Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/chcUaoY_nWHDLk_U3awrOI8Twys.roa
File: chcUaoY_nWHDLk_U3awrOI8Twys.roa (raw, json)
Hash identifier: u5IikQ6+R2A1krTObCgQ4dkJzVxBxvYbjmrVu5oHOy8=
Subject key identifier: 72:17:14:6A:86:3F:9D:61:C3:2E:4F:D4:DD:AC:2B:38:8F:13:C3:2B
Certificate issuer: /CN=d914da56e1a934649da02964ac12eba34c5cb84f
Certificate serial: 019384DB62EF91EDAF8FF3D6DAED57377F41
Authority key identifier: D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/chcUaoY_nWHDLk_U3awrOI8Twys.roa
Signing time: Mon 02 Dec 2024 00:53:10 +0000
ROA not before: Mon 02 Dec 2024 00:53:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214019
IP address blocks: 79.174.3.0/24 maxlen: 24
2a13:e3c3::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:84:db:62:ef:91:ed:af:8f:f3:d6:da:ed:57:37:7f:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d914da56e1a934649da02964ac12eba34c5cb84f
Validity
Not Before: Dec 2 00:53:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7217146a863f9d61c32e4fd4ddac2b388f13c32b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:df:b0:45:44:d4:ce:b9:13:e8:f9:d0:db:1d:
b1:18:56:e1:7c:e8:26:9a:c5:37:17:29:cf:22:a4:
e5:a8:08:a7:a3:30:f9:1f:2b:4c:6e:88:36:29:e1:
73:e5:7c:eb:85:1a:09:ed:7b:7d:7c:79:63:be:32:
fd:23:12:65:66:a4:a7:ff:06:5d:82:38:ee:fb:fc:
03:2b:73:56:e8:9a:03:b0:64:a0:cc:38:15:82:11:
38:35:bf:25:a4:c8:64:15:e4:07:ea:10:72:c1:15:
de:9b:34:a1:52:41:75:82:2e:fb:bc:b0:e0:df:e7:
ad:b0:a8:ed:96:8b:46:4b:48:6a:54:68:e5:cf:82:
20:e5:2a:b7:ad:c4:53:25:b0:ec:eb:f9:34:45:84:
d0:bb:2c:91:4e:33:ae:29:f6:8b:1e:76:54:d3:3a:
13:01:1a:d2:13:76:3e:75:6f:51:2f:ad:a4:fc:cc:
36:94:02:e6:ca:42:e6:fb:17:45:8e:c4:28:94:b1:
71:2f:09:10:52:7a:97:cb:4d:68:c8:c0:14:13:0c:
b9:b3:63:b8:f2:36:b8:03:d8:e8:dc:52:45:f1:1c:
08:98:22:73:54:ab:4a:a7:c2:3f:e1:01:f6:34:fe:
94:3b:a5:31:f8:42:b2:d3:82:90:59:ff:b1:7d:0d:
b2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:17:14:6A:86:3F:9D:61:C3:2E:4F:D4:DD:AC:2B:38:8F:13:C3:2B
X509v3 Authority Key Identifier:
keyid:D9:14:DA:56:E1:A9:34:64:9D:A0:29:64:AC:12:EB:A3:4C:5C:B8:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2RTaVuGpNGSdoClkrBLro0xcuE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/chcUaoY_nWHDLk_U3awrOI8Twys.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/7a11b5-a405-41cb-81cb-f6bccf1e531f/1/2RTaVuGpNGSdoClkrBLro0xcuE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.174.3.0/24
IPv6:
2a13:e3c3::/32
Signature Algorithm: sha256WithRSAEncryption
52:54:ed:b5:81:fa:54:04:94:dd:b1:2b:d1:50:25:1e:d4:f6:
d5:45:22:1b:f5:8c:d0:76:ba:2b:60:4c:fb:68:b0:4e:81:bd:
28:b4:39:a7:63:54:01:e6:07:9d:a8:41:7f:6b:28:c3:a6:0f:
69:26:30:7f:6c:cb:35:b2:3a:a5:84:96:c6:97:b9:ee:03:4a:
25:15:8d:f2:1e:02:13:9f:38:0d:ae:a8:d6:f8:de:07:4b:d7:
87:45:ac:29:e7:93:93:90:43:1f:19:cd:b8:69:bb:31:b5:0b:
4b:fd:4e:02:4c:1b:b1:af:06:d4:c5:5f:63:4b:e0:37:01:28:
e1:c3:6b:af:b9:e0:f8:6f:24:c0:30:04:0a:6b:66:b1:17:d4:
67:2b:7f:cc:4d:96:27:6e:61:60:8d:cf:9a:73:26:4f:01:28:
ac:c2:97:35:75:2d:7a:e5:c4:28:39:c0:85:0f:78:3d:3f:b5:
4c:a8:de:8a:e4:1f:3e:d9:0c:c4:1e:d8:50:fb:39:23:27:b6:
3c:4c:02:28:5b:64:d8:a1:1c:73:5b:81:79:72:14:64:94:ae:
65:b3:4b:2c:7e:79:4f:a2:e6:c2:9d:84:de:39:24:59:ab:a0:
48:58:ee:a0:54:fd:be:11:8d:4d:f5:91:d6:92:a8:e6:6c:a0:
8b:6e:26:97
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZOE22Lvke2vj/PW2u1XN39BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5MTRkYTU2ZTFhOTM0NjQ5ZGEwMjk2NGFjMTJlYmEzNGM1
Y2I4NGYwHhcNMjQxMjAyMDA1MzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjE3MTQ2YTg2M2Y5ZDYxYzMyZTRmZDRkZGFjMmIzODhmMTNjMzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN+wRUTUzrkT6PnQ2x2xGFbhfOgm
msU3FynPIqTlqAinozD5HytMbog2KeFz5XzrhRoJ7Xt9fHljvjL9IxJlZqSn/wZd
gjju+/wDK3NW6JoDsGSgzDgVghE4Nb8lpMhkFeQH6hBywRXemzShUkF1gi77vLDg
3+etsKjtlotGS0hqVGjlz4Ig5Sq3rcRTJbDs6/k0RYTQuyyRTjOuKfaLHnZU0zoT
ARrSE3Y+dW9RL62k/Mw2lALmykLm+xdFjsQolLFxLwkQUnqXy01oyMAUEwy5s2O4
8ja4A9jo3FJF8RwImCJzVKtKp8I/4QH2NP6UO6Ux+EKy04KQWf+xfQ2ylQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHIXFGqGP51hwy5P1N2sKziPE8MrMB8GA1UdIwQY
MBaAFNkU2lbhqTRknaApZKwS66NMXLhPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2It
ZjZiY2NmMWU1MzFmLzEvY2hjVWFvWV9uV0hETGtfVTNhd3JPSThUd3lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS83YTExYjUtYTQwNS00MWNiLTgxY2ItZjZiY2NmMWU1MzFm
LzEvMlJUYVZ1R3BOR1Nkb0Nsa3JCTHJvMHhjdUU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAT64DMA0E
AgACMAcDBQAqE+PDMA0GCSqGSIb3DQEBCwUAA4IBAQBSVO21gfpUBJTdsSvRUCUe
1PbVRSIb9YzQdrorYEz7aLBOgb0otDmnY1QB5gedqEF/ayjDpg9pJjB/bMs1sjql
hJbGl7nuA0olFY3yHgITnzgNrqjW+N4HS9eHRawp55OTkEMfGc24absxtQtL/U4C
TBuxrwbUxV9jS+A3ASjhw2uvueD4byTAMAQKa2axF9RnK3/MTZYnbmFgjc+acyZP
ASiswpc1dS165cQoOcCFD3g9P7VMqN6K5B8+2QzEHthQ+zkjJ7Y8TAIoW2TYoRxz
W4F5chRklK5ls0ssfnlPoubCnYTeOSRZq6BIWO6gVP2+EY1N9ZHWkqjmbKCLbiaX
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:21:30 2025 by rpki-client