Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/TZk6WydlgPTMvGP4RmaEjKZXdHA.roa
File: TZk6WydlgPTMvGP4RmaEjKZXdHA.roa (raw, json)
Hash identifier: JTDSbcS71EDadr5ibJTw2ibqxzzj1kUDvAippq7McEQ=
Subject key identifier: 4D:99:3A:5B:27:65:80:F4:CC:BC:63:F8:46:66:84:8C:A6:57:74:70
Certificate issuer: /CN=a898496b8d1dd825b487038fb87ca199b13b93df
Certificate serial: 019427B51E41EDBB9F1F9D3F3E37B8B35CF6
Authority key identifier: A8:98:49:6B:8D:1D:D8:25:B4:87:03:8F:B8:7C:A1:99:B1:3B:93:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qJhJa40d2CW0hwOPuHyhmbE7k98.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/TZk6WydlgPTMvGP4RmaEjKZXdHA.roa
Signing time: Thu 02 Jan 2025 15:49:28 +0000
ROA not before: Thu 02 Jan 2025 15:49:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48866
IP address blocks: 91.223.178.0/24 maxlen: 24
193.218.186.0/24 maxlen: 24
195.191.40.0/24 maxlen: 24
195.191.41.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 07:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:1e:41:ed:bb:9f:1f:9d:3f:3e:37:b8:b3:5c:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a898496b8d1dd825b487038fb87ca199b13b93df
Validity
Not Before: Jan 2 15:49:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4d993a5b276580f4ccbc63f84666848ca6577470
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:a2:73:2b:f0:70:04:4e:7b:55:b2:fc:8b:93:
c2:a0:45:c7:13:11:86:20:a6:0f:05:3b:4e:24:53:
04:85:17:8d:f3:63:65:cb:2f:7d:2f:1d:86:d9:64:
ec:5a:90:59:7e:11:95:68:d7:a3:73:51:17:67:47:
b7:69:2f:2a:60:66:95:0c:9a:24:54:b5:87:e3:5e:
0b:35:53:8e:37:c6:ba:8f:9c:1b:1e:a0:56:f1:c0:
12:7e:3f:c6:ee:4d:4f:14:df:12:8f:24:be:58:48:
84:fb:57:94:8e:78:b1:2b:44:a2:c5:67:67:03:7a:
39:dd:2a:58:40:6b:2a:2a:80:ea:2b:0f:95:31:21:
7f:07:c4:ca:b8:3a:13:d5:0d:7c:70:8a:a1:b6:50:
31:dd:91:00:0a:59:43:b4:5d:13:3a:32:82:93:7a:
bc:c2:f3:4a:cb:bb:74:e1:ce:39:8a:52:05:d9:6d:
e0:1e:f9:c1:12:24:99:25:02:af:49:a5:49:eb:80:
ed:89:d7:fe:0e:6a:f5:7b:77:58:fd:4d:4c:a3:00:
31:bd:c4:ba:a5:12:d7:6c:e5:67:30:07:37:12:73:
b2:83:40:31:af:57:db:5b:3f:ff:79:eb:a6:ca:da:
42:84:d0:10:35:3d:97:8c:08:21:90:cb:9b:91:b8:
50:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:99:3A:5B:27:65:80:F4:CC:BC:63:F8:46:66:84:8C:A6:57:74:70
X509v3 Authority Key Identifier:
keyid:A8:98:49:6B:8D:1D:D8:25:B4:87:03:8F:B8:7C:A1:99:B1:3B:93:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qJhJa40d2CW0hwOPuHyhmbE7k98.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/TZk6WydlgPTMvGP4RmaEjKZXdHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/8603e1-9b6b-43a6-b95e-36878f657e12/1/qJhJa40d2CW0hwOPuHyhmbE7k98.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.223.178.0/24
193.218.186.0/24
195.191.40.0/23
Signature Algorithm: sha256WithRSAEncryption
01:f2:97:e9:b9:52:bd:c6:b0:5a:78:dd:29:22:29:d3:41:bd:
7d:49:44:0e:46:43:79:30:32:4d:d2:8e:ba:6a:ad:07:b9:fc:
e3:c3:44:05:53:06:92:b4:d2:e1:9d:07:72:78:4f:16:57:f3:
ec:ee:59:76:69:56:5b:3e:1f:2b:c1:43:4a:5d:34:14:f9:1f:
84:d6:74:73:40:66:a8:3d:4f:15:b4:e0:8d:5a:13:0a:06:6c:
47:f3:76:db:6a:0e:42:3d:40:82:41:21:3a:67:f9:ba:31:6b:
27:04:26:0c:f3:b2:5f:a6:2c:a7:f8:27:a8:16:43:43:0a:3e:
49:8d:e7:df:a3:9f:17:70:bf:79:83:86:b4:0d:16:e9:d1:bd:
28:b7:21:a8:fe:d7:a2:90:72:60:dd:98:0a:25:ae:75:22:0a:
6b:ac:7f:9f:3a:05:96:82:9b:0f:72:63:58:ab:d7:4a:7b:b0:
6e:95:90:77:81:fd:10:0d:c6:6a:a4:2d:d4:18:d8:db:89:ed:
12:01:20:61:24:9c:2c:13:26:2e:73:84:9b:ca:a9:29:f8:f6:
a2:90:13:25:f3:36:53:79:18:18:7c:90:b5:8a:7e:ec:f4:e7:
9c:a6:48:5a:04:b7:ee:81:ec:d8:b9:d5:ab:41:99:00:00:61:
5f:73:92:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntR5B7bufH50/Pje4s1z2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4OTg0OTZiOGQxZGQ4MjViNDg3MDM4ZmI4N2NhMTk5YjEz
YjkzZGYwHhcNMjUwMTAyMTU0OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk5M2E1YjI3NjU4MGY0Y2NiYzYzZjg0NjY2ODQ4Y2E2NTc3NDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxqJzK/BwBE57VbL8i5PCoEXHExGG
IKYPBTtOJFMEhReN82Nlyy99Lx2G2WTsWpBZfhGVaNejc1EXZ0e3aS8qYGaVDJok
VLWH414LNVOON8a6j5wbHqBW8cASfj/G7k1PFN8SjyS+WEiE+1eUjnixK0SixWdn
A3o53SpYQGsqKoDqKw+VMSF/B8TKuDoT1Q18cIqhtlAx3ZEACllDtF0TOjKCk3q8
wvNKy7t04c45ilIF2W3gHvnBEiSZJQKvSaVJ64Dtidf+Dmr1e3dY/U1MowAxvcS6
pRLXbOVnMAc3EnOyg0Axr1fbWz//eeumytpChNAQNT2XjAghkMubkbhQHwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE2ZOlsnZYD0zLxj+EZmhIymV3RwMB8GA1UdIwQY
MBaAFKiYSWuNHdgltIcDj7h8oZmxO5PfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUpoSmE0MGQyQ1cwaHdPUHVIeWhtYkU3azk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84NjAzZTEtOWI2Yi00M2E2LWI5NWUt
MzY4NzhmNjU3ZTEyLzEvVFprNld5ZGxnUFRNdkdQNFJtYUVqS1pYZEhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84NjAzZTEtOWI2Yi00M2E2LWI5NWUtMzY4NzhmNjU3ZTEy
LzEvcUpoSmE0MGQyQ1cwaHdPUHVIeWhtYkU3azk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9+yAwQA
wdq6AwQBw78oMA0GCSqGSIb3DQEBCwUAA4IBAQAB8pfpuVK9xrBaeN0pIinTQb19
SUQORkN5MDJN0o66aq0Hufzjw0QFUwaStNLhnQdyeE8WV/Ps7ll2aVZbPh8rwUNK
XTQU+R+E1nRzQGaoPU8VtOCNWhMKBmxH83bbag5CPUCCQSE6Z/m6MWsnBCYM87Jf
piyn+CeoFkNDCj5Jjeffo58XcL95g4a0DRbp0b0otyGo/teikHJg3ZgKJa51Igpr
rH+fOgWWgpsPcmNYq9dKe7BulZB3gf0QDcZqpC3UGNjbie0SASBhJJwsEyYuc4Sb
yqkp+PaikBMl8zZTeRgYfJC1in7s9OecpkhaBLfugezYudWrQZkAAGFfc5Ky
-----END CERTIFICATE-----
Generated at Mon Apr 28 11:05:47 2025 by rpki-client