Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/tfY2B5fsR9yiXW1z-2Ll3LkmSes.roa
File: tfY2B5fsR9yiXW1z-2Ll3LkmSes.roa (raw, json)
Hash identifier: eukelmnyp2IfwNquUPIY74b5fKwK6G9Rl1P0UJ69BTQ=
Subject key identifier: B5:F6:36:07:97:EC:47:DC:A2:5D:6D:73:FB:62:E5:DC:B9:26:49:EB
Certificate issuer: /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial: 01918E6331F50E99DECE08BBA96DA7FFB13F
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/tfY2B5fsR9yiXW1z-2Ll3LkmSes.roa
Signing time: Mon 26 Aug 2024 11:12:31 +0000
ROA not before: Mon 26 Aug 2024 11:12:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60398
IP address blocks: 185.249.105.0/24 maxlen: 24
185.249.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 11:15:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:63:31:f5:0e:99:de:ce:08:bb:a9:6d:a7:ff:b1:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
Validity
Not Before: Aug 26 11:12:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5f6360797ec47dca25d6d73fb62e5dcb92649eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f9:d0:3a:c7:61:02:a0:82:0d:d4:09:f4:b1:
13:4f:4e:26:e8:3e:04:2d:2c:84:00:89:e8:6c:20:
e9:77:c8:19:55:68:f4:98:f3:7d:b0:63:4e:72:fe:
be:c9:0c:10:b1:96:cd:38:c4:2e:d4:5b:ea:9a:05:
33:f4:df:5c:b8:38:bc:44:37:1e:fb:c0:a1:26:3f:
8a:b0:ec:95:d4:27:e6:fa:02:07:96:c8:56:c2:9e:
2e:f3:f3:af:f3:48:80:5b:b4:55:e5:69:46:db:06:
8a:cc:35:8e:71:03:e4:3d:7c:7c:e9:c1:19:fe:56:
da:dc:a2:61:92:a1:a9:c3:74:23:0f:d5:6d:91:1e:
99:53:fe:cc:15:5e:39:8b:02:c4:56:b4:ba:7d:d3:
91:09:96:58:fa:a3:5a:a7:93:4a:fa:d7:c7:1c:0f:
a3:cb:1f:7b:92:45:c6:eb:a8:1d:3e:8f:11:3d:22:
ea:5d:e6:84:8c:1c:6d:c3:c4:04:e4:27:46:63:6a:
bb:ce:d3:da:ca:34:43:10:b3:9c:47:65:43:93:17:
13:cf:e8:cc:9c:6c:21:5a:fe:ae:51:d3:b9:cd:ee:
eb:e2:d8:bc:7c:9e:dd:c0:de:44:a5:bd:1f:7f:c9:
bd:c9:9c:b9:02:94:8f:4c:1d:85:35:33:44:ae:e2:
af:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:F6:36:07:97:EC:47:DC:A2:5D:6D:73:FB:62:E5:DC:B9:26:49:EB
X509v3 Authority Key Identifier:
keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/tfY2B5fsR9yiXW1z-2Ll3LkmSes.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.105.0-185.249.106.255
Signature Algorithm: sha256WithRSAEncryption
64:0a:c9:4c:c7:f0:34:3f:48:38:1e:6f:d0:d8:32:27:44:0c:
73:14:4e:1c:28:bc:2c:c1:55:1e:eb:cf:03:57:b9:6c:cc:ab:
48:30:32:82:4b:95:c6:2c:e9:f1:c1:f3:5f:da:80:fb:31:0d:
57:b3:d3:a5:d6:30:9a:86:cd:e2:65:74:5a:e2:6e:a6:5c:bb:
af:c4:25:12:af:07:96:9a:fd:f7:3f:b6:e5:f3:69:49:c7:88:
be:b3:34:ce:98:80:8a:4c:14:8e:97:02:33:c9:f3:a3:fb:63:
2b:6a:99:54:6d:e4:9e:d4:75:23:52:b1:d1:fa:80:35:cd:d3:
94:ea:ab:10:bc:4d:50:32:11:2e:cd:82:4d:42:d7:b1:cf:be:
f9:b6:d5:b7:37:02:6a:4e:c4:6f:df:18:d7:4d:9b:91:0d:8d:
74:ee:d1:3c:f2:66:ee:51:30:5a:fe:e8:dd:09:87:aa:93:e8:
43:1b:6c:ce:a6:02:51:49:3f:f4:99:61:4e:98:6a:d9:bb:6d:
51:a3:49:f1:d1:e6:43:fa:83:ca:c7:d3:ae:74:75:60:b8:5b:
d7:c2:15:e0:53:77:47:03:8b:66:97:11:a0:bd:5a:83:a2:2b:
f2:21:e8:b5:bf:78:e9:88:0f:30:03:dd:f2:fe:5c:60:24:a2:
65:6b:36:00
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZGOYzH1Dpnezgi7qW2n/7E/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjQwODI2MTExMjMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWY2MzYwNzk3ZWM0N2RjYTI1ZDZkNzNmYjYyZTVkY2I5MjY0OWViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/nQOsdhAqCCDdQJ9LETT04m6D4E
LSyEAInobCDpd8gZVWj0mPN9sGNOcv6+yQwQsZbNOMQu1FvqmgUz9N9cuDi8RDce
+8ChJj+KsOyV1Cfm+gIHlshWwp4u8/Ov80iAW7RV5WlG2waKzDWOcQPkPXx86cEZ
/lba3KJhkqGpw3QjD9VtkR6ZU/7MFV45iwLEVrS6fdORCZZY+qNap5NK+tfHHA+j
yx97kkXG66gdPo8RPSLqXeaEjBxtw8QE5CdGY2q7ztPayjRDELOcR2VDkxcTz+jM
nGwhWv6uUdO5ze7r4ti8fJ7dwN5Epb0ff8m9yZy5ApSPTB2FNTNEruKvPwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLX2NgeX7Efcol1tc/ti5dy5JknrMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEvdGZZMkI1ZnNSOXlpWFcxei0yTGwzTGttU2VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5+WkD
BAC5+WowDQYJKoZIhvcNAQELBQADggEBAGQKyUzH8DQ/SDgeb9DYMidEDHMUThwo
vCzBVR7rzwNXuWzMq0gwMoJLlcYs6fHB81/agPsxDVez06XWMJqGzeJldFribqZc
u6/EJRKvB5aa/fc/tuXzaUnHiL6zNM6YgIpMFI6XAjPJ86P7YytqmVRt5J7UdSNS
sdH6gDXN05TqqxC8TVAyES7Ngk1C17HPvvm21bc3AmpOxG/fGNdNm5ENjXTu0Tzy
Zu5RMFr+6N0Jh6qT6EMbbM6mAlFJP/SZYU6Yatm7bVGjSfHR5kP6g8rH0650dWC4
W9fCFeBTd0cDi2aXEaC9WoOiK/Ih6LW/eOmIDzAD3fL+XGAkomVrNgA=
-----END CERTIFICATE-----
Generated at Sat May 10 23:09:42 2025 by rpki-client