Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/TqkbGBOkzsTOwxc_AOIxeVH0VSU.roa
File: TqkbGBOkzsTOwxc_AOIxeVH0VSU.roa (raw, json)
Hash identifier: tpCUjEN7H7NdZipUNQTFb/vv2beEUvnmyIrEh/fovqg=
Subject key identifier: 4E:A9:1B:18:13:A4:CE:C4:CE:C3:17:3F:00:E2:31:79:51:F4:55:25
Certificate issuer: /CN=16055801b775e774306321455fd463fbd9273c4c
Certificate serial: 019687F2113E2D5A9656876593BAE9F5A269
Authority key identifier: 16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/TqkbGBOkzsTOwxc_AOIxeVH0VSU.roa
Signing time: Wed 30 Apr 2025 18:25:10 +0000
ROA not before: Wed 30 Apr 2025 18:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 144.56.13.0/24 maxlen: 24
144.56.17.0/24 maxlen: 24
144.56.24.0/24 maxlen: 24
144.56.27.0/24 maxlen: 24
144.56.31.0/24 maxlen: 24
144.56.33.0/24 maxlen: 24
144.56.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 May 2025 14:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:f2:11:3e:2d:5a:96:56:87:65:93:ba:e9:f5:a2:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16055801b775e774306321455fd463fbd9273c4c
Validity
Not Before: Apr 30 18:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ea91b1813a4cec4cec3173f00e2317951f45525
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:5e:99:bf:0b:fc:61:b5:27:df:bd:92:4c:34:
aa:3f:69:a4:6d:61:9b:2e:72:80:0d:73:fc:08:16:
e6:8a:a2:75:67:4a:4a:1f:bc:f2:72:df:5c:c9:fb:
77:2e:0b:1d:f0:86:83:0a:ca:20:0b:44:af:b4:53:
5a:b1:3a:da:13:6a:1b:bf:2d:3f:c1:1b:98:16:5a:
20:85:9d:d9:1b:eb:ca:8f:f9:65:32:6e:a0:18:50:
90:9a:2d:45:f3:06:8f:eb:3b:80:88:7d:ac:38:4a:
bd:57:97:63:a0:e6:f5:3f:68:18:92:ff:64:47:e8:
7f:ae:a5:bc:9c:f8:e1:6a:3c:44:d6:f7:08:91:83:
ff:36:70:04:c7:4c:76:e6:f6:c5:73:f6:09:a6:59:
90:36:35:56:14:90:c4:5d:f0:16:98:29:21:f0:ed:
49:5f:d8:7a:14:a4:9f:b0:b5:7c:ca:55:ed:10:51:
fb:62:4d:d3:4f:4d:ab:2d:67:47:98:96:f8:d4:e5:
25:a3:1a:11:7c:cb:89:34:f4:56:1b:9e:f6:11:8b:
2c:0f:82:7f:42:01:f2:7a:1c:53:92:65:15:99:67:
4a:a9:6a:80:8c:2e:8b:55:65:58:c6:ed:7d:49:6d:
ae:30:34:5e:d8:24:b1:a4:b2:63:ca:1a:a6:4c:37:
40:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A9:1B:18:13:A4:CE:C4:CE:C3:17:3F:00:E2:31:79:51:F4:55:25
X509v3 Authority Key Identifier:
keyid:16:05:58:01:B7:75:E7:74:30:63:21:45:5F:D4:63:FB:D9:27:3C:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FgVYAbd153QwYyFFX9Rj-9knPEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/TqkbGBOkzsTOwxc_AOIxeVH0VSU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/f0340b-330e-45d7-be58-135717ef388a/1/FgVYAbd153QwYyFFX9Rj-9knPEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.56.13.0/24
144.56.17.0/24
144.56.24.0/24
144.56.27.0/24
144.56.31.0/24
144.56.33.0-144.56.34.255
Signature Algorithm: sha256WithRSAEncryption
ba:42:77:16:a7:68:c7:4a:24:a9:b8:40:36:7e:62:7b:93:bf:
95:cb:67:50:37:e6:8f:d9:0c:08:5b:87:34:b6:58:05:2b:60:
cf:98:57:74:75:b0:e9:31:e4:9f:c9:16:c0:f3:2b:86:d4:6c:
1a:4d:31:93:d4:63:88:b5:03:37:62:62:89:e0:b4:eb:d6:75:
ec:06:5e:2f:30:b9:87:52:ac:99:d9:4d:3d:d4:78:5a:07:dc:
eb:3e:0a:6f:45:a6:ef:5a:d1:42:20:4d:f6:3f:4d:1b:dc:8f:
74:98:2a:b6:25:72:05:c4:62:97:da:1e:d9:a4:f5:56:57:01:
5b:ea:81:42:1c:94:d1:4f:39:bd:20:1c:f7:f8:c1:11:b4:6c:
13:09:78:bf:f9:05:41:0e:aa:b8:76:0a:f2:19:22:77:c2:73:
6c:a2:b6:8e:e8:69:19:8c:3e:72:91:c9:b5:b5:e7:cb:dd:9c:
28:ff:ce:e4:44:e5:a4:50:e5:19:78:76:d5:89:1f:14:57:54:
d4:6d:34:0d:94:69:52:d6:60:c4:be:df:c3:5b:c8:5d:a5:4b:
54:d6:5d:76:4e:41:0e:96:05:45:d2:bc:b0:d4:13:10:6c:f2:
e2:3c:0b:e0:37:26:da:3c:71:2e:ae:7c:e5:10:3e:3b:1c:56:
76:50:17:74
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZaH8hE+LVqWVodlk7rp9aJpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MDU1ODAxYjc3NWU3NzQzMDYzMjE0NTVmZDQ2M2ZiZDky
NzNjNGMwHhcNMjUwNDMwMTgyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWE5MWIxODEzYTRjZWM0Y2VjMzE3M2YwMGUyMzE3OTUxZjQ1NTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1V6Zvwv8YbUn372STDSqP2mkbWGb
LnKADXP8CBbmiqJ1Z0pKH7zyct9cyft3Lgsd8IaDCsogC0SvtFNasTraE2obvy0/
wRuYFloghZ3ZG+vKj/llMm6gGFCQmi1F8waP6zuAiH2sOEq9V5djoOb1P2gYkv9k
R+h/rqW8nPjhajxE1vcIkYP/NnAEx0x25vbFc/YJplmQNjVWFJDEXfAWmCkh8O1J
X9h6FKSfsLV8ylXtEFH7Yk3TT02rLWdHmJb41OUloxoRfMuJNPRWG572EYssD4J/
QgHyehxTkmUVmWdKqWqAjC6LVWVYxu19SW2uMDRe2CSxpLJjyhqmTDdAnwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFE6pGxgTpM7EzsMXPwDiMXlR9FUlMB8GA1UdIwQY
MBaAFBYFWAG3ded0MGMhRV/UY/vZJzxMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgt
MTM1NzE3ZWYzODhhLzEvVHFrYkdCT2t6c1RPd3hjX0FPSXhlVkgwVlNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9mMDM0MGItMzMwZS00NWQ3LWJlNTgtMTM1NzE3ZWYzODhh
LzEvRmdWWUFiZDE1M1F3WXlGRlg5UmotOWtuUEV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAkDgNAwQA
kDgRAwQAkDgYAwQAkDgbAwQAkDgfMAwDBACQOCEDBACQOCIwDQYJKoZIhvcNAQEL
BQADggEBALpCdxanaMdKJKm4QDZ+YnuTv5XLZ1A35o/ZDAhbhzS2WAUrYM+YV3R1
sOkx5J/JFsDzK4bUbBpNMZPUY4i1AzdiYongtOvWdewGXi8wuYdSrJnZTT3UeFoH
3Os+Cm9Fpu9a0UIgTfY/TRvcj3SYKrYlcgXEYpfaHtmk9VZXAVvqgUIclNFPOb0g
HPf4wRG0bBMJeL/5BUEOqrh2CvIZInfCc2yito7oaRmMPnKRybW158vdnCj/zuRE
5aRQ5Rl4dtWJHxRXVNRtNA2UaVLWYMS+38NbyF2lS1TWXXZOQQ6WBUXSvLDUExBs
8uI8C+A3Jto8cS6ufOUQPjscVnZQF3Q=
-----END CERTIFICATE-----
Generated at Wed May 14 01:25:00 2025 by rpki-client