Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/hprk1dL4lNiJ8W45_Dc4kQke4cU.roa
File: hprk1dL4lNiJ8W45_Dc4kQke4cU.roa (raw, json)
Hash identifier: 7C0Wadn6UeBWHKf9sixeoTBJK3vS0za0Zu772+gX3Us=
Subject key identifier: 86:9A:E4:D5:D2:F8:94:D8:89:F1:6E:39:FC:37:38:91:09:1E:E1:C5
Certificate issuer: /CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c
Certificate serial: 018CC64AC9F9699F2FBF1B904BB0149D4D4D
Authority key identifier: 9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/hprk1dL4lNiJ8W45_Dc4kQke4cU.roa
Signing time: Mon 01 Jan 2024 18:30:39 +0000
ROA not before: Mon 01 Jan 2024 18:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 164.153.132.0/24 maxlen: 24
164.153.133.0/24 maxlen: 24
164.153.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:c9:f9:69:9f:2f:bf:1b:90:4b:b0:14:9d:4d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b759ec9ff54de03a7ff3a65edbb2e0758e6878c
Validity
Not Before: Jan 1 18:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=869ae4d5d2f894d889f16e39fc373891091ee1c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:ff:04:93:b5:90:cc:6b:90:a3:a6:59:5c:ba:
f8:a3:b7:2a:04:36:41:0f:81:8b:d0:ec:f7:9f:a3:
cb:fa:67:16:26:4f:a5:0c:5c:18:04:57:41:0f:7e:
5f:e5:30:78:b4:32:a4:14:f4:d8:7a:dc:28:42:df:
89:b7:c1:49:a8:62:05:5f:47:66:40:86:fb:3c:67:
d2:84:a6:8a:cf:53:d0:d3:47:bd:11:0f:54:e1:f1:
35:a5:a0:ed:e9:94:49:7f:05:38:ef:1b:fc:69:cc:
e9:ea:33:dd:93:ec:31:9a:a7:8a:bf:d8:dc:7e:cb:
0e:dd:6f:26:fc:2e:ac:68:79:76:57:39:e9:c9:82:
d0:d9:4a:dc:67:8b:21:d5:01:be:e3:61:fa:87:98:
5a:32:dd:cf:e3:17:29:e3:02:49:99:5c:3e:85:68:
ed:3d:bf:c0:3f:02:2b:ec:96:b6:4a:e3:56:cd:48:
37:54:a6:9f:75:8b:df:97:74:35:31:02:53:cd:e0:
94:18:d7:55:3d:0d:7e:bd:38:69:f5:3d:51:32:c4:
df:70:ff:80:16:3f:94:53:4d:3a:87:6d:76:01:a9:
f5:80:7c:03:a9:50:ae:72:04:f3:53:0c:83:f9:e7:
4d:2f:5b:ca:9d:d2:54:23:3c:2a:7d:0e:bd:a1:b1:
d0:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:9A:E4:D5:D2:F8:94:D8:89:F1:6E:39:FC:37:38:91:09:1E:E1:C5
X509v3 Authority Key Identifier:
keyid:9B:75:9E:C9:FF:54:DE:03:A7:FF:3A:65:ED:BB:2E:07:58:E6:87:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m3Weyf9U3gOn_zpl7bsuB1jmh4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/hprk1dL4lNiJ8W45_Dc4kQke4cU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/5ad73b-db17-4322-ade5-b9a9d8ae9421/1/m3Weyf9U3gOn_zpl7bsuB1jmh4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.153.132.0-164.153.134.255
Signature Algorithm: sha256WithRSAEncryption
8b:5e:b8:cf:f9:60:c7:a9:9e:84:a8:e2:e2:d2:3b:8f:20:98:
08:b6:56:7c:25:b0:b6:f4:07:79:a7:95:1d:0f:45:ca:c5:21:
14:6e:03:3f:5f:85:8d:bf:8f:09:26:4a:82:6d:9b:40:c0:29:
2f:d8:6d:81:99:27:12:ed:11:ca:13:20:d5:1f:12:13:10:cf:
e9:32:e1:af:62:75:53:5e:71:3d:16:c9:cf:3b:85:e1:de:39:
bf:88:3e:cd:2f:ec:54:2d:1a:67:25:ee:ff:60:8f:fe:83:9f:
59:9b:21:c9:7a:12:45:54:f9:37:4a:c6:c0:db:7e:da:42:fd:
3a:c3:1d:cb:d6:60:28:79:dc:53:ef:35:18:32:d9:99:e3:7e:
81:ab:36:c1:a4:30:18:bf:ed:97:59:00:27:4f:54:8b:3c:75:
cd:86:dc:91:0f:fd:c5:3c:d2:b5:b5:a0:bb:d8:69:a3:0b:88:
39:80:c8:68:27:f0:d9:2c:3c:65:e2:b4:f9:f8:c7:27:51:ba:
cf:08:e8:da:09:84:15:ae:f7:b2:d3:9f:5e:b4:83:28:e3:6b:
90:39:65:03:8b:c8:49:70:ba:ca:b9:51:ec:ba:10:d8:74:d0:
28:c0:12:20:14:e1:28:a0:33:5b:88:53:59:93:e1:e3:1f:70:
59:63:f1:97
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzGSsn5aZ8vvxuQS7AUnU1NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNzU5ZWM5ZmY1NGRlMDNhN2ZmM2E2NWVkYmIyZTA3NThl
Njg3OGMwHhcNMjQwMTAxMTgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjlhZTRkNWQyZjg5NGQ4ODlmMTZlMzlmYzM3Mzg5MTA5MWVlMWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP8Ek7WQzGuQo6ZZXLr4o7cqBDZB
D4GL0Oz3n6PL+mcWJk+lDFwYBFdBD35f5TB4tDKkFPTYetwoQt+Jt8FJqGIFX0dm
QIb7PGfShKaKz1PQ00e9EQ9U4fE1paDt6ZRJfwU47xv8aczp6jPdk+wxmqeKv9jc
fssO3W8m/C6saHl2VznpyYLQ2UrcZ4sh1QG+42H6h5haMt3P4xcp4wJJmVw+hWjt
Pb/APwIr7Ja2SuNWzUg3VKafdYvfl3Q1MQJTzeCUGNdVPQ1+vThp9T1RMsTfcP+A
Fj+UU006h212Aan1gHwDqVCucgTzUwyD+edNL1vKndJUIzwqfQ69obHQbQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIaa5NXS+JTYifFuOfw3OJEJHuHFMB8GA1UdIwQY
MBaAFJt1nsn/VN4Dp/86Ze27LgdY5oeMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUt
YjlhOWQ4YWU5NDIxLzEvaHByazFkTDRsTmlKOFc0NV9EYzRrUWtlNGNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS81YWQ3M2ItZGIxNy00MzIyLWFkZTUtYjlhOWQ4YWU5NDIx
LzEvbTNXZXlmOVUzZ09uX3pwbDdic3VCMWptaDR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAKkmYQD
BACkmYYwDQYJKoZIhvcNAQELBQADggEBAIteuM/5YMepnoSo4uLSO48gmAi2Vnwl
sLb0B3mnlR0PRcrFIRRuAz9fhY2/jwkmSoJtm0DAKS/YbYGZJxLtEcoTINUfEhMQ
z+ky4a9idVNecT0Wyc87heHeOb+IPs0v7FQtGmcl7v9gj/6Dn1mbIcl6EkVU+TdK
xsDbftpC/TrDHcvWYCh53FPvNRgy2ZnjfoGrNsGkMBi/7ZdZACdPVIs8dc2G3JEP
/cU80rW1oLvYaaMLiDmAyGgn8NksPGXitPn4xydRus8I6NoJhBWu97LTn160gyjj
a5A5ZQOLyElwusq5Uey6ENh00CjAEiAU4SigM1uIU1mT4eMfcFlj8Zc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:01 2025 by rpki-client