Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/Hb4yv6y38Cek8o1Insig8TZYe7s.roa
File: Hb4yv6y38Cek8o1Insig8TZYe7s.roa (raw, json)
Hash identifier: TDSxDNH1oNsDc3XHBFm0bu4yKLzLpHmUSwvzdfPz9tA=
Subject key identifier: 1D:BE:32:BF:AC:B7:F0:27:A4:F2:8D:48:9E:C8:A0:F1:36:58:7B:BB
Certificate issuer: /CN=1319f052bc9e7284888074390c9d0bc127606692
Certificate serial: 018CC4937516F0E90DAA7F2ED70527520CC0
Authority key identifier: 13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/Hb4yv6y38Cek8o1Insig8TZYe7s.roa
Signing time: Mon 01 Jan 2024 10:30:47 +0000
ROA not before: Mon 01 Jan 2024 10:30:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199130
IP address blocks: 195.23.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:75:16:f0:e9:0d:aa:7f:2e:d7:05:27:52:0c:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1319f052bc9e7284888074390c9d0bc127606692
Validity
Not Before: Jan 1 10:30:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dbe32bfacb7f027a4f28d489ec8a0f136587bbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:21:9b:4e:5b:bf:51:f7:49:8b:e6:f6:d5:
ee:43:a7:82:00:37:d4:6f:07:26:2d:de:56:1e:78:
30:9c:96:d6:ba:f7:c6:63:57:43:3b:ff:24:42:47:
82:7e:b7:be:8e:1f:da:2c:d5:89:f0:3c:7a:65:6f:
85:7b:7a:df:a3:b3:42:3f:53:6c:79:89:d2:0b:cc:
ab:b8:a4:f8:f5:85:28:25:84:81:9e:6b:17:02:64:
d6:f2:f0:c4:0b:6b:6a:75:97:00:22:aa:36:01:ea:
e8:cf:4b:1e:fc:69:b9:58:3c:62:ac:8f:28:30:47:
e6:9f:5d:8d:f3:20:d6:9c:1b:21:ca:05:f2:36:69:
18:8d:5f:e4:c4:2f:84:7c:f6:ae:d3:f3:08:ed:0c:
7b:3b:20:a2:dc:2b:ac:51:6a:8e:aa:6d:67:0f:f2:
28:09:7e:bf:bb:66:4b:b9:83:05:a2:ab:f6:58:30:
89:97:f4:a9:03:c7:be:e2:11:bc:68:cf:3e:74:dd:
b0:8b:8d:37:de:bc:71:1b:bc:3c:0a:c1:88:2a:bd:
3d:75:93:c6:08:7e:35:9a:22:ad:4a:bb:37:7c:29:
e8:80:cb:dd:a2:71:d2:ac:d9:50:4c:31:3d:f4:d0:
6a:6c:64:f5:16:6d:7a:e8:1e:a0:a2:5e:9f:1d:fb:
be:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:BE:32:BF:AC:B7:F0:27:A4:F2:8D:48:9E:C8:A0:F1:36:58:7B:BB
X509v3 Authority Key Identifier:
keyid:13:19:F0:52:BC:9E:72:84:88:80:74:39:0C:9D:0B:C1:27:60:66:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExnwUryecoSIgHQ5DJ0LwSdgZpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/Hb4yv6y38Cek8o1Insig8TZYe7s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/d5bbce-4220-4ec4-8af5-2c1a7730bd25/1/ExnwUryecoSIgHQ5DJ0LwSdgZpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.23.98.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:56:3d:38:e9:b2:e3:e8:c5:cd:d5:f7:fe:4d:b1:70:b3:10:
eb:12:aa:8b:02:4e:b4:d4:e5:3d:76:a8:bc:76:47:ff:78:ef:
91:b1:c8:e1:8d:cb:09:93:c4:89:a5:0e:d8:81:b0:4f:85:66:
dc:80:ce:8d:c9:78:1a:8a:cd:ae:60:fe:c2:1d:8c:3b:4d:90:
c7:36:3b:8e:c7:51:f2:1a:68:73:a3:56:f8:7a:a0:56:df:2e:
36:98:10:d7:fc:75:7a:5c:af:3f:87:cd:67:50:c4:5d:6c:f3:
32:b4:a9:2b:45:cf:07:04:c0:99:fb:80:18:80:3d:b9:71:d2:
35:71:dd:2e:e3:42:97:5f:2d:69:9b:3c:cd:bc:b9:dc:ce:5f:
98:43:e0:8d:98:5b:9b:6d:b7:87:e4:10:36:e4:fa:78:fd:49:
68:00:e6:bb:d8:ca:1b:ca:c1:01:fd:04:61:2a:e1:2e:8f:2c:
e7:04:6e:09:ea:45:bc:f9:9b:99:c1:fe:51:dd:5d:dc:8c:bd:
dd:56:bb:c5:06:5f:70:cc:06:76:a1:08:da:4a:bc:29:20:dc:
e2:23:2e:ce:b3:32:c3:7f:3d:f1:05:d8:88:b4:27:b2:55:9a:
96:47:a4:d5:a5:45:94:54:54:0d:01:91:c3:af:3d:60:24:52:
c4:25:24:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk3UW8OkNqn8u1wUnUgzAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTlmMDUyYmM5ZTcyODQ4ODgwNzQzOTBjOWQwYmMxMjc2
MDY2OTIwHhcNMjQwMTAxMTAzMDQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGJlMzJiZmFjYjdmMDI3YTRmMjhkNDg5ZWM4YTBmMTM2NTg3YmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn20hm05bv1H3SYvm9tXuQ6eCADfU
bwcmLd5WHngwnJbWuvfGY1dDO/8kQkeCfre+jh/aLNWJ8Dx6ZW+Fe3rfo7NCP1Ns
eYnSC8yruKT49YUoJYSBnmsXAmTW8vDEC2tqdZcAIqo2Aeroz0se/Gm5WDxirI8o
MEfmn12N8yDWnBshygXyNmkYjV/kxC+EfPau0/MI7Qx7OyCi3CusUWqOqm1nD/Io
CX6/u2ZLuYMFoqv2WDCJl/SpA8e+4hG8aM8+dN2wi4033rxxG7w8CsGIKr09dZPG
CH41miKtSrs3fCnogMvdonHSrNlQTDE99NBqbGT1Fm166B6gol6fHfu+VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2+Mr+st/AnpPKNSJ7IoPE2WHu7MB8GA1UdIwQY
MBaAFBMZ8FK8nnKEiIB0OQydC8EnYGaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUt
MmMxYTc3MzBiZDI1LzEvSGI0eXY2eTM4Q2VrOG8xSW5zaWc4VFpZZTdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9kNWJiY2UtNDIyMC00ZWM0LThhZjUtMmMxYTc3MzBiZDI1
LzEvRXhud1VyeWVjb1NJZ0hRNURKMEx3U2RnWnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwxdiMA0G
CSqGSIb3DQEBCwUAA4IBAQB/Vj046bLj6MXN1ff+TbFwsxDrEqqLAk601OU9dqi8
dkf/eO+RscjhjcsJk8SJpQ7YgbBPhWbcgM6NyXgais2uYP7CHYw7TZDHNjuOx1Hy
Gmhzo1b4eqBW3y42mBDX/HV6XK8/h81nUMRdbPMytKkrRc8HBMCZ+4AYgD25cdI1
cd0u40KXXy1pmzzNvLnczl+YQ+CNmFubbbeH5BA25Pp4/UloAOa72MobysEB/QRh
KuEujyznBG4J6kW8+ZuZwf5R3V3cjL3dVrvFBl9wzAZ2oQjaSrwpINziIy7OszLD
fz3xBdiItCeyVZqWR6TVpUWUVFQNAZHDrz1gJFLEJST2
-----END CERTIFICATE-----
Generated at Fri Apr 18 19:08:01 2025 by rpki-client