Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/hB_bF40OQ1fP_dJH2lPdGvhynUA.roa
File: hB_bF40OQ1fP_dJH2lPdGvhynUA.roa (raw, json)
Hash identifier: uO5FaYJD3D1BELoM9lwklnA7+EozF2DRcG4Xt22yHkc=
Subject key identifier: 84:1F:DB:17:8D:0E:43:57:CF:FD:D2:47:DA:53:DD:1A:F8:72:9D:40
Certificate issuer: /CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Certificate serial: 018CC56E91206C1DCDA02023CC99E4620D04
Authority key identifier: BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/hB_bF40OQ1fP_dJH2lPdGvhynUA.roa
Signing time: Mon 01 Jan 2024 14:30:06 +0000
ROA not before: Mon 01 Jan 2024 14:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44558
IP address blocks: 92.45.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:91:20:6c:1d:cd:a0:20:23:cc:99:e4:62:0d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba9d30e6035be8b8386061f271481c707e04ce2b
Validity
Not Before: Jan 1 14:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=841fdb178d0e4357cffdd247da53dd1af8729d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:30:97:d0:f7:a9:d1:a4:30:aa:6f:20:1d:22:
40:21:7d:e6:67:f7:fe:33:a2:6f:0e:ab:35:72:9d:
59:88:1c:40:11:d1:15:e5:df:f9:d1:2f:20:6f:00:
9c:0b:9f:1f:6c:87:11:bc:44:b7:59:e9:ec:b9:2a:
e1:bb:e5:46:c6:e6:4a:53:9a:90:18:9a:aa:f4:b6:
f7:4f:18:d0:dd:0e:f6:13:e5:84:10:37:c1:2d:19:
54:34:e9:d6:51:31:f3:c1:26:13:5d:5b:e3:81:f3:
d8:a7:6b:f8:ae:07:81:5d:07:53:6a:b3:ab:fd:65:
11:8b:a7:13:9d:cb:41:85:78:0b:24:2b:7d:c6:ef:
9e:cc:37:23:50:31:72:36:88:40:f1:31:0b:57:e2:
0f:eb:22:90:31:04:99:80:c3:d7:9d:0d:9f:bd:a6:
d9:7c:e4:1c:b2:94:75:90:a4:39:d7:c6:5d:24:2a:
7f:51:39:74:e7:54:32:00:10:5c:93:f6:37:bb:23:
43:91:ea:bb:c5:de:2b:3f:28:53:9f:d9:c7:ff:71:
db:51:62:3b:c3:ae:cc:6c:fb:88:8c:b5:9e:3f:5d:
95:62:c9:f3:fc:60:5b:1d:ec:eb:87:d0:17:0f:37:
53:f0:46:ac:01:ee:4d:d2:d0:17:9f:6b:10:6a:9b:
3d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:1F:DB:17:8D:0E:43:57:CF:FD:D2:47:DA:53:DD:1A:F8:72:9D:40
X509v3 Authority Key Identifier:
keyid:BA:9D:30:E6:03:5B:E8:B8:38:60:61:F2:71:48:1C:70:7E:04:CE:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/up0w5gNb6Lg4YGHycUgccH4Ezis.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/hB_bF40OQ1fP_dJH2lPdGvhynUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ac9c32-7dbc-4d6c-bc08-5d584fbc5d27/1/up0w5gNb6Lg4YGHycUgccH4Ezis.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.45.100.0/24
Signature Algorithm: sha256WithRSAEncryption
50:c3:81:b4:d6:80:30:a5:2a:c9:81:f2:48:86:3a:37:25:31:
58:70:d7:96:d2:e7:10:85:a4:34:34:a9:1c:be:b2:51:89:b3:
62:d7:dd:c6:8f:b1:89:00:0e:d8:2a:49:be:95:b8:ef:5f:13:
78:5f:2d:e9:c7:a3:a8:8d:ed:59:4b:cd:88:47:d6:98:ad:9f:
9d:83:40:07:98:75:1c:cc:90:93:0b:fe:a7:b7:2c:3d:17:a9:
1f:7a:5c:55:dc:73:25:fd:a9:df:68:35:6c:2c:79:1d:f3:95:
08:64:cc:f5:7c:84:82:81:dd:e2:a8:b1:2d:15:4e:2e:db:38:
53:1e:68:70:61:a8:54:ed:51:38:d1:a8:b4:7a:10:dc:5a:c6:
00:0f:b7:8c:f1:1b:4c:f9:fc:1d:d6:26:8a:e4:33:43:c0:26:
43:ec:78:73:ba:25:d4:b5:4f:bc:2f:d1:23:75:6b:9f:84:d8:
64:9c:06:93:8f:ab:82:8d:b3:7f:b0:13:d1:75:07:af:32:87:
61:86:c6:4b:ee:10:bb:ef:7b:bb:33:39:bf:83:3c:fb:06:b1:
85:d7:0f:ce:73:21:d5:e7:a2:3c:22:19:bd:05:98:af:c4:d7:
e2:8a:7a:9c:c6:45:0d:a7:df:b0:1c:31:27:6f:14:20:86:bd:
ae:47:a6:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbpEgbB3NoCAjzJnkYg0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhOWQzMGU2MDM1YmU4YjgzODYwNjFmMjcxNDgxYzcwN2Uw
NGNlMmIwHhcNMjQwMTAxMTQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDFmZGIxNzhkMGU0MzU3Y2ZmZGQyNDdkYTUzZGQxYWY4NzI5ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTCX0Pep0aQwqm8gHSJAIX3mZ/f+
M6JvDqs1cp1ZiBxAEdEV5d/50S8gbwCcC58fbIcRvES3WensuSrhu+VGxuZKU5qQ
GJqq9Lb3TxjQ3Q72E+WEEDfBLRlUNOnWUTHzwSYTXVvjgfPYp2v4rgeBXQdTarOr
/WURi6cTnctBhXgLJCt9xu+ezDcjUDFyNohA8TELV+IP6yKQMQSZgMPXnQ2fvabZ
fOQcspR1kKQ518ZdJCp/UTl051QyABBck/Y3uyNDkeq7xd4rPyhTn9nH/3HbUWI7
w67MbPuIjLWeP12VYsnz/GBbHezrh9AXDzdT8EasAe5N0tAXn2sQaps9mQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIQf2xeNDkNXz/3SR9pT3Rr4cp1AMB8GA1UdIwQY
MBaAFLqdMOYDW+i4OGBh8nFIHHB+BM4rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgt
NWQ1ODRmYmM1ZDI3LzEvaEJfYkY0ME9RMWZQX2RKSDJsUGRHdmh5blVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hYzljMzItN2RiYy00ZDZjLWJjMDgtNWQ1ODRmYmM1ZDI3
LzEvdXAwdzVnTmI2TGc0WUdIeWNVZ2NjSDRFemlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXC1kMA0G
CSqGSIb3DQEBCwUAA4IBAQBQw4G01oAwpSrJgfJIhjo3JTFYcNeW0ucQhaQ0NKkc
vrJRibNi193Gj7GJAA7YKkm+lbjvXxN4Xy3px6Ooje1ZS82IR9aYrZ+dg0AHmHUc
zJCTC/6ntyw9F6kfelxV3HMl/anfaDVsLHkd85UIZMz1fISCgd3iqLEtFU4u2zhT
HmhwYahU7VE40ai0ehDcWsYAD7eM8RtM+fwd1iaK5DNDwCZD7HhzuiXUtU+8L9Ej
dWufhNhknAaTj6uCjbN/sBPRdQevModhhsZL7hC773u7Mzm/gzz7BrGF1w/OcyHV
56I8Ihm9BZivxNfiinqcxkUNp9+wHDEnbxQghr2uR6Y5
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:45:29 2025 by rpki-client