Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/hG3xwf2GuBbkYgPpKYSdWwUWIVU.roa
File: hG3xwf2GuBbkYgPpKYSdWwUWIVU.roa (raw, json)
Hash identifier: Sdl2upw1co0sVHZNefFxVrMv7ZC+YW/FAugfVIYI7ko=
Subject key identifier: 84:6D:F1:C1:FD:86:B8:16:E4:62:03:E9:29:84:9D:5B:05:16:21:55
Certificate issuer: /CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Certificate serial: 018CC424C0555B3F081D5BE8F1031263A350
Authority key identifier: 44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/hG3xwf2GuBbkYgPpKYSdWwUWIVU.roa
Signing time: Mon 01 Jan 2024 08:29:51 +0000
ROA not before: Mon 01 Jan 2024 08:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207422
IP address blocks: 31.129.245.0/24 maxlen: 24
31.129.244.0/24 maxlen: 24
31.129.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:c0:55:5b:3f:08:1d:5b:e8:f1:03:12:63:a3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4444c7c3ad34b6977fa18a2237ca306b9bee08e0
Validity
Not Before: Jan 1 08:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=846df1c1fd86b816e46203e929849d5b05162155
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:f2:11:9d:41:43:9f:88:9b:17:07:0f:87:b0:
26:6d:2f:b6:8d:03:9c:bb:69:78:f9:34:b8:c7:84:
84:6f:b4:5d:4f:1d:bb:9d:ad:14:6a:7b:26:b0:52:
57:f6:68:cf:a5:50:a3:19:0d:3a:c2:ff:6d:50:75:
80:6b:a1:d8:b7:24:13:35:75:b5:21:05:62:c7:a0:
19:30:dd:85:92:a6:62:c3:11:df:e3:56:92:d2:42:
06:5a:dc:5b:29:0b:c5:90:d7:fb:4c:96:ce:e7:9b:
16:ba:42:48:98:4a:98:f6:3e:a2:aa:bf:69:7c:85:
82:b0:82:2a:58:0d:9c:7b:46:68:b9:04:87:d3:58:
5f:a6:20:06:71:41:cf:02:3a:c3:d5:41:b3:49:f2:
31:72:7a:a9:b3:4d:5a:37:ff:76:f1:55:74:50:23:
1f:71:6e:0c:ad:ae:31:f7:68:f2:1a:82:93:f2:03:
d4:25:fe:b6:b2:fd:74:23:68:ff:e9:1a:86:6d:59:
ee:7e:72:72:3e:be:83:8e:b0:43:7a:b9:5c:68:39:
0e:d6:f0:25:47:4f:cf:ba:01:54:bb:c6:ed:2f:ea:
6c:d8:bc:34:9c:13:76:6b:db:7d:2b:61:2e:50:85:
fe:6e:e9:ef:9f:d5:48:ce:75:37:8c:34:8a:d3:08:
d7:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:6D:F1:C1:FD:86:B8:16:E4:62:03:E9:29:84:9D:5B:05:16:21:55
X509v3 Authority Key Identifier:
keyid:44:44:C7:C3:AD:34:B6:97:7F:A1:8A:22:37:CA:30:6B:9B:EE:08:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RETHw600tpd_oYoiN8owa5vuCOA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/hG3xwf2GuBbkYgPpKYSdWwUWIVU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c9c9fc-5864-414e-ae2a-863c9b3d32b0/1/RETHw600tpd_oYoiN8owa5vuCOA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.244.0-31.129.246.255
Signature Algorithm: sha256WithRSAEncryption
01:90:2c:bc:96:80:4b:7d:0d:98:5b:03:e0:18:94:63:ec:35:
dd:91:cd:d7:df:87:a5:97:42:07:fe:1c:11:62:73:ad:2f:bc:
5a:70:a4:62:62:8b:cd:72:7f:11:69:cb:48:e4:b2:46:00:0b:
e8:2e:e7:37:d6:da:85:7f:63:3a:a3:c7:6f:13:ec:5f:96:50:
83:36:81:57:33:2d:86:59:bd:27:2f:57:a5:ea:f2:e8:29:d0:
6b:8a:8c:7a:b9:68:bb:03:09:01:49:c1:82:30:0f:97:de:38:
63:27:2e:68:1d:05:02:ed:c1:0a:60:16:e8:90:d2:dd:b5:c0:
e6:fe:ed:b8:a4:b0:cd:8e:c1:7e:63:8b:b5:89:64:e0:19:06:
eb:79:ba:ec:ef:f6:03:ac:24:33:1d:08:b6:cd:da:53:14:5f:
ee:a2:b8:75:f6:d6:f2:8b:fe:7b:96:19:c5:a2:a8:d8:24:78:
c6:2f:af:e5:2f:b4:c6:be:4e:ec:27:48:d4:ab:18:52:44:60:
50:b8:6f:c9:99:f5:d1:8e:97:72:b8:31:ed:0f:c0:9e:5e:0c:
33:13:09:0a:a8:a6:1f:97:02:ca:71:12:1e:a3:24:2f:85:35:
9a:a9:6a:8b:bb:f0:d7:b1:46:98:1d:e7:59:ba:51:78:3f:c3:
0c:a5:1f:94
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzEJMBVWz8IHVvo8QMSY6NQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NDRjN2MzYWQzNGI2OTc3ZmExOGEyMjM3Y2EzMDZiOWJl
ZTA4ZTAwHhcNMjQwMTAxMDgyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDZkZjFjMWZkODZiODE2ZTQ2MjAzZTkyOTg0OWQ1YjA1MTYyMTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoPIRnUFDn4ibFwcPh7AmbS+2jQOc
u2l4+TS4x4SEb7RdTx27na0UansmsFJX9mjPpVCjGQ06wv9tUHWAa6HYtyQTNXW1
IQVix6AZMN2FkqZiwxHf41aS0kIGWtxbKQvFkNf7TJbO55sWukJImEqY9j6iqr9p
fIWCsIIqWA2ce0ZouQSH01hfpiAGcUHPAjrD1UGzSfIxcnqps01aN/928VV0UCMf
cW4Mra4x92jyGoKT8gPUJf62sv10I2j/6RqGbVnufnJyPr6DjrBDerlcaDkO1vAl
R0/PugFUu8btL+ps2Lw0nBN2a9t9K2EuUIX+bunvn9VIznU3jDSK0wjX2wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIRt8cH9hrgW5GID6SmEnVsFFiFVMB8GA1UdIwQY
MBaAFEREx8OtNLaXf6GKIjfKMGub7gjgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEt
ODYzYzliM2QzMmIwLzEvaEczeHdmMkd1QmJrWWdQcEtZU2RXd1VXSVZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOWM5ZmMtNTg2NC00MTRlLWFlMmEtODYzYzliM2QzMmIw
LzEvUkVUSHc2MDB0cGRfb1lvaU44b3dhNXZ1Q09BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAIfgfQD
BAAfgfYwDQYJKoZIhvcNAQELBQADggEBAAGQLLyWgEt9DZhbA+AYlGPsNd2Rzdff
h6WXQgf+HBFic60vvFpwpGJii81yfxFpy0jkskYAC+gu5zfW2oV/Yzqjx28T7F+W
UIM2gVczLYZZvScvV6Xq8ugp0GuKjHq5aLsDCQFJwYIwD5feOGMnLmgdBQLtwQpg
FuiQ0t21wOb+7biksM2OwX5ji7WJZOAZBut5uuzv9gOsJDMdCLbN2lMUX+6iuHX2
1vKL/nuWGcWiqNgkeMYvr+UvtMa+TuwnSNSrGFJEYFC4b8mZ9dGOl3K4Me0PwJ5e
DDMTCQqoph+XAspxEh6jJC+FNZqpaou78NexRpgd51m6UXg/wwylH5Q=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:40:21 2025 by rpki-client