Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/8bf78d-c3b5-4691-8108-f0cad9ff65be/1/RHLLQaO9epjTpcYnivetdGCwuC4.roa
File: RHLLQaO9epjTpcYnivetdGCwuC4.roa (raw, json)
Hash identifier: h0jWdRDzxRl/+lWehcEUFMB39+o17/XZJvBGMxvK8tY=
Subject key identifier: 44:72:CB:41:A3:BD:7A:98:D3:A5:C6:27:8A:F7:AD:74:60:B0:B8:2E
Certificate issuer: /CN=534633f19f61d6546ebabf7de9fb7aa987ed5bf3
Certificate serial: 018CC26D6C57F35355366499F40D1B4E3FCC
Authority key identifier: 53:46:33:F1:9F:61:D6:54:6E:BA:BF:7D:E9:FB:7A:A9:87:ED:5B:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U0Yz8Z9h1lRuur996ft6qYftW_M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/8bf78d-c3b5-4691-8108-f0cad9ff65be/1/RHLLQaO9epjTpcYnivetdGCwuC4.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1103
IP address blocks: 141.252.0.0/16 maxlen: 16
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:48:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6c:57:f3:53:55:36:64:99:f4:0d:1b:4e:3f:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=534633f19f61d6546ebabf7de9fb7aa987ed5bf3
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4472cb41a3bd7a98d3a5c6278af7ad7460b0b82e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:a8:9d:d3:c1:a9:a7:a2:63:a1:ab:01:ff:1f:
7c:cc:24:6f:29:b8:bb:e6:a8:0f:26:d1:42:e5:c3:
ee:36:36:fd:b2:6b:40:21:ea:7e:26:cf:c4:70:04:
fc:de:e9:b9:05:61:f4:e0:b9:b0:4a:c8:7d:34:13:
07:4d:a6:f2:4c:f3:23:5b:11:0c:af:15:eb:f8:8d:
e3:a8:df:ac:63:4a:92:27:c2:34:0a:0d:5c:bb:e9:
43:d0:3b:70:ba:e1:98:82:59:96:df:7d:e7:64:ca:
3d:79:f5:a4:c1:b7:94:88:43:46:75:2f:dc:b3:c0:
d9:04:5e:79:1d:15:d0:57:22:b0:ad:7f:01:43:14:
95:2e:94:ee:9d:03:a9:1f:f8:d2:5e:77:fe:0e:01:
6a:1d:e8:ac:a6:f8:7d:06:21:b6:82:e3:e3:39:70:
da:7c:9f:7f:35:9b:a4:6f:51:c4:4b:7b:90:29:36:
82:a4:a1:d5:8c:5f:bf:89:85:1d:69:6a:2e:00:5b:
e3:4c:7f:23:ed:87:c6:6f:f1:10:fc:38:64:b7:e3:
b5:80:e3:ff:39:13:7d:12:c4:9a:90:c7:bb:0e:a1:
43:1a:e1:73:c4:f1:58:26:2e:0d:8d:c0:d5:8d:1f:
23:9b:f2:8d:cb:22:ff:21:f0:46:fb:97:b0:af:52:
33:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:72:CB:41:A3:BD:7A:98:D3:A5:C6:27:8A:F7:AD:74:60:B0:B8:2E
X509v3 Authority Key Identifier:
keyid:53:46:33:F1:9F:61:D6:54:6E:BA:BF:7D:E9:FB:7A:A9:87:ED:5B:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U0Yz8Z9h1lRuur996ft6qYftW_M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8bf78d-c3b5-4691-8108-f0cad9ff65be/1/RHLLQaO9epjTpcYnivetdGCwuC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8bf78d-c3b5-4691-8108-f0cad9ff65be/1/U0Yz8Z9h1lRuur996ft6qYftW_M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.252.0.0/16
Signature Algorithm: sha256WithRSAEncryption
91:26:48:ab:db:20:ce:b8:8f:2a:da:a9:78:50:ce:b5:b7:60:
75:7c:ea:57:9f:93:23:4c:a4:4f:c0:88:53:39:8f:6f:32:ee:
40:2c:c4:3e:7f:9c:2b:b3:82:6c:42:2c:fd:34:66:8c:4d:43:
96:09:6b:a2:a8:3e:8d:46:97:64:00:91:24:57:1d:df:4b:f4:
e3:ec:a9:f0:8f:3b:83:5c:d4:ff:0f:15:95:24:59:10:59:ae:
e2:46:65:96:82:e0:79:e8:a6:dc:17:01:53:d5:4b:77:ae:e2:
f5:da:18:43:15:e6:32:49:a3:ee:e3:1d:b3:54:d2:5b:d5:48:
00:a4:80:70:8b:a9:b5:17:bf:68:5f:c4:47:61:57:68:51:6d:
47:4f:aa:c4:3f:15:61:b0:74:27:33:f4:0f:c1:5a:36:5f:46:
a2:92:ba:93:c4:7f:2f:a2:ce:e8:16:e7:58:26:2a:1b:c9:6c:
0e:80:ce:16:7c:7f:c0:06:eb:25:99:29:96:4d:73:f3:b8:a7:
da:62:22:f3:02:69:65:3b:56:92:1b:b3:8d:0b:63:a9:3f:0d:
18:f8:46:ac:1c:6c:72:f7:a4:10:e2:3c:bb:91:10:08:b9:39:
63:5c:1b:b0:f9:64:7e:6d:ae:73:f1:53:eb:6c:3f:f5:42:a3:
34:94:5a:0f
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzCbWxX81NVNmSZ9A0bTj/MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNDYzM2YxOWY2MWQ2NTQ2ZWJhYmY3ZGU5ZmI3YWE5ODdl
ZDViZjMwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDcyY2I0MWEzYmQ3YTk4ZDNhNWM2Mjc4YWY3YWQ3NDYwYjBiODJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoaid08Gpp6JjoasB/x98zCRvKbi7
5qgPJtFC5cPuNjb9smtAIep+Js/EcAT83um5BWH04LmwSsh9NBMHTabyTPMjWxEM
rxXr+I3jqN+sY0qSJ8I0Cg1cu+lD0DtwuuGYglmW333nZMo9efWkwbeUiENGdS/c
s8DZBF55HRXQVyKwrX8BQxSVLpTunQOpH/jSXnf+DgFqHeispvh9BiG2guPjOXDa
fJ9/NZukb1HES3uQKTaCpKHVjF+/iYUdaWouAFvjTH8j7YfGb/EQ/Dhkt+O1gOP/
ORN9EsSakMe7DqFDGuFzxPFYJi4NjcDVjR8jm/KNyyL/IfBG+5ewr1IzHwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFERyy0GjvXqY06XGJ4r3rXRgsLguMB8GA1UdIwQY
MBaAFFNGM/GfYdZUbrq/fen7eqmH7VvzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTBZejhaOWgxbFJ1dXI5OTZmdDZxWWZ0V19NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84YmY3OGQtYzNiNS00NjkxLTgxMDgt
ZjBjYWQ5ZmY2NWJlLzEvUkhMTFFhTzllcGpUcGNZbml2ZXRkR0N3dUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84YmY3OGQtYzNiNS00NjkxLTgxMDgtZjBjYWQ5ZmY2NWJl
LzEvVTBZejhaOWgxbFJ1dXI5OTZmdDZxWWZ0V19NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjfwwDQYJ
KoZIhvcNAQELBQADggEBAJEmSKvbIM64jyraqXhQzrW3YHV86lefkyNMpE/AiFM5
j28y7kAsxD5/nCuzgmxCLP00ZoxNQ5YJa6KoPo1Gl2QAkSRXHd9L9OPsqfCPO4Nc
1P8PFZUkWRBZruJGZZaC4HnoptwXAVPVS3eu4vXaGEMV5jJJo+7jHbNU0lvVSACk
gHCLqbUXv2hfxEdhV2hRbUdPqsQ/FWGwdCcz9A/BWjZfRqKSupPEfy+izugW51gm
KhvJbA6AzhZ8f8AG6yWZKZZNc/O4p9piIvMCaWU7VpIbs40LY6k/DRj4RqwcbHL3
pBDiPLuREAi5OWNcG7D5ZH5trnPxU+tsP/VCozSUWg8=
-----END CERTIFICATE-----
Generated at Tue Mar 11 05:02:00 2025 by rpki-client