Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/Hhb5J5OMhUXyF4lfq1WFPtKABT4.roa
File: Hhb5J5OMhUXyF4lfq1WFPtKABT4.roa (raw, json)
Hash identifier: CGcqYm+RJhrL7SH8HxKpvnzMu0/7JQEIx0Uk+0Cd1Bc=
Subject key identifier: 1E:16:F9:27:93:8C:85:45:F2:17:89:5F:AB:55:85:3E:D2:80:05:3E
Certificate issuer: /CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Certificate serial: 0191566F4B6906F1FF4D23C8425491728F5C
Authority key identifier: 01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/Hhb5J5OMhUXyF4lfq1WFPtKABT4.roa
Signing time: Thu 15 Aug 2024 14:26:59 +0000
ROA not before: Thu 15 Aug 2024 14:26:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49209
IP address blocks: 5.10.141.0/24 maxlen: 24
95.130.195.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:56:6f:4b:69:06:f1:ff:4d:23:c8:42:54:91:72:8f:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01f3ef3e0ea95a975537d5c25d93cb76af687234
Validity
Not Before: Aug 15 14:26:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e16f927938c8545f217895fab55853ed280053e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:7d:8f:6e:d1:fe:31:a5:57:fc:23:9a:0c:84:
42:88:b9:51:11:73:1f:9a:0b:f4:cb:8b:a3:a7:99:
cb:d3:97:f8:08:9d:1d:9c:59:10:55:c7:47:ab:98:
0a:64:b1:a5:dd:d0:8c:08:9f:d8:a1:16:5f:c0:ac:
11:ae:3a:7b:33:6c:57:30:b4:85:44:8e:bf:44:89:
cf:5f:7b:f5:7d:a3:8e:b0:d6:b5:e1:b7:c2:be:b6:
49:12:6f:a9:ea:b5:a6:5a:9b:7a:1b:24:ac:2a:e3:
46:3c:dc:ea:46:f0:67:0a:2c:39:7f:4a:47:86:ef:
52:b7:89:50:02:68:1c:08:be:b4:98:51:ba:2d:26:
3b:d2:fe:a7:74:18:e2:53:04:2a:3b:13:91:b5:17:
9e:e9:7a:0a:93:61:5e:1a:42:c4:ee:63:f6:88:02:
3c:e3:db:1d:eb:2c:34:35:32:4f:d7:1e:f1:c2:31:
7c:b1:25:51:81:d4:03:b1:68:87:fd:9f:e0:10:16:
c9:3c:ac:bf:ec:3f:51:23:02:85:a9:ce:8b:2f:4d:
b9:ab:c9:20:51:53:a6:94:ab:a8:fd:bd:f5:53:d7:
41:83:39:54:94:03:b7:84:14:65:2d:05:5d:b4:cf:
10:d8:e1:18:86:05:2c:fd:45:07:7d:19:cd:0b:59:
aa:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:16:F9:27:93:8C:85:45:F2:17:89:5F:AB:55:85:3E:D2:80:05:3E
X509v3 Authority Key Identifier:
keyid:01:F3:EF:3E:0E:A9:5A:97:55:37:D5:C2:5D:93:CB:76:AF:68:72:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/Hhb5J5OMhUXyF4lfq1WFPtKABT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/8417a0-0777-446e-97e1-353b3a633ada/1/AfPvPg6pWpdVN9XCXZPLdq9ocjQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.141.0/24
95.130.195.0/24
Signature Algorithm: sha256WithRSAEncryption
97:57:a6:51:00:46:dc:e4:8c:1c:45:d2:49:ea:c2:f9:ef:33:
6f:7d:8f:8b:58:c3:19:48:a3:42:f0:35:db:f6:84:94:d9:56:
d6:cf:06:a0:6d:43:62:6c:03:b1:61:3b:86:b9:e9:78:e5:f9:
a6:ba:8d:e2:c0:06:27:20:45:5d:a5:21:8f:e5:ab:f5:92:2d:
1c:5d:7e:c9:49:40:8e:f5:8b:3c:fb:24:3a:e3:9f:90:25:93:
b1:b7:32:ad:df:8a:c9:37:3d:da:04:1e:cc:2a:78:40:14:a9:
bb:fe:b5:6d:53:ef:0e:ce:33:77:77:c0:75:9a:9c:ff:dc:23:
ef:50:84:78:2c:48:fc:d7:e4:c0:50:e0:a1:c8:72:6e:e9:61:
df:3e:6e:b2:52:0a:7e:4d:b3:49:8f:d2:4c:35:cc:c4:68:2b:
f1:4d:46:c8:96:2d:ba:58:90:c1:3a:2e:ff:66:62:0a:65:fb:
10:47:ef:5d:a7:62:62:07:6a:ec:95:73:64:af:49:72:2a:f0:
24:d6:3c:c3:58:09:58:b0:40:37:33:6e:2e:55:62:49:97:ca:
bb:ea:7e:08:4a:2c:75:99:6f:f7:04:16:eb:db:5c:39:71:79:
82:13:9c:14:d4:42:4e:df:40:24:f6:f6:8c:f8:bb:c9:d5:22:
01:69:ff:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFWb0tpBvH/TSPIQlSRco9cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZjNlZjNlMGVhOTVhOTc1NTM3ZDVjMjVkOTNjYjc2YWY2
ODcyMzQwHhcNMjQwODE1MTQyNjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE2ZjkyNzkzOGM4NTQ1ZjIxNzg5NWZhYjU1ODUzZWQyODAwNTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs32PbtH+MaVX/COaDIRCiLlREXMf
mgv0y4ujp5nL05f4CJ0dnFkQVcdHq5gKZLGl3dCMCJ/YoRZfwKwRrjp7M2xXMLSF
RI6/RInPX3v1faOOsNa14bfCvrZJEm+p6rWmWpt6GySsKuNGPNzqRvBnCiw5f0pH
hu9St4lQAmgcCL60mFG6LSY70v6ndBjiUwQqOxORtRee6XoKk2FeGkLE7mP2iAI8
49sd6yw0NTJP1x7xwjF8sSVRgdQDsWiH/Z/gEBbJPKy/7D9RIwKFqc6LL025q8kg
UVOmlKuo/b31U9dBgzlUlAO3hBRlLQVdtM8Q2OEYhgUs/UUHfRnNC1mqEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB4W+SeTjIVF8heJX6tVhT7SgAU+MB8GA1UdIwQY
MBaAFAHz7z4OqVqXVTfVwl2Ty3avaHI0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEt
MzUzYjNhNjMzYWRhLzEvSGhiNUo1T01oVVh5RjRsZnExV0ZQdEtBQlQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS84NDE3YTAtMDc3Ny00NDZlLTk3ZTEtMzUzYjNhNjMzYWRh
LzEvQWZQdlBnNnBXcGRWTjlYQ1haUExkcTlvY2pRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABQqNAwQA
X4LDMA0GCSqGSIb3DQEBCwUAA4IBAQCXV6ZRAEbc5IwcRdJJ6sL57zNvfY+LWMMZ
SKNC8DXb9oSU2VbWzwagbUNibAOxYTuGuel45fmmuo3iwAYnIEVdpSGP5av1ki0c
XX7JSUCO9Ys8+yQ645+QJZOxtzKt34rJNz3aBB7MKnhAFKm7/rVtU+8OzjN3d8B1
mpz/3CPvUIR4LEj81+TAUOChyHJu6WHfPm6yUgp+TbNJj9JMNczEaCvxTUbIli26
WJDBOi7/ZmIKZfsQR+9dp2JiB2rslXNkr0lyKvAk1jzDWAlYsEA3M24uVWJJl8q7
6n4ISix1mW/3BBbr21w5cXmCE5wU1EJO30Ak9vaM+LvJ1SIBaf8z
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:30:15 2025 by rpki-client