Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/TIKGhWti7LlfJOsqIP1aOxrKM1U.roa
File: TIKGhWti7LlfJOsqIP1aOxrKM1U.roa (raw, json)
Hash identifier: oo0v2ZrdEcGmimU7Vf/3xQvnqoN2hz9tXBiXhXfAwQk=
Subject key identifier: 4C:82:86:85:6B:62:EC:B9:5F:24:EB:2A:20:FD:5A:3B:1A:CA:33:55
Certificate issuer: /CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Certificate serial: 01967BFAB6A7C1BD1487C4425989706283F8
Authority key identifier: AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/TIKGhWti7LlfJOsqIP1aOxrKM1U.roa
Signing time: Mon 28 Apr 2025 10:39:10 +0000
ROA not before: Mon 28 Apr 2025 10:39:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208485
IP address blocks: 45.133.38.0/24 maxlen: 24
45.133.39.0/24 maxlen: 24
185.148.243.0/24 maxlen: 24
185.174.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 12:48:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:fa:b6:a7:c1:bd:14:87:c4:42:59:89:70:62:83:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad0da43b4a5d3db78ba3f774e5b31b77037202d5
Validity
Not Before: Apr 28 10:39:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c8286856b62ecb95f24eb2a20fd5a3b1aca3355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:a9:a6:5f:1d:65:d4:2e:5d:c0:9f:d7:23:32:
17:75:29:48:d9:6f:0a:cd:24:63:d6:8e:44:f7:78:
b5:e7:64:56:5f:91:ef:72:ba:f7:d3:27:ac:04:af:
89:3a:9e:e6:f5:4c:fc:55:f3:b4:3b:8d:e4:e5:73:
73:3c:f7:72:89:4c:e4:58:f0:da:a9:ed:18:98:67:
ad:c2:e5:74:10:58:f3:94:94:58:b1:87:e1:74:22:
53:b1:0a:62:b2:1e:9d:51:8f:eb:90:71:11:56:93:
84:4f:48:a8:17:08:a8:22:22:e2:57:16:68:22:e6:
c5:3b:12:21:7d:aa:05:63:cc:db:f3:f4:7b:5b:d7:
01:30:ed:6d:79:e3:63:64:28:31:cf:48:8e:7e:7c:
22:6e:da:4a:f5:19:cf:0b:ab:34:07:90:78:d8:32:
ce:37:bb:fc:3f:9f:81:99:d1:5a:fc:5d:c3:08:a6:
03:85:83:a1:0d:7b:eb:0f:65:6a:db:40:99:fc:1e:
c9:b3:6e:c7:01:ae:b4:11:bc:9c:5a:2d:60:0b:fc:
0a:6e:9f:c5:f5:8e:12:c5:9c:b2:aa:ea:b9:68:dd:
89:f5:56:ee:db:b7:05:f8:81:00:b2:3e:4f:c5:a0:
ce:b2:6d:51:31:b3:c3:14:03:5e:56:dc:80:f6:58:
28:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:82:86:85:6B:62:EC:B9:5F:24:EB:2A:20:FD:5A:3B:1A:CA:33:55
X509v3 Authority Key Identifier:
keyid:AD:0D:A4:3B:4A:5D:3D:B7:8B:A3:F7:74:E5:B3:1B:77:03:72:02:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rQ2kO0pdPbeLo_d05bMbdwNyAtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/TIKGhWti7LlfJOsqIP1aOxrKM1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/dd8096-14cc-488d-9257-c515f354cc5a/1/rQ2kO0pdPbeLo_d05bMbdwNyAtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.38.0/23
185.148.243.0/24
185.174.20.0/24
Signature Algorithm: sha256WithRSAEncryption
67:0b:b7:06:b9:5e:25:eb:ab:d0:a4:d2:89:85:50:8e:97:0e:
05:44:d8:e2:db:8c:9a:3f:64:87:fd:eb:47:9a:76:27:75:b8:
83:93:60:c1:02:ea:00:05:7f:4a:cc:91:51:c3:4a:3a:78:ba:
9e:e5:d7:77:80:e4:0a:99:5e:ff:62:7b:f1:63:53:ca:fb:15:
c1:ce:d0:79:0c:da:c1:73:bb:20:67:6e:62:45:ea:47:dc:72:
bf:7c:f2:e3:0c:c2:a4:00:57:47:88:f6:45:12:09:1e:a1:0d:
03:98:ec:d8:49:58:51:49:24:3c:4d:82:06:b7:61:11:4d:39:
e1:1d:a6:ac:58:01:c1:b6:91:a4:13:cb:48:a6:c7:e4:f6:de:
68:f5:07:19:74:1a:b3:f1:ab:80:a0:c7:27:62:5e:84:99:d3:
f7:d8:03:1b:a4:c0:0c:2d:2b:d1:fe:25:2f:52:27:42:6e:18:
ee:80:22:59:53:5d:69:8a:34:2a:45:f7:21:05:37:cc:17:e8:
b2:1b:05:31:a8:96:e7:1c:68:4d:f0:b2:14:9f:37:04:7c:14:
14:cb:54:68:ef:e3:9a:f9:63:af:07:61:8c:15:6d:4a:1d:f9:
ae:79:11:71:43:54:9d:26:b7:54:bf:d7:b4:66:39:5b:be:40:
66:15:02:ff
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZ7+ranwb0Uh8RCWYlwYoP4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMGRhNDNiNGE1ZDNkYjc4YmEzZjc3NGU1YjMxYjc3MDM3
MjAyZDUwHhcNMjUwNDI4MTAzOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzgyODY4NTZiNjJlY2I5NWYyNGViMmEyMGZkNWEzYjFhY2EzMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8qmmXx1l1C5dwJ/XIzIXdSlI2W8K
zSRj1o5E93i152RWX5Hvcrr30yesBK+JOp7m9Uz8VfO0O43k5XNzPPdyiUzkWPDa
qe0YmGetwuV0EFjzlJRYsYfhdCJTsQpish6dUY/rkHERVpOET0ioFwioIiLiVxZo
IubFOxIhfaoFY8zb8/R7W9cBMO1teeNjZCgxz0iOfnwibtpK9RnPC6s0B5B42DLO
N7v8P5+BmdFa/F3DCKYDhYOhDXvrD2Vq20CZ/B7Js27HAa60EbycWi1gC/wKbp/F
9Y4SxZyyquq5aN2J9Vbu27cF+IEAsj5PxaDOsm1RMbPDFANeVtyA9lgo6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEyChoVrYuy5XyTrKiD9WjsayjNVMB8GA1UdIwQY
MBaAFK0NpDtKXT23i6P3dOWzG3cDcgLVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTct
YzUxNWYzNTRjYzVhLzEvVElLR2hXdGk3TGxmSk9zcUlQMWFPeHJLTTFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC9kZDgwOTYtMTRjYy00ODhkLTkyNTctYzUxNWYzNTRjYzVh
LzEvclEya08wcGRQYmVMb19kMDViTWJkd055QXRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBLYUmAwQA
uZTzAwQAua4UMA0GCSqGSIb3DQEBCwUAA4IBAQBnC7cGuV4l66vQpNKJhVCOlw4F
RNji24yaP2SH/etHmnYndbiDk2DBAuoABX9KzJFRw0o6eLqe5dd3gOQKmV7/Ynvx
Y1PK+xXBztB5DNrBc7sgZ25iRepH3HK/fPLjDMKkAFdHiPZFEgkeoQ0DmOzYSVhR
SSQ8TYIGt2ERTTnhHaasWAHBtpGkE8tIpsfk9t5o9QcZdBqz8auAoMcnYl6EmdP3
2AMbpMAMLSvR/iUvUidCbhjugCJZU11pijQqRfchBTfMF+iyGwUxqJbnHGhN8LIU
nzcEfBQUy1Ro7+Oa+WOvB2GMFW1KHfmueRFxQ1SdJrdUv9e0ZjlbvkBmFQL/
-----END CERTIFICATE-----
Generated at Sun May 11 19:15:55 2025 by rpki-client