Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/638f28-00d5-463b-b16c-f845bfc42f6d/1/HE_3DKej6eAv-7-NwQ8G8Qyf050.roa
File: HE_3DKej6eAv-7-NwQ8G8Qyf050.roa (raw, json)
Hash identifier: 1LHnflq3QRWFCv5eKvKQPdA7aRuDMSX+e0KqmSH8jZM=
Subject key identifier: 1C:4F:F7:0C:A7:A3:E9:E0:2F:FB:BF:8D:C1:0F:06:F1:0C:9F:D3:9D
Certificate issuer: /CN=b0242b7e43053c913d62bf5dbb1682ffe6b8dfe2
Certificate serial: 018CCA2AB11870B275D9671EEF647F0F03D7
Authority key identifier: B0:24:2B:7E:43:05:3C:91:3D:62:BF:5D:BB:16:82:FF:E6:B8:DF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sCQrfkMFPJE9Yr9duxaC_-a43-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/638f28-00d5-463b-b16c-f845bfc42f6d/1/HE_3DKej6eAv-7-NwQ8G8Qyf050.roa
Signing time: Tue 02 Jan 2024 12:34:04 +0000
ROA not before: Tue 02 Jan 2024 12:34:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24971
IP address blocks: 91.214.192.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:47:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:b1:18:70:b2:75:d9:67:1e:ef:64:7f:0f:03:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0242b7e43053c913d62bf5dbb1682ffe6b8dfe2
Validity
Not Before: Jan 2 12:34:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1c4ff70ca7a3e9e02ffbbf8dc10f06f10c9fd39d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:d4:d0:06:42:5b:a5:fa:b7:e7:c9:58:ac:80:
c2:bb:96:c6:46:e4:50:5c:86:44:8e:e3:29:e3:33:
11:46:d7:f5:2d:7e:af:c3:e7:22:55:fd:3f:6e:e3:
04:f3:04:64:fb:d7:f6:b1:4e:ba:76:47:07:d2:20:
85:45:8c:53:83:54:40:a6:cf:a0:5a:40:3c:0d:36:
a0:40:2a:7b:c1:53:8f:68:06:9f:d9:e1:d3:26:3a:
a5:69:3f:26:cc:70:f1:6f:22:ef:2a:67:8d:55:89:
b0:74:c2:3c:13:f6:87:c4:15:90:90:76:48:ea:d0:
09:00:46:ce:21:81:36:16:2a:4b:75:bb:02:74:96:
57:18:e7:a8:95:51:fd:c5:05:f2:b0:e8:d0:59:40:
26:62:55:73:ae:5e:82:8e:35:6f:1d:a1:3f:db:12:
5c:1c:3c:58:47:05:61:47:ab:94:0b:c7:78:e7:70:
d8:2a:a1:bb:ae:d4:39:45:54:81:d4:f2:07:eb:63:
24:d5:56:33:a3:82:64:b4:58:00:dd:9b:11:5a:3c:
46:45:9a:13:d9:96:2e:27:d1:ef:2d:8b:95:15:26:
ab:52:14:03:ca:e6:44:7c:dd:94:94:af:5c:3e:99:
23:22:27:42:90:04:66:98:17:23:0a:bc:72:67:7c:
58:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:4F:F7:0C:A7:A3:E9:E0:2F:FB:BF:8D:C1:0F:06:F1:0C:9F:D3:9D
X509v3 Authority Key Identifier:
keyid:B0:24:2B:7E:43:05:3C:91:3D:62:BF:5D:BB:16:82:FF:E6:B8:DF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sCQrfkMFPJE9Yr9duxaC_-a43-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/638f28-00d5-463b-b16c-f845bfc42f6d/1/HE_3DKej6eAv-7-NwQ8G8Qyf050.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/638f28-00d5-463b-b16c-f845bfc42f6d/1/sCQrfkMFPJE9Yr9duxaC_-a43-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.214.192.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:ba:f1:76:aa:83:dd:3b:21:39:cb:79:d1:62:1b:c9:16:5e:
9f:15:6d:a9:42:05:d1:4b:4c:d3:da:ad:ef:c6:3d:e0:bb:83:
cf:6f:6d:3a:2d:f8:5d:f1:46:04:8c:6b:86:f5:81:30:19:95:
d1:aa:07:9f:5c:65:30:0a:91:70:7c:b1:66:d0:a2:2e:ef:e8:
3e:af:42:08:48:c2:94:53:69:7d:ca:28:7f:fd:53:0f:4a:7e:
07:c3:56:b5:f1:66:9c:a5:a5:a1:d6:39:4b:16:c1:e8:cb:3a:
60:48:4c:0e:3f:f8:e7:7e:a8:31:ad:66:c9:00:9e:77:b8:08:
76:75:79:4e:03:ae:4a:64:16:c8:7e:df:c2:42:92:f3:e8:a3:
79:71:a5:74:52:57:0c:82:d4:00:ed:3f:3c:52:61:35:e9:23:
8a:5b:b2:a6:86:50:f1:5b:7e:b7:18:db:2a:97:90:56:42:2d:
59:11:80:25:9f:b0:9b:f9:15:d7:a6:ff:d3:85:cc:bc:f2:48:
a6:49:8f:ac:71:9c:74:47:63:63:b1:cc:46:1a:da:5e:78:d1:
fb:cf:76:48:2d:1e:41:1a:a1:97:07:a1:74:60:f1:14:18:d7:
ea:ba:17:2e:94:26:3d:d5:d3:c7:4f:4c:b1:16:87:04:9d:34:
6d:97:ff:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKrEYcLJ12Wce72R/DwPXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwMjQyYjdlNDMwNTNjOTEzZDYyYmY1ZGJiMTY4MmZmZTZi
OGRmZTIwHhcNMjQwMTAyMTIzNDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzRmZjcwY2E3YTNlOWUwMmZmYmJmOGRjMTBmMDZmMTBjOWZkMzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3NTQBkJbpfq358lYrIDCu5bGRuRQ
XIZEjuMp4zMRRtf1LX6vw+ciVf0/buME8wRk+9f2sU66dkcH0iCFRYxTg1RAps+g
WkA8DTagQCp7wVOPaAaf2eHTJjqlaT8mzHDxbyLvKmeNVYmwdMI8E/aHxBWQkHZI
6tAJAEbOIYE2FipLdbsCdJZXGOeolVH9xQXysOjQWUAmYlVzrl6CjjVvHaE/2xJc
HDxYRwVhR6uUC8d453DYKqG7rtQ5RVSB1PIH62Mk1VYzo4JktFgA3ZsRWjxGRZoT
2ZYuJ9HvLYuVFSarUhQDyuZEfN2UlK9cPpkjIidCkARmmBcjCrxyZ3xYIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxP9wyno+ngL/u/jcEPBvEMn9OdMB8GA1UdIwQY
MBaAFLAkK35DBTyRPWK/XbsWgv/muN/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0NRcmZrTUZQSkU5WXI5ZHV4YUNfLWE0My1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS82MzhmMjgtMDBkNS00NjNiLWIxNmMt
Zjg0NWJmYzQyZjZkLzEvSEVfM0RLZWo2ZUF2LTctTndROEc4UXlmMDUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS82MzhmMjgtMDBkNS00NjNiLWIxNmMtZjg0NWJmYzQyZjZk
LzEvc0NRcmZrTUZQSkU5WXI5ZHV4YUNfLWE0My1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9bAMA0G
CSqGSIb3DQEBCwUAA4IBAQCNuvF2qoPdOyE5y3nRYhvJFl6fFW2pQgXRS0zT2q3v
xj3gu4PPb206Lfhd8UYEjGuG9YEwGZXRqgefXGUwCpFwfLFm0KIu7+g+r0IISMKU
U2l9yih//VMPSn4Hw1a18WacpaWh1jlLFsHoyzpgSEwOP/jnfqgxrWbJAJ53uAh2
dXlOA65KZBbIft/CQpLz6KN5caV0UlcMgtQA7T88UmE16SOKW7KmhlDxW363GNsq
l5BWQi1ZEYAln7Cb+RXXpv/Thcy88kimSY+scZx0R2NjscxGGtpeeNH7z3ZILR5B
GqGXB6F0YPEUGNfquhculCY91dPHT0yxFocEnTRtl/9/
-----END CERTIFICATE-----
Generated at Thu Mar 13 20:44:50 2025 by rpki-client