Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/hn33v86tMSHXvNvZERdTPdFCau0.roa
File: hn33v86tMSHXvNvZERdTPdFCau0.roa (raw, json)
Hash identifier: TIIN+93KtnaSamDKCEHs42ZuVs8fZEwINGl6VbU/R1k=
Subject key identifier: 86:7D:F7:BF:CE:AD:31:21:D7:BC:DB:D9:11:17:53:3D:D1:42:6A:ED
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 0194848920A9EC9119C6F562F255CDE8FC3D
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/hn33v86tMSHXvNvZERdTPdFCau0.roa
Signing time: Mon 20 Jan 2025 16:26:06 +0000
ROA not before: Mon 20 Jan 2025 16:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12989
IP address blocks: 2.59.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 31 Jan 2025 13:25:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:84:89:20:a9:ec:91:19:c6:f5:62:f2:55:cd:e8:fc:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Jan 20 16:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=867df7bfcead3121d7bcdbd91117533dd1426aed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:98:d3:85:a9:4f:ea:54:06:e8:ea:7b:7e:f2:
9b:12:31:61:36:f2:d7:c2:48:62:f5:25:06:ce:aa:
af:c8:8f:65:00:bb:7d:d1:57:41:84:35:1f:81:86:
aa:02:4f:d9:12:37:37:df:ae:c3:7e:ea:bc:a4:fd:
94:8d:63:31:0c:a2:ab:7b:d5:90:2b:59:93:44:08:
5b:30:08:d1:9e:c1:08:b1:68:9a:80:5f:ac:34:0d:
2e:09:db:6d:ce:62:b6:67:5c:11:b2:c9:94:aa:db:
8e:dd:b1:07:cc:05:77:55:f3:2e:51:01:d8:a7:5c:
70:4d:3b:24:b5:7c:b2:84:77:76:92:86:a3:41:f1:
df:8c:b1:a6:ce:06:db:44:63:11:43:00:30:d1:f5:
de:b6:02:7e:42:e7:2e:52:03:05:7f:58:a4:6c:e2:
3c:86:3b:29:e4:6e:c4:3f:dc:3c:63:0f:fd:d6:a3:
db:d9:e4:6c:e5:6d:14:a5:b2:bd:5e:9f:3d:01:ab:
1d:11:50:48:18:59:95:47:d3:cc:68:d6:5b:17:29:
3b:84:a0:d3:80:44:bd:06:ea:3c:7d:ad:8d:ec:a2:
a2:48:cd:2c:fd:83:1f:49:51:79:03:05:33:35:2f:
a5:47:49:a1:3c:fb:84:54:ef:c8:f2:7f:83:45:94:
05:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7D:F7:BF:CE:AD:31:21:D7:BC:DB:D9:11:17:53:3D:D1:42:6A:ED
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/hn33v86tMSHXvNvZERdTPdFCau0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:af:52:66:dd:4a:f5:56:cb:b4:24:f0:f3:82:07:51:d8:6b:
67:15:3d:1c:31:7e:26:03:d7:5b:c1:1b:7b:9d:b1:72:f7:15:
8d:7b:c7:31:f8:b9:0d:e6:45:5a:b0:f3:1f:39:86:6b:64:bf:
20:25:f5:8b:dc:dc:48:4d:13:67:83:1f:a6:e6:3a:4d:9f:43:
dc:a6:e3:66:b2:21:c7:8f:3b:e6:a3:8d:0d:f7:15:2f:bb:72:
fe:74:80:bc:ca:b0:f1:8c:18:c5:77:f4:5d:bb:2e:c0:e7:09:
e1:f7:f0:ed:a3:71:9a:bc:86:89:95:29:33:dd:a4:0d:44:37:
f6:8e:cd:7d:63:23:c4:5e:41:f9:5f:fc:30:71:69:bd:ed:ad:
61:57:85:2a:73:34:61:56:4d:7c:af:1d:57:59:9a:48:d6:3a:
ab:63:22:17:15:9b:1c:47:97:96:73:e6:93:1d:58:a4:f4:4f:
2e:4a:c4:94:74:df:94:39:77:bf:c3:4e:02:e0:38:6d:2e:89:
2b:87:67:df:87:e2:d2:3e:06:45:7a:aa:43:bb:96:d3:fe:d8:
3e:48:31:aa:f3:08:0c:be:f3:d9:aa:19:8b:02:ce:d7:5b:08:
e3:29:93:29:ea:ee:f6:36:2b:88:d0:87:14:f7:49:24:cf:8b:
9a:0a:80:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSEiSCp7JEZxvVi8lXN6Pw9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMTIwMTYyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdkZjdiZmNlYWQzMTIxZDdiY2RiZDkxMTE3NTMzZGQxNDI2YWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpjThalP6lQG6Op7fvKbEjFhNvLX
wkhi9SUGzqqvyI9lALt90VdBhDUfgYaqAk/ZEjc3367Dfuq8pP2UjWMxDKKre9WQ
K1mTRAhbMAjRnsEIsWiagF+sNA0uCdttzmK2Z1wRssmUqtuO3bEHzAV3VfMuUQHY
p1xwTTsktXyyhHd2koajQfHfjLGmzgbbRGMRQwAw0fXetgJ+QucuUgMFf1ikbOI8
hjsp5G7EP9w8Yw/91qPb2eRs5W0UpbK9Xp89AasdEVBIGFmVR9PMaNZbFyk7hKDT
gES9Buo8fa2N7KKiSM0s/YMfSVF5AwUzNS+lR0mhPPuEVO/I8n+DRZQF/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZ997/OrTEh17zb2REXUz3RQmrtMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvaG4zM3Y4NnRNU0hYdk52WkVSZFRQZEZDYXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAjsWMA0G
CSqGSIb3DQEBCwUAA4IBAQBvr1Jm3Ur1Vsu0JPDzggdR2GtnFT0cMX4mA9dbwRt7
nbFy9xWNe8cx+LkN5kVasPMfOYZrZL8gJfWL3NxITRNngx+m5jpNn0PcpuNmsiHH
jzvmo40N9xUvu3L+dIC8yrDxjBjFd/Rduy7A5wnh9/Dto3GavIaJlSkz3aQNRDf2
js19YyPEXkH5X/wwcWm97a1hV4UqczRhVk18rx1XWZpI1jqrYyIXFZscR5eWc+aT
HVik9E8uSsSUdN+UOXe/w04C4DhtLokrh2ffh+LSPgZFeqpDu5bT/tg+SDGq8wgM
vvPZqhmLAs7XWwjjKZMp6u72NiuI0IcU90kkz4uaCoCc
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:13 2025 by rpki-client