Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/tbUNkFgGMreIwrqb2ikejtLoctc.roa
File: tbUNkFgGMreIwrqb2ikejtLoctc.roa (raw, json)
Hash identifier: 8MyyUGJDZ817vpwPQUVO9o335B2RB1VLGVHwXzXWMok=
Subject key identifier: B5:B5:0D:90:58:06:32:B7:88:C2:BA:9B:DA:29:1E:8E:D2:E8:72:D7
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 019387D7D86F609943DDA8591F1A8F205EC4
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/tbUNkFgGMreIwrqb2ikejtLoctc.roa
Signing time: Mon 02 Dec 2024 14:48:10 +0000
ROA not before: Mon 02 Dec 2024 14:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34295
IP address blocks: 46.10.217.0/24 maxlen: 24
62.176.118.0/24 maxlen: 24
87.126.120.0/22 maxlen: 24
90.154.144.0/21 maxlen: 24
90.154.152.0/22 maxlen: 22
90.154.152.0/24 maxlen: 24
90.154.153.0/24 maxlen: 24
90.154.154.0/24 maxlen: 24
90.154.155.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:87:d7:d8:6f:60:99:43:dd:a8:59:1f:1a:8f:20:5e:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Dec 2 14:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5b50d90580632b788c2ba9bda291e8ed2e872d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:01:78:09:cc:93:6c:38:76:eb:70:a5:76:50:
08:df:e0:03:e6:9d:26:fa:5b:2a:20:50:eb:d1:f7:
10:ff:c5:71:42:53:3d:d2:15:1a:f4:11:6b:48:a8:
77:10:61:4d:11:e0:03:12:78:17:0e:68:38:b5:be:
e7:37:8c:86:dd:50:45:39:c7:00:a0:9b:23:7a:ba:
f1:d8:aa:de:39:79:b1:d5:19:5d:a6:0b:b7:84:3c:
c9:33:a6:6d:20:ef:1d:31:cb:9a:9a:72:86:20:32:
a0:44:e4:9e:2f:28:4c:96:92:d3:09:48:be:a3:ad:
e7:2f:87:13:04:f6:44:81:6f:f0:4d:21:24:db:96:
2c:66:04:68:ec:f1:68:58:93:f1:fd:dd:42:5f:49:
31:e9:32:28:15:b7:0c:82:a8:3e:71:42:31:c9:04:
5b:49:4d:10:6f:2f:4f:0e:ec:73:f5:59:c4:fa:8e:
f0:b0:b4:3a:65:7e:ff:7e:b8:00:5e:54:85:11:3f:
75:46:bc:85:d6:a3:c5:61:60:85:3d:ce:1a:3f:40:
df:fe:4e:78:e3:1e:24:ee:ac:bf:91:1a:85:a0:d1:
f3:df:e8:7b:68:6a:a4:08:e7:95:2a:6a:e9:1d:e3:
2d:32:14:5c:bf:1d:0a:5c:ce:c7:d0:23:0b:1e:bb:
63:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:B5:0D:90:58:06:32:B7:88:C2:BA:9B:DA:29:1E:8E:D2:E8:72:D7
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/tbUNkFgGMreIwrqb2ikejtLoctc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.10.217.0/24
62.176.118.0/24
87.126.120.0/22
90.154.144.0-90.154.155.255
Signature Algorithm: sha256WithRSAEncryption
04:2b:f7:3b:6e:0d:e2:77:d8:4f:e9:57:99:5b:3a:5a:ce:80:
ff:f5:c9:33:32:41:0e:26:76:8f:26:a6:ef:3d:f8:cb:e4:61:
22:be:06:bb:d9:c5:b2:13:02:2a:ca:f9:61:d9:5e:3f:5d:5d:
80:a5:5f:ae:85:df:26:bc:41:39:36:de:f3:1f:78:b2:84:23:
73:d2:cd:63:5b:ba:11:48:58:f7:5d:eb:e0:2a:d9:d1:99:29:
a2:62:92:3f:c4:7e:17:c2:90:e4:8a:9b:5c:ed:02:48:ef:a6:
46:13:74:df:86:35:ed:a5:bc:27:55:75:12:79:4c:72:4b:66:
0d:f0:0e:da:54:1f:cd:9b:da:b7:13:19:c9:f7:88:f5:4a:4f:
3a:9a:09:07:1b:4e:30:6e:0e:0e:16:59:32:c4:14:f9:db:f4:
38:07:e8:51:13:57:48:03:64:19:87:f1:ab:3c:77:c1:62:db:
30:1b:6c:d8:25:44:58:7a:da:6d:af:21:6c:75:7e:88:4e:bd:
31:1d:07:c1:c7:d2:7c:85:c1:ce:c2:7c:3f:bf:99:9f:e9:12:
90:1c:64:94:25:29:b4:2d:27:cd:10:98:49:6c:42:85:e6:d0:
15:ee:e7:66:2e:9b:ad:7e:31:4f:65:87:ec:7e:0e:e0:aa:1f:
8c:be:8d:f1
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZOH19hvYJlD3ahZHxqPIF7EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjQxMjAyMTQ0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWI1MGQ5MDU4MDYzMmI3ODhjMmJhOWJkYTI5MWU4ZWQyZTg3MmQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwwF4CcyTbDh263CldlAI3+AD5p0m
+lsqIFDr0fcQ/8VxQlM90hUa9BFrSKh3EGFNEeADEngXDmg4tb7nN4yG3VBFOccA
oJsjerrx2KreOXmx1Rldpgu3hDzJM6ZtIO8dMcuamnKGIDKgROSeLyhMlpLTCUi+
o63nL4cTBPZEgW/wTSEk25YsZgRo7PFoWJPx/d1CX0kx6TIoFbcMgqg+cUIxyQRb
SU0Qby9PDuxz9VnE+o7wsLQ6ZX7/frgAXlSFET91RryF1qPFYWCFPc4aP0Df/k54
4x4k7qy/kRqFoNHz3+h7aGqkCOeVKmrpHeMtMhRcvx0KXM7H0CMLHrtjTwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLW1DZBYBjK3iMK6m9opHo7S6HLXMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvdGJVTmtGZ0dNcmVJd3JxYjJpa2VqdExvY3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALgrZAwQA
PrB2AwQCV354MAwDBARampADBAJampgwDQYJKoZIhvcNAQELBQADggEBAAQr9ztu
DeJ32E/pV5lbOlrOgP/1yTMyQQ4mdo8mpu89+MvkYSK+BrvZxbITAirK+WHZXj9d
XYClX66F3ya8QTk23vMfeLKEI3PSzWNbuhFIWPdd6+Aq2dGZKaJikj/EfhfCkOSK
m1ztAkjvpkYTdN+GNe2lvCdVdRJ5THJLZg3wDtpUH82b2rcTGcn3iPVKTzqaCQcb
TjBuDg4WWTLEFPnb9DgH6FETV0gDZBmH8as8d8Fi2zAbbNglRFh62m2vIWx1fohO
vTEdB8HH0nyFwc7CfD+/mZ/pEpAcZJQlKbQtJ80QmElsQoXm0BXu52Yum61+MU9l
h+x+DuCqH4y+jfE=
-----END CERTIFICATE-----
Generated at Sat May 10 15:02:25 2025 by rpki-client