Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/hEM6zp35mwJ3-txAVRLCTqdfyis.roa
File: hEM6zp35mwJ3-txAVRLCTqdfyis.roa (raw, json)
Hash identifier: 9Uw6TYiH5ItGEy5p7X2u3taVtxRbGaMuXSWZrpwCzNw=
Subject key identifier: 84:43:3A:CE:9D:F9:9B:02:77:FA:DC:40:55:12:C2:4E:A7:5F:CA:2B
Certificate issuer: /CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Certificate serial: 0191FF1DCD16BC0354FD16FA81D92C4B727C
Authority key identifier: C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/hEM6zp35mwJ3-txAVRLCTqdfyis.roa
Signing time: Tue 17 Sep 2024 08:33:48 +0000
ROA not before: Tue 17 Sep 2024 08:33:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4447
IP address blocks: 188.190.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Sep 2024 08:38:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:1d:cd:16:bc:03:54:fd:16:fa:81:d9:2c:4b:72:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c373fae99d651298845d22f89d8d2b2e1d13bc04
Validity
Not Before: Sep 17 08:33:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84433ace9df99b0277fadc405512c24ea75fca2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:92:af:93:a7:0c:0e:f5:cc:b9:2c:d1:7f:01:
df:0a:c5:37:f8:d5:93:ec:70:71:13:0d:ab:3f:04:
dc:bc:db:28:5b:da:d7:d6:3c:1f:40:0c:de:01:8f:
07:e4:0f:77:a3:75:65:8a:ae:55:e8:dc:6b:78:94:
2d:18:1a:c6:20:0d:fb:b4:72:17:04:c0:32:1a:9d:
af:71:e3:86:7a:2c:a5:bf:e2:e2:9e:70:e0:d5:19:
a8:e8:13:93:3f:31:9f:6f:b8:37:9d:0b:5b:d4:69:
79:f2:ce:d7:c5:90:1a:c8:e4:75:2b:e2:2f:c4:8c:
21:fb:03:62:41:a2:63:a5:56:12:a9:e5:09:13:b6:
80:b7:52:79:cd:a5:02:dd:87:85:9b:de:89:88:58:
99:d0:ac:e0:c6:43:70:ed:39:a0:b5:10:1c:e6:9f:
22:1e:a2:93:b3:62:32:8b:99:c4:ca:d8:32:e1:90:
a7:0c:e8:23:3d:d1:46:25:ab:b5:92:7d:fa:6c:fb:
44:e7:5d:bb:19:c8:34:84:78:98:70:b3:ed:35:3a:
88:da:be:c9:86:7f:a8:09:46:67:ec:7c:c1:d0:4f:
14:d6:ca:5b:ee:b9:fd:cf:58:56:cd:73:66:18:01:
99:91:c2:a0:41:94:ef:72:70:56:f8:5c:fb:e5:b2:
2a:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:43:3A:CE:9D:F9:9B:02:77:FA:DC:40:55:12:C2:4E:A7:5F:CA:2B
X509v3 Authority Key Identifier:
keyid:C3:73:FA:E9:9D:65:12:98:84:5D:22:F8:9D:8D:2B:2E:1D:13:BC:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/hEM6zp35mwJ3-txAVRLCTqdfyis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/8ce795-3fa9-4cb7-831a-1de56e475fbf/1/w3P66Z1lEpiEXSL4nY0rLh0TvAQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.190.5.0/24
Signature Algorithm: sha256WithRSAEncryption
57:5c:b4:4b:e3:4f:39:44:92:92:b5:5b:83:ca:51:f4:29:9e:
a4:ca:7b:2d:96:30:79:e6:ff:f0:57:2a:34:1d:1b:03:97:98:
5b:6b:29:5f:42:ff:d3:ed:4f:a2:f6:cf:90:85:c9:de:30:0e:
ca:44:f2:30:24:10:64:0e:46:8c:07:d4:a7:e7:63:0d:aa:b7:
a1:f9:01:cd:dc:57:8a:0f:ff:67:b7:35:70:e8:98:2f:29:04:
54:d5:d9:1f:e6:b9:dc:33:c2:5d:f5:7c:e6:e8:fd:70:9e:5c:
9f:81:b3:62:7a:9f:62:a5:67:ea:ec:11:c7:ff:b1:2f:15:a4:
81:41:ad:0e:ed:ca:7d:4d:4d:dc:e8:24:0e:b3:8b:a5:33:eb:
b3:27:02:e9:34:00:8e:26:d5:cd:dd:a4:6f:29:84:92:01:2f:
be:bb:38:71:0c:dd:0e:5c:51:27:6a:91:67:bc:f6:57:9f:94:
e9:bc:ac:66:9f:4e:4e:fe:78:c8:51:48:11:e0:2a:48:6d:69:
ad:ea:cf:f9:03:4d:9f:5a:10:58:6b:e0:2a:53:f9:b5:2b:5b:
f9:44:d1:e6:1b:68:31:fe:ad:0b:ca:ff:3c:d2:bc:b0:72:99:
05:64:1b:1c:39:cd:43:79:46:32:e5:a3:d1:6d:ea:2d:e7:39:
1f:18:33:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH/Hc0WvANU/Rb6gdksS3J8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNzNmYWU5OWQ2NTEyOTg4NDVkMjJmODlkOGQyYjJlMWQx
M2JjMDQwHhcNMjQwOTE3MDgzMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDQzM2FjZTlkZjk5YjAyNzdmYWRjNDA1NTEyYzI0ZWE3NWZjYTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5Kvk6cMDvXMuSzRfwHfCsU3+NWT
7HBxEw2rPwTcvNsoW9rX1jwfQAzeAY8H5A93o3Vliq5V6NxreJQtGBrGIA37tHIX
BMAyGp2vceOGeiylv+LinnDg1Rmo6BOTPzGfb7g3nQtb1Gl58s7XxZAayOR1K+Iv
xIwh+wNiQaJjpVYSqeUJE7aAt1J5zaUC3YeFm96JiFiZ0KzgxkNw7TmgtRAc5p8i
HqKTs2Iyi5nEytgy4ZCnDOgjPdFGJau1kn36bPtE5127Gcg0hHiYcLPtNTqI2r7J
hn+oCUZn7HzB0E8U1spb7rn9z1hWzXNmGAGZkcKgQZTvcnBW+Fz75bIq6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIRDOs6d+ZsCd/rcQFUSwk6nX8orMB8GA1UdIwQY
MBaAFMNz+umdZRKYhF0i+J2NKy4dE7wEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEt
MWRlNTZlNDc1ZmJmLzEvaEVNNnpwMzVtd0ozLXR4QVZSTENUcWRmeWlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC84Y2U3OTUtM2ZhOS00Y2I3LTgzMWEtMWRlNTZlNDc1ZmJm
LzEvdzNQNjZaMWxFcGlFWFNMNG5ZMHJMaDBUdkFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvL4FMA0G
CSqGSIb3DQEBCwUAA4IBAQBXXLRL4085RJKStVuDylH0KZ6kynstljB55v/wVyo0
HRsDl5hbaylfQv/T7U+i9s+QhcneMA7KRPIwJBBkDkaMB9Sn52MNqreh+QHN3FeK
D/9ntzVw6JgvKQRU1dkf5rncM8Jd9Xzm6P1wnlyfgbNiep9ipWfq7BHH/7EvFaSB
Qa0O7cp9TU3c6CQOs4ulM+uzJwLpNACOJtXN3aRvKYSSAS++uzhxDN0OXFEnapFn
vPZXn5TpvKxmn05O/njIUUgR4CpIbWmt6s/5A02fWhBYa+AqU/m1K1v5RNHmG2gx
/q0Lyv880rywcpkFZBscOc1DeUYy5aPRbeot5zkfGDNF
-----END CERTIFICATE-----
Generated at Wed Apr 9 01:12:24 2025 by rpki-client