Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/hHA6bOjq_K2fX0lOP80coiJi-A4.roa
File: hHA6bOjq_K2fX0lOP80coiJi-A4.roa (raw, json)
Hash identifier: S08raGpMtR7NbtfIzkkzb3HBPxSjRMgYrAuu4VI0EfA=
Subject key identifier: 84:70:3A:6C:E8:EA:FC:AD:9F:5F:49:4E:3F:CD:1C:A2:22:62:F8:0E
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 0192FC2BCB06423DEDE12B640A0C27FCD65F
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/hHA6bOjq_K2fX0lOP80coiJi-A4.roa
Signing time: Tue 05 Nov 2024 11:53:01 +0000
ROA not before: Tue 05 Nov 2024 11:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
195.250.20.0/24 maxlen: 24
195.250.21.0/24 maxlen: 24
195.250.22.0/24 maxlen: 24
198.38.81.0/24 maxlen: 24
198.38.83.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 02:14:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fc:2b:cb:06:42:3d:ed:e1:2b:64:0a:0c:27:fc:d6:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Nov 5 11:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84703a6ce8eafcad9f5f494e3fcd1ca22262f80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:4a:5f:d7:94:9a:c5:17:3e:bd:5f:b4:ca:
69:c9:ab:13:93:41:e2:53:55:e6:b9:cc:2f:d0:57:
12:2a:a8:46:08:15:04:f2:68:c6:b7:9f:67:86:23:
8b:85:75:d2:5c:64:dc:ad:c3:6a:76:cc:ad:e1:a4:
4f:6e:98:28:70:a5:e0:40:e1:90:0f:8a:a1:ba:bf:
03:5b:04:6d:97:cd:a9:d3:16:0b:58:fc:0d:fc:65:
54:d8:49:32:c0:55:58:15:60:4d:23:f9:33:24:e8:
07:9d:9e:46:38:f2:6e:cb:ac:01:cd:79:97:75:d8:
2e:ea:d5:a4:b4:e5:bd:d7:84:64:da:dd:67:30:ea:
de:24:24:e6:08:68:c1:e2:af:2d:65:d0:8f:da:e3:
76:75:87:5a:aa:7b:5c:de:22:8e:15:73:6c:92:e4:
56:24:48:25:fe:2e:21:a4:17:e8:81:8e:94:91:12:
1b:81:30:c8:2b:fa:71:99:28:59:32:48:0e:02:f9:
7b:7b:e7:25:78:88:5a:c3:18:77:c9:31:70:68:96:
cf:70:33:68:6f:69:95:38:2b:6b:9e:f0:1e:5c:c2:
08:c0:b1:2c:a1:c8:0a:a0:23:8c:28:04:f5:bb:3d:
de:49:a3:f0:85:89:21:96:a0:15:af:db:08:59:64:
f0:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:70:3A:6C:E8:EA:FC:AD:9F:5F:49:4E:3F:CD:1C:A2:22:62:F8:0E
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/hHA6bOjq_K2fX0lOP80coiJi-A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
190.92.174.0/23
195.250.20.0-195.250.22.255
198.38.81.0/24
198.38.83.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:1c:ee:d8:41:5b:b4:42:c0:e3:8e:78:de:c6:e7:ff:82:94:
fe:aa:be:9b:01:df:ab:ed:ad:eb:4f:69:4a:c7:fa:69:8a:6f:
14:2f:9f:a8:86:16:47:68:91:c9:2a:a9:8a:14:37:aa:5d:a4:
98:93:5f:32:3b:fa:78:31:de:1e:b0:20:a7:58:ca:be:80:86:
67:a6:ec:7f:fe:5b:f3:4c:27:30:38:57:5a:50:64:8e:97:c1:
e8:73:cc:7c:99:75:ba:6f:1b:11:04:94:ee:5e:36:c4:74:90:
a0:f8:21:8a:08:37:27:aa:82:7b:2b:1e:d0:ed:33:28:09:ec:
d2:3c:bf:e5:0e:56:3a:a0:e4:3c:54:44:67:1d:5f:b0:30:0c:
c5:15:1a:22:bf:0f:9b:fb:df:9c:f4:24:1c:98:80:e8:77:f9:
0b:60:ab:37:4f:85:6f:fa:27:10:a3:bd:86:81:e6:75:ee:33:
31:26:70:6e:ce:64:9a:e0:48:f6:f8:01:ee:cf:21:aa:2c:0c:
1e:54:7f:83:14:e7:6f:6d:bf:41:8d:f8:a0:84:c6:ec:ce:e4:
08:e0:4f:ff:b6:cb:25:cb:78:47:c3:04:8f:44:1f:ba:f4:db:
a5:f3:55:96:f9:18:46:76:47:52:07:94:0e:cd:69:a3:24:a7:
79:5c:c2:30
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZL8K8sGQj3t4StkCgwn/NZfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQxMTA1MTE1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDcwM2E2Y2U4ZWFmY2FkOWY1ZjQ5NGUzZmNkMWNhMjIyNjJmODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcJKX9eUmsUXPr1ftMppyasTk0Hi
U1Xmucwv0FcSKqhGCBUE8mjGt59nhiOLhXXSXGTcrcNqdsyt4aRPbpgocKXgQOGQ
D4qhur8DWwRtl82p0xYLWPwN/GVU2EkywFVYFWBNI/kzJOgHnZ5GOPJuy6wBzXmX
ddgu6tWktOW914Rk2t1nMOreJCTmCGjB4q8tZdCP2uN2dYdaqntc3iKOFXNskuRW
JEgl/i4hpBfogY6UkRIbgTDIK/pxmShZMkgOAvl7e+cleIhawxh3yTFwaJbPcDNo
b2mVOCtrnvAeXMIIwLEsocgKoCOMKAT1uz3eSaPwhYkhlqAVr9sIWWTwLwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIRwOmzo6vytn19JTj/NHKIiYvgOMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvaEhBNmJPanFfSzJmWDBsT1A4MGNvaUppLUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQARTmsAwQB
vlyuMAwDBALD+hQDBADD+hYDBADGJlEDBADGJlMwDQYJKoZIhvcNAQELBQADggEB
AHsc7thBW7RCwOOOeN7G5/+ClP6qvpsB36vtretPaUrH+mmKbxQvn6iGFkdokckq
qYoUN6pdpJiTXzI7+ngx3h6wIKdYyr6Ahmem7H/+W/NMJzA4V1pQZI6XwehzzHyZ
dbpvGxEElO5eNsR0kKD4IYoINyeqgnsrHtDtMygJ7NI8v+UOVjqg5DxURGcdX7Aw
DMUVGiK/D5v735z0JByYgOh3+QtgqzdPhW/6JxCjvYaB5nXuMzEmcG7OZJrgSPb4
Ae7PIaosDB5Uf4MU529tv0GN+KCExuzO5AjgT/+2yyXLeEfDBI9EH7r026XzVZb5
GEZ2R1IHlA7NaaMkp3lcwjA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:23:13 2025 by rpki-client