Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/Tl1NrJiOGcEs2gX3N0e3ndmlIpE.roa
File: Tl1NrJiOGcEs2gX3N0e3ndmlIpE.roa (raw, json)
Hash identifier: g+RKZ8iY2IksCJmvsf8dIhBpE5AB/zMT9g17xIOsTAI=
Subject key identifier: 4E:5D:4D:AC:98:8E:19:C1:2C:DA:05:F7:37:47:B7:9D:D9:A5:22:91
Certificate issuer: /CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Certificate serial: 01944A6EBDFACD0AE7A8776AA3B97117FCBD
Authority key identifier: 0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/Tl1NrJiOGcEs2gX3N0e3ndmlIpE.roa
Signing time: Thu 09 Jan 2025 09:39:19 +0000
ROA not before: Thu 09 Jan 2025 09:39:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8899
IP address blocks: 150.5.0.0/18 maxlen: 24
Validation: Failed, certificate revoked on Thu 09 Jan 2025 15:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4a:6e:bd:fa:cd:0a:e7:a8:77:6a:a3:b9:71:17:fc:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d69e3ee55dd862674d458661ba34908b0617fa1
Validity
Not Before: Jan 9 09:39:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e5d4dac988e19c12cda05f73747b79dd9a52291
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:6f:9c:c9:85:93:f7:75:c7:41:32:b3:8e:da:
ea:04:bf:23:da:c5:5e:a5:9d:4d:c0:fc:30:b3:22:
e0:37:07:b8:c9:cd:0b:28:5d:0a:6a:de:c8:61:95:
8c:90:94:d6:9a:f4:d3:c5:7d:55:0a:db:40:7d:54:
61:35:20:fd:e5:b7:d3:96:aa:65:5d:8f:29:9a:57:
bc:98:3a:43:bf:c9:90:08:97:f5:b8:d1:9e:c9:24:
e7:be:0c:22:42:ec:c9:af:fa:da:42:21:2a:20:25:
49:ff:db:9f:63:9e:82:61:32:bd:a7:d4:3b:c4:2c:
c9:67:99:aa:9b:55:a8:11:48:d1:ba:3f:a2:dc:66:
28:e8:75:79:33:46:e5:f8:ce:51:83:70:b7:b0:a6:
26:41:d1:bf:98:2d:5a:84:07:59:8f:a7:78:f2:94:
8e:f1:7e:81:9f:02:1f:a4:8b:d8:ab:b9:60:31:84:
0e:c5:0c:9f:b1:11:87:a8:89:a2:06:62:b4:23:88:
cf:41:52:e4:2e:5d:e0:2c:93:3d:0b:28:73:5f:0b:
f4:b6:5e:ab:79:c3:f4:85:56:c9:38:a2:9a:f7:7e:
ba:ec:c1:1b:34:f9:22:9c:50:c6:34:a3:1e:d4:af:
9f:4e:15:5f:26:25:e3:00:98:32:6f:c8:b3:e7:ef:
b5:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:5D:4D:AC:98:8E:19:C1:2C:DA:05:F7:37:47:B7:9D:D9:A5:22:91
X509v3 Authority Key Identifier:
keyid:0D:69:E3:EE:55:DD:86:26:74:D4:58:66:1B:A3:49:08:B0:61:7F:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DWnj7lXdhiZ01FhmG6NJCLBhf6E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/Tl1NrJiOGcEs2gX3N0e3ndmlIpE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/1d2ef8-a86e-446f-8c35-b833bd9e0b3a/1/DWnj7lXdhiZ01FhmG6NJCLBhf6E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.5.0.0/18
Signature Algorithm: sha256WithRSAEncryption
aa:6d:ea:30:80:76:65:c6:16:97:7a:27:80:9e:87:ce:63:01:
77:cb:f9:62:e0:97:b7:08:cc:55:f3:4a:ac:6f:ee:c8:56:b1:
8b:25:89:93:fb:e1:d6:66:14:9c:80:c2:a8:a1:ca:f9:41:bc:
d2:26:99:bd:5f:ba:cd:b4:bd:63:e5:74:09:c6:d8:75:d6:27:
69:d4:65:ca:c1:82:69:a1:c7:70:ec:77:08:99:37:39:65:27:
20:15:65:84:ce:89:c2:42:50:b3:8d:a7:14:cc:5e:14:22:de:
ea:37:aa:ae:eb:28:38:e3:65:2e:a4:bb:16:30:a0:87:eb:81:
db:56:18:30:e6:35:31:1b:53:f9:80:53:55:22:7e:6b:91:19:
39:50:55:5d:1d:62:c9:56:b3:42:22:2b:71:11:8d:27:47:f4:
85:09:cf:93:93:e4:60:89:e2:ca:32:01:9c:16:21:2b:f0:52:
6c:62:ec:68:a5:73:0a:51:db:86:a3:08:4b:fa:0e:0a:70:e1:
eb:a0:0c:37:fd:39:e8:e9:c2:88:44:83:4d:d6:23:8f:7f:1d:
08:7c:18:f5:78:57:ac:e7:84:86:5e:7d:c3:42:c2:11:0a:01:
98:b3:5f:1f:8a:ec:bd:59:51:ec:85:6f:73:cf:51:f9:90:1d:
2e:07:8a:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRKbr36zQrnqHdqo7lxF/y9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNjllM2VlNTVkZDg2MjY3NGQ0NTg2NjFiYTM0OTA4YjA2
MTdmYTEwHhcNMjUwMTA5MDkzOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTVkNGRhYzk4OGUxOWMxMmNkYTA1ZjczNzQ3Yjc5ZGQ5YTUyMjkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy2+cyYWT93XHQTKzjtrqBL8j2sVe
pZ1NwPwwsyLgNwe4yc0LKF0Kat7IYZWMkJTWmvTTxX1VCttAfVRhNSD95bfTlqpl
XY8pmle8mDpDv8mQCJf1uNGeySTnvgwiQuzJr/raQiEqICVJ/9ufY56CYTK9p9Q7
xCzJZ5mqm1WoEUjRuj+i3GYo6HV5M0bl+M5Rg3C3sKYmQdG/mC1ahAdZj6d48pSO
8X6BnwIfpIvYq7lgMYQOxQyfsRGHqImiBmK0I4jPQVLkLl3gLJM9CyhzXwv0tl6r
ecP0hVbJOKKa93667MEbNPkinFDGNKMe1K+fThVfJiXjAJgyb8iz5++13QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE5dTayYjhnBLNoF9zdHt53ZpSKRMB8GA1UdIwQY
MBaAFA1p4+5V3YYmdNRYZhujSQiwYX+hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUt
YjgzM2JkOWUwYjNhLzEvVGwxTnJKaU9HY0VzMmdYM04wZTNuZG1sSXBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8xZDJlZjgtYTg2ZS00NDZmLThjMzUtYjgzM2JkOWUwYjNh
LzEvRFduajdsWGRoaVowMUZobUc2TkpDTEJoZjZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGlgUAMA0G
CSqGSIb3DQEBCwUAA4IBAQCqbeowgHZlxhaXeieAnofOYwF3y/li4Je3CMxV80qs
b+7IVrGLJYmT++HWZhScgMKoocr5QbzSJpm9X7rNtL1j5XQJxth11idp1GXKwYJp
ocdw7HcImTc5ZScgFWWEzonCQlCzjacUzF4UIt7qN6qu6yg442UupLsWMKCH64Hb
Vhgw5jUxG1P5gFNVIn5rkRk5UFVdHWLJVrNCIitxEY0nR/SFCc+Tk+RgieLKMgGc
FiEr8FJsYuxopXMKUduGowhL+g4KcOHroAw3/Tno6cKIRINN1iOPfx0IfBj1eFes
54SGXn3DQsIRCgGYs18fiuy9WVHshW9zz1H5kB0uB4rK
-----END CERTIFICATE-----
Generated at Fri May 9 19:53:12 2025 by rpki-client