Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/TW4nDsAeXJLTNZ_JesKGtXrOzq4.roa
File: TW4nDsAeXJLTNZ_JesKGtXrOzq4.roa (raw, json)
Hash identifier: Rhm04ozv9liJ3aDV/YfPs81PHhutuc2BXi550Ilmg7s=
Subject key identifier: 4D:6E:27:0E:C0:1E:5C:92:D3:35:9F:C9:7A:C2:86:B5:7A:CE:CE:AE
Certificate issuer: /CN=9aeecb353f1cdc5fd3a9d54a8873531efd285c46
Certificate serial: 0194228DEB3F74F64FD3829E3E3D46AE635C
Authority key identifier: 9A:EE:CB:35:3F:1C:DC:5F:D3:A9:D5:4A:88:73:53:1E:FD:28:5C:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu7LNT8c3F_TqdVKiHNTHv0oXEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/TW4nDsAeXJLTNZ_JesKGtXrOzq4.roa
Signing time: Wed 01 Jan 2025 15:48:33 +0000
ROA not before: Wed 01 Jan 2025 15:48:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 195.96.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 06:12:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:eb:3f:74:f6:4f:d3:82:9e:3e:3d:46:ae:63:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aeecb353f1cdc5fd3a9d54a8873531efd285c46
Validity
Not Before: Jan 1 15:48:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d6e270ec01e5c92d3359fc97ac286b57aceceae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7f:ba:34:8a:9b:ea:0a:24:2c:42:aa:df:ac:
3e:1c:06:b9:a9:1e:49:fb:a4:55:3d:50:9e:1e:36:
0c:c1:c6:73:50:4e:e8:63:b7:6a:8b:98:d3:fb:12:
d2:e0:42:3e:52:ee:c2:33:09:ee:d8:ec:0e:e2:b6:
2c:98:68:5d:4a:00:1d:4e:b3:d7:da:b9:ab:89:d3:
be:60:95:6f:ca:f8:88:1b:b1:6d:86:01:c3:45:87:
d7:17:9e:60:e5:93:94:df:f4:d5:44:4f:61:e1:be:
f5:0d:21:d6:f1:37:5b:8e:dc:99:f9:a3:b3:6e:f3:
21:de:73:b8:01:d2:4a:e8:1d:ca:e5:33:80:89:3c:
43:47:67:fe:2c:2b:17:25:da:e2:5e:70:15:c3:9e:
b3:0e:24:83:cc:85:68:7b:e6:af:e2:e7:fb:6f:57:
c0:6e:29:37:66:b9:28:66:5f:bd:db:e0:99:3a:6e:
c4:49:ff:18:de:bf:c0:50:14:94:40:8a:be:ee:a2:
db:2a:27:67:12:d5:f9:16:35:4e:49:5d:48:e9:a2:
19:fd:4c:a7:41:c2:ac:13:d4:ef:01:47:95:1b:91:
0c:e5:46:f0:d7:c4:06:71:fb:04:b9:6e:e9:b8:68:
43:b8:d0:d5:ba:fd:c8:00:e4:08:84:d9:2e:9a:0a:
fe:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6E:27:0E:C0:1E:5C:92:D3:35:9F:C9:7A:C2:86:B5:7A:CE:CE:AE
X509v3 Authority Key Identifier:
keyid:9A:EE:CB:35:3F:1C:DC:5F:D3:A9:D5:4A:88:73:53:1E:FD:28:5C:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu7LNT8c3F_TqdVKiHNTHv0oXEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/TW4nDsAeXJLTNZ_JesKGtXrOzq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/15863b-787f-4084-b7f6-5944960e31cf/1/mu7LNT8c3F_TqdVKiHNTHv0oXEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.96.138.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:49:84:f5:7f:00:0f:98:af:d6:09:ca:37:2b:40:44:52:d7:
fd:29:b7:6c:d4:c5:e2:af:64:de:b1:43:ff:68:2b:2e:71:f2:
2b:18:92:64:6e:2e:37:b9:0f:f0:f2:1c:74:9b:e4:ce:49:8e:
5d:c5:f1:0e:69:1c:b5:48:48:eb:be:62:ad:cf:45:37:2f:7b:
7e:b0:99:84:5c:89:21:0b:a2:ac:81:f8:49:2c:6b:70:ac:8e:
61:ba:d0:4d:0e:c6:03:71:fc:4a:b2:05:4d:6c:6b:fb:8a:29:
47:fa:70:1c:c1:26:15:1c:7d:d0:1b:a5:45:87:2c:be:3a:df:
c9:39:53:55:5b:54:e8:99:9f:f9:c8:2c:67:14:d0:78:a0:39:
7e:45:39:7c:50:2a:9b:99:ce:a6:84:61:75:1c:93:4a:5a:f7:
b9:1b:0e:8c:2d:5c:44:ac:e6:87:8a:63:a6:6a:0f:8f:50:4b:
93:94:3c:f3:3f:7f:cb:2a:8a:b0:59:87:73:7b:18:61:a9:96:
6e:5b:22:3a:40:95:89:10:c5:31:53:da:80:da:8e:c9:1e:f7:
42:03:73:62:66:39:90:2f:9c:b0:7b:9d:94:b7:c0:70:88:07:
58:d8:ed:0f:8a:0e:c7:2a:84:c0:80:90:d2:33:3f:7d:52:df:
4f:95:5f:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijes/dPZP04KePj1GrmNcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWVjYjM1M2YxY2RjNWZkM2E5ZDU0YTg4NzM1MzFlZmQy
ODVjNDYwHhcNMjUwMTAxMTU0ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZlMjcwZWMwMWU1YzkyZDMzNTlmYzk3YWMyODZiNTdhY2VjZWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX+6NIqb6gokLEKq36w+HAa5qR5J
+6RVPVCeHjYMwcZzUE7oY7dqi5jT+xLS4EI+Uu7CMwnu2OwO4rYsmGhdSgAdTrPX
2rmridO+YJVvyviIG7FthgHDRYfXF55g5ZOU3/TVRE9h4b71DSHW8TdbjtyZ+aOz
bvMh3nO4AdJK6B3K5TOAiTxDR2f+LCsXJdriXnAVw56zDiSDzIVoe+av4uf7b1fA
bik3ZrkoZl+92+CZOm7ESf8Y3r/AUBSUQIq+7qLbKidnEtX5FjVOSV1I6aIZ/Uyn
QcKsE9TvAUeVG5EM5Ubw18QGcfsEuW7puGhDuNDVuv3IAOQIhNkumgr+yQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1uJw7AHlyS0zWfyXrChrV6zs6uMB8GA1UdIwQY
MBaAFJruyzU/HNxf06nVSohzUx79KFxGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU3TE5UOGMzRl9UcWRWS2lITlRIdjBvWEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8xNTg2M2ItNzg3Zi00MDg0LWI3ZjYt
NTk0NDk2MGUzMWNmLzEvVFc0bkRzQWVYSkxUTlpfSmVzS0d0WHJPenE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8xNTg2M2ItNzg3Zi00MDg0LWI3ZjYtNTk0NDk2MGUzMWNm
LzEvbXU3TE5UOGMzRl9UcWRWS2lITlRIdjBvWEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw2CKMA0G
CSqGSIb3DQEBCwUAA4IBAQAcSYT1fwAPmK/WCco3K0BEUtf9Kbds1MXir2TesUP/
aCsucfIrGJJkbi43uQ/w8hx0m+TOSY5dxfEOaRy1SEjrvmKtz0U3L3t+sJmEXIkh
C6KsgfhJLGtwrI5hutBNDsYDcfxKsgVNbGv7iilH+nAcwSYVHH3QG6VFhyy+Ot/J
OVNVW1TomZ/5yCxnFNB4oDl+RTl8UCqbmc6mhGF1HJNKWve5Gw6MLVxErOaHimOm
ag+PUEuTlDzzP3/LKoqwWYdzexhhqZZuWyI6QJWJEMUxU9qA2o7JHvdCA3NiZjmQ
L5ywe52Ut8BwiAdY2O0Pig7HKoTAgJDSMz99Ut9PlV8d
-----END CERTIFICATE-----
Generated at Sat May 3 15:34:03 2025 by rpki-client