Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/hwnbGe2Y2ssHLhMyvixKPEUBd1c.roa
File: hwnbGe2Y2ssHLhMyvixKPEUBd1c.roa (raw, json)
Hash identifier: SpXZi1GNiPQuy9IdZaa9d0BaxgWjvFtVYAy5aJ0r/QA=
Subject key identifier: 87:09:DB:19:ED:98:DA:CB:07:2E:13:32:BE:2C:4A:3C:45:01:77:57
Certificate issuer: /CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb
Certificate serial: 018CC349473AC5876DB12E4C01B379B152D6
Authority key identifier: 96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/hwnbGe2Y2ssHLhMyvixKPEUBd1c.roa
Signing time: Mon 01 Jan 2024 04:30:08 +0000
ROA not before: Mon 01 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7155
IP address blocks: 91.201.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:47:3a:c5:87:6d:b1:2e:4c:01:b3:79:b1:52:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96c0ce9f87d9d275f6cae4dc9cdfb5d4437d8ceb
Validity
Not Before: Jan 1 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8709db19ed98dacb072e1332be2c4a3c45017757
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:bc:b2:10:4d:44:71:ea:7c:6f:7d:5c:73:e8:
89:0f:75:92:db:33:21:20:1e:3a:17:3b:df:09:b1:
f3:e3:2c:0e:51:88:65:31:fb:fc:f3:8c:14:f6:1c:
57:89:38:68:0a:b5:3a:39:ee:0a:72:4c:de:26:23:
0e:db:a0:37:51:a7:b4:da:6b:95:70:4e:c3:b4:34:
bf:18:71:88:54:90:31:55:cd:25:b8:5a:ae:ea:97:
67:07:85:05:a7:11:fd:a2:3e:f3:54:cd:83:c7:08:
44:06:17:22:ed:74:8d:50:4a:c8:39:b1:6a:34:7d:
7c:c6:ff:9d:89:73:d8:ca:00:60:d7:e2:b5:ac:01:
bf:c1:dc:7c:f5:c1:b6:b1:a8:61:8d:97:0f:08:20:
53:be:06:51:92:2f:e9:68:b7:8a:38:ca:61:6b:b7:
db:c1:95:79:b8:1c:53:1b:32:9a:24:c1:3b:cd:1e:
5c:bc:36:e4:fa:39:85:94:c5:7e:53:8c:e0:87:2a:
fe:8b:5d:53:95:b9:51:62:ee:d2:cf:af:c2:9b:ac:
91:bc:9c:1e:56:9f:84:fb:e0:63:a1:59:0a:30:03:
d0:33:b5:53:25:7c:e6:97:de:96:f2:37:ec:ec:07:
36:d5:4a:a3:cc:e9:12:6e:ac:88:20:88:96:09:29:
62:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:09:DB:19:ED:98:DA:CB:07:2E:13:32:BE:2C:4A:3C:45:01:77:57
X509v3 Authority Key Identifier:
keyid:96:C0:CE:9F:87:D9:D2:75:F6:CA:E4:DC:9C:DF:B5:D4:43:7D:8C:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lsDOn4fZ0nX2yuTcnN-11EN9jOs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/hwnbGe2Y2ssHLhMyvixKPEUBd1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/3aa386-9057-49a0-a229-5e77fa0333a3/1/lsDOn4fZ0nX2yuTcnN-11EN9jOs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.201.199.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:a0:ff:38:b4:bd:3a:66:88:6b:2c:25:97:47:d2:d9:28:b8:
b6:dd:d5:2c:6f:50:e1:c8:ff:25:8c:96:43:75:ad:58:84:a1:
41:61:6c:c7:eb:1c:57:39:af:e3:8d:c3:c1:9c:2f:68:d7:b8:
15:d2:51:ff:8b:80:8a:62:ba:3a:aa:c8:3e:ed:b3:18:f5:34:
81:e9:6f:ee:a8:17:ff:fc:c6:51:e1:5c:7c:8a:65:00:05:dc:
38:91:64:77:76:6f:62:24:46:e4:92:49:ed:bf:ab:d9:17:c2:
58:fd:4a:36:7a:4d:dc:45:66:b1:4f:40:5e:da:2c:82:a7:4d:
a1:be:38:77:7d:9e:e0:4c:09:e8:f7:93:88:fb:1c:88:7f:61:
6e:8c:ee:14:66:4f:74:7f:93:7c:45:bd:dd:1e:85:a3:9d:9a:
e2:fd:fb:8f:58:44:c7:b8:2a:f3:92:b8:78:80:01:78:9b:4a:
af:c5:76:32:6d:5f:e0:a8:41:dd:c5:73:d5:ec:32:e9:b2:98:
fa:f2:04:b3:c8:2a:dd:8e:db:b7:55:6a:8b:1f:59:dc:09:5a:
92:86:5a:9f:27:5f:73:50:0d:71:61:f9:d9:d3:eb:4f:84:b5:
d9:59:5c:a9:32:de:75:0e:8a:9b:77:fe:00:69:c1:7b:9a:f7:
dd:c4:08:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUc6xYdtsS5MAbN5sVLWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2YzBjZTlmODdkOWQyNzVmNmNhZTRkYzljZGZiNWQ0NDM3
ZDhjZWIwHhcNMjQwMTAxMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA5ZGIxOWVkOThkYWNiMDcyZTEzMzJiZTJjNGEzYzQ1MDE3NzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7yyEE1Ecep8b31cc+iJD3WS2zMh
IB46FzvfCbHz4ywOUYhlMfv884wU9hxXiThoCrU6Oe4KckzeJiMO26A3Uae02muV
cE7DtDS/GHGIVJAxVc0luFqu6pdnB4UFpxH9oj7zVM2DxwhEBhci7XSNUErIObFq
NH18xv+diXPYygBg1+K1rAG/wdx89cG2sahhjZcPCCBTvgZRki/paLeKOMpha7fb
wZV5uBxTGzKaJME7zR5cvDbk+jmFlMV+U4zghyr+i11TlblRYu7Sz6/Cm6yRvJwe
Vp+E++BjoVkKMAPQM7VTJXzml96W8jfs7Ac21UqjzOkSbqyIIIiWCSliLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcJ2xntmNrLBy4TMr4sSjxFAXdXMB8GA1UdIwQY
MBaAFJbAzp+H2dJ19srk3JzftdRDfYzrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjkt
NWU3N2ZhMDMzM2EzLzEvaHduYkdlMlkyc3NITGhNeXZpeEtQRVVCZDFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8zYWEzODYtOTA1Ny00OWEwLWEyMjktNWU3N2ZhMDMzM2Ez
LzEvbHNET240ZlowblgyeXVUY25OLTExRU45ak9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8nHMA0G
CSqGSIb3DQEBCwUAA4IBAQCOoP84tL06ZohrLCWXR9LZKLi23dUsb1DhyP8ljJZD
da1YhKFBYWzH6xxXOa/jjcPBnC9o17gV0lH/i4CKYro6qsg+7bMY9TSB6W/uqBf/
/MZR4Vx8imUABdw4kWR3dm9iJEbkkkntv6vZF8JY/Uo2ek3cRWaxT0Be2iyCp02h
vjh3fZ7gTAno95OI+xyIf2FujO4UZk90f5N8Rb3dHoWjnZri/fuPWETHuCrzkrh4
gAF4m0qvxXYybV/gqEHdxXPV7DLpspj68gSzyCrdjtu3VWqLH1ncCVqShlqfJ19z
UA1xYfnZ0+tPhLXZWVypMt51Doqbd/4AacF7mvfdxAg9
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:21 2025 by rpki-client