
e4:49:5f:27:84:5e:e6:07:80:29:20:7c:9a:66:2b:
77:66:00:8b:dc:b7:10:fb:c1:a3:01:1b:de:85:5b:
76:04:49:6d:97:9a:b8:46:c1:68:63:19:52:08:e0:
f7:0f:7d:64:e2:97:8f:0d:62:a6:13:a5:f8:3d:4c:
15:eb:74:d0:be:0d:a7:84:3e:9f:8a:3d:32:8e:75:
a0:23:a4:14:dc:34:90:d4:a0:aa:70:e2:df:60:af:
9c:4c:3b:14:05:83:5a:1c:0a:b6:49:a1:57:37:52:
9a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:98:73:B7:53:E4:51:C6:07:C1:E6:8A:C7:14:EC:FB:7C:68:4F:86
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/TZhzt1PkUcYHweaKxxTs-3xoT4Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.240.0/20
Signature Algorithm: sha256WithRSAEncryption
75:de:66:1c:39:35:bc:7b:44:5d:7e:f5:6a:9b:97:a2:ff:50:
9b:5a:03:c7:b7:70:14:5e:a8:96:47:b9:30:b8:f6:53:9c:f1:
73:24:a2:bb:9b:c9:49:25:98:f2:85:0e:a9:58:f2:05:9b:0b:
43:ca:65:2c:ba:c7:34:be:f2:b1:f9:80:e7:98:99:38:52:d4:
15:13:ec:c1:12:6b:25:2b:69:70:1b:c4:6a:30:8d:e2:2e:1d:
25:d3:75:ac:17:6f:c4:58:00:bd:dc:32:c2:50:48:4e:37:71:
72:b6:06:14:4b:8e:2f:ea:df:b7:27:d8:25:85:95:51:a4:01:
90:65:89:bf:7e:bd:cf:5b:0c:1a:b2:ad:97:13:4a:ae:d6:df:
04:09:3b:ba:7e:bd:de:fd:f2:dc:ff:35:50:75:67:85:b0:90:
76:1f:e1:ca:0a:ff:12:98:32:ce:1e:2c:3a:54:f7:fc:27:73:
d3:e5:cb:a0:8e:6e:9f:09:bd:b7:cf:74:3f:d2:9d:b7:f6:6a:
a3:e0:92:49:21:3a:79:61:e5:08:d3:84:db:9b:22:9f:66:c6:
23:0d:8a:7f:a3:9b:19:5b:f6:82:37:8c:9c:77:a3:ca:86:b4:
d8:79:fa:dd:7a:3c:e8:c4:65:61:ac:89:bf:59:81:0d:ff:f5:
c4:df:85:0e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZP77CvpN84fRIPM97iq8vuNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMjI1MDM0NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk4NzNiNzUzZTQ1MWM2MDdjMWU2OGFjNzE0ZWNmYjdjNjg0Zjg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNpHgGa1IVRIZfsonf4CED4EZPxU
JLyifq6PU5TB87cXoK96NHRZEe7kWTaSGFtYBbF35fH0CkTA88yvJhWwoX4coTxv
e8Iw7nQ77qkcZ1p+GynLMGS5+3ikh5nvjWL3j5oxXM4AwK+AE2zR3CWan0JKgX64
fQ3dNJd9xDGACHto29cQik4PiY3zNSGi8vZsZhng+oLkSV8nhF7mB4ApIHyaZit3
ZgCL3LcQ+8GjARvehVt2BEltl5q4RsFoYxlSCOD3D31k4pePDWKmE6X4PUwV63TQ
vg2nhD6fij0yjnWgI6QU3DSQ1KCqcOLfYK+cTDsUBYNaHAq2SaFXN1KaJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE2Yc7dT5FHGB8HmiscU7Pt8aE+GMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvVFpoenQxUGtVY1lId2VhS3h4VHMtM3hvVDRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEbXrwMA0G
CSqGSIb3DQEBCwUAA4IBAQB13mYcOTW8e0RdfvVqm5ei/1CbWgPHt3AUXqiWR7kw
uPZTnPFzJKK7m8lJJZjyhQ6pWPIFmwtDymUsusc0vvKx+YDnmJk4UtQVE+zBEmsl
K2lwG8RqMI3iLh0l03WsF2/EWAC93DLCUEhON3FytgYUS44v6t+3J9glhZVRpAGQ
ZYm/fr3PWwwasq2XE0qu1t8ECTu6fr3e/fLc/zVQdWeFsJB2H+HKCv8SmDLOHiw6
VPf8J3PT5cugjm6fCb23z3Q/0p239mqj4JJJITp5YeUI04TbmyKfZsYjDYp/o5sZ
W/aCN4ycd6PKhrTYefrdejzoxGVhrIm/WYEN//XE34UO
-----END CERTIFICATE-----
Generated at Fri May 2 15:36:45 2025 by rpki-client