Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/p0HeNAEGVEcN83JgnqCmt_VqZm4.roa
File: p0HeNAEGVEcN83JgnqCmt_VqZm4.roa (raw, json)
Hash identifier: ybHjKVI8UDqg22JhQBeffrq3Rx8IVKdEbsmztS72vvQ=
Subject key identifier: A7:41:DE:34:01:06:54:47:0D:F3:72:60:9E:A0:A6:B7:F5:6A:66:6E
Certificate issuer: /CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Certificate serial: 018CC9BCDA1048778FD9E5B4970550529CBD
Authority key identifier: 52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/p0HeNAEGVEcN83JgnqCmt_VqZm4.roa
Signing time: Tue 02 Jan 2024 10:34:06 +0000
ROA not before: Tue 02 Jan 2024 10:34:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47258
IP address blocks: 94.143.48.0/21 maxlen: 24
185.51.124.0/22 maxlen: 24
2a04:be20::/30 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:da:10:48:77:8f:d9:e5:b4:97:05:50:52:9c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5289b6a8bfaac5c8c09a48c042819dfc5ea45104
Validity
Not Before: Jan 2 10:34:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a741de34010654470df372609ea0a6b7f56a666e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:13:f9:e0:f6:2d:1e:72:e8:fd:c2:10:60:69:
c3:69:20:2e:9f:a4:01:9c:c0:84:44:19:af:90:f7:
21:fa:b2:1b:3f:0d:1c:5a:33:90:70:ee:65:1f:74:
24:cc:02:58:8f:ab:15:b0:f9:26:bc:37:ff:a7:74:
6c:d9:7b:35:1d:3a:a7:1f:54:c4:97:00:f9:1a:88:
5f:56:f9:77:cd:67:cf:88:cf:ab:39:e5:ae:6c:15:
7a:a9:44:99:4f:a8:a0:62:0c:0f:74:57:05:ee:52:
c0:52:83:99:ab:bb:5c:01:96:f8:7b:88:46:b3:29:
61:8b:48:df:86:d4:fc:20:d0:0e:4b:d8:b1:51:d9:
e0:03:8c:ea:d4:45:0c:fb:74:f6:19:15:a4:6d:9d:
04:b4:52:fe:0d:4c:7c:0c:d5:fd:a7:03:d6:01:96:
84:98:c3:f6:bf:49:ac:e1:09:d3:b1:7e:a6:77:8c:
63:b4:f6:c0:97:d2:4a:3a:7a:58:54:1a:af:07:1a:
d9:78:2d:cd:8c:bd:78:ba:02:12:46:d8:4a:7a:88:
71:1d:99:6f:45:6a:1f:dd:e1:98:22:c5:57:ad:df:
04:58:ac:57:a9:9a:64:d1:ba:98:22:c6:40:0e:3a:
c3:18:ef:14:b5:ce:2e:d6:ab:c7:38:3d:fa:77:90:
7b:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:41:DE:34:01:06:54:47:0D:F3:72:60:9E:A0:A6:B7:F5:6A:66:6E
X509v3 Authority Key Identifier:
keyid:52:89:B6:A8:BF:AA:C5:C8:C0:9A:48:C0:42:81:9D:FC:5E:A4:51:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/p0HeNAEGVEcN83JgnqCmt_VqZm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/b66c2c-3d01-4bdb-8c4c-b2da977e407d/1/Uom2qL-qxcjAmkjAQoGd_F6kUQQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.143.48.0/21
185.51.124.0/22
IPv6:
2a04:be20::/30
Signature Algorithm: sha256WithRSAEncryption
03:e5:49:b0:da:53:e2:dc:b3:4c:86:4f:fb:44:6a:71:9d:8a:
2c:c0:05:24:3a:36:3e:e2:34:97:a0:8a:bf:0b:f7:8c:39:dc:
d7:5c:2a:ef:bf:f9:53:63:10:ed:16:75:72:d2:31:87:62:51:
e4:8b:2c:a2:57:0c:08:5e:38:09:0a:2e:91:e7:ec:2b:41:f5:
2d:cf:53:b1:b1:f1:4b:70:62:66:f3:0f:07:c9:af:f6:e0:16:
ee:77:b5:77:f4:59:93:44:70:a2:9a:b0:da:cf:08:ca:d4:11:
b7:85:2a:47:c4:8b:7f:94:b4:40:1a:c7:02:47:01:40:d9:60:
ef:49:50:a2:3a:f1:49:7b:88:ef:18:c8:05:97:1c:19:cd:7b:
f4:b3:d0:42:72:e8:0c:61:20:bc:f9:4c:05:23:f0:7b:93:35:
5b:37:6e:3b:26:71:cc:36:fb:89:a1:08:ad:eb:50:23:3b:eb:
0b:ff:25:93:4a:aa:fa:9a:06:92:c4:cc:5e:f1:8b:09:6b:d9:
77:1f:43:ba:08:63:2c:73:6c:80:37:c3:6c:cb:8f:af:6e:30:
41:3c:7b:03:5b:50:a3:89:74:a5:e9:87:9e:b8:c5:31:90:df:
3a:90:78:20:16:ae:a2:14:6a:e8:87:cd:ce:5b:b3:8a:a7:10:
48:0a:55:fe
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvNoQSHeP2eW0lwVQUpy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyODliNmE4YmZhYWM1YzhjMDlhNDhjMDQyODE5ZGZjNWVh
NDUxMDQwHhcNMjQwMTAyMTAzNDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQxZGUzNDAxMDY1NDQ3MGRmMzcyNjA5ZWEwYTZiN2Y1NmE2NjZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnBP54PYtHnLo/cIQYGnDaSAun6QB
nMCERBmvkPch+rIbPw0cWjOQcO5lH3QkzAJYj6sVsPkmvDf/p3Rs2Xs1HTqnH1TE
lwD5GohfVvl3zWfPiM+rOeWubBV6qUSZT6igYgwPdFcF7lLAUoOZq7tcAZb4e4hG
sylhi0jfhtT8INAOS9ixUdngA4zq1EUM+3T2GRWkbZ0EtFL+DUx8DNX9pwPWAZaE
mMP2v0ms4QnTsX6md4xjtPbAl9JKOnpYVBqvBxrZeC3NjL14ugISRthKeohxHZlv
RWof3eGYIsVXrd8EWKxXqZpk0bqYIsZADjrDGO8Utc4u1qvHOD36d5B7aQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKdB3jQBBlRHDfNyYJ6gprf1amZuMB8GA1UdIwQY
MBaAFFKJtqi/qsXIwJpIwEKBnfxepFEEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMt
YjJkYTk3N2U0MDdkLzEvcDBIZU5BRUdWRWNOODNKZ25xQ210X1ZxWm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS9iNjZjMmMtM2QwMS00YmRiLThjNGMtYjJkYTk3N2U0MDdk
LzEvVW9tMnFMLXF4Y2pBbWtqQVFvR2RfRjZrVVFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDXo8wAwQC
uTN8MA0EAgACMAcDBQIqBL4gMA0GCSqGSIb3DQEBCwUAA4IBAQAD5Umw2lPi3LNM
hk/7RGpxnYoswAUkOjY+4jSXoIq/C/eMOdzXXCrvv/lTYxDtFnVy0jGHYlHkiyyi
VwwIXjgJCi6R5+wrQfUtz1OxsfFLcGJm8w8Hya/24Bbud7V39FmTRHCimrDazwjK
1BG3hSpHxIt/lLRAGscCRwFA2WDvSVCiOvFJe4jvGMgFlxwZzXv0s9BCcugMYSC8
+UwFI/B7kzVbN247JnHMNvuJoQit61AjO+sL/yWTSqr6mgaSxMxe8YsJa9l3H0O6
CGMsc2yAN8Nsy4+vbjBBPHsDW1CjiXSl6YeeuMUxkN86kHggFq6iFGroh83OW7OK
pxBIClX+
-----END CERTIFICATE-----
Generated at Tue Apr 22 23:24:31 2025 by rpki-client