Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/CH13gGQO-kADWpaVO1BdBVKlxhA.roa
File: CH13gGQO-kADWpaVO1BdBVKlxhA.roa (raw, json)
Hash identifier: L/Yp8QMTZLFl4J00VLl9ipQivUAa3A8Zy6ODFi3yaD4=
Subject key identifier: 08:7D:77:80:64:0E:FA:40:03:5A:96:95:3B:50:5D:05:52:A5:C6:10
Certificate issuer: /CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Certificate serial: 0193F3ADF845B3718B48108DEE17783FB9BC
Authority key identifier: 8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/CH13gGQO-kADWpaVO1BdBVKlxhA.roa
Signing time: Mon 23 Dec 2024 13:21:24 +0000
ROA not before: Mon 23 Dec 2024 13:21:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213682
IP address blocks: 157.119.189.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:49:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:ad:f8:45:b3:71:8b:48:10:8d:ee:17:78:3f:b9:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b47aa09f2c610f6f44b4e75c1cd9dcd3884e55d
Validity
Not Before: Dec 23 13:21:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=087d7780640efa40035a96953b505d0552a5c610
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:f8:97:ab:96:ed:98:08:e9:f3:29:dd:a1:68:
a8:1d:04:e5:fc:b3:f5:bf:87:89:b7:1a:1a:d4:64:
2b:e6:63:6a:2e:8b:4d:19:dd:20:98:a9:32:c6:96:
91:d7:37:fe:72:1f:e1:3d:59:33:ae:a7:2e:27:7b:
6e:27:9a:0a:30:3e:ce:ab:e9:d1:14:f2:c6:6b:46:
0b:ef:61:64:05:9a:cb:5e:0a:fc:42:da:88:95:4f:
94:07:95:e4:99:22:78:13:90:9e:44:68:f8:4a:a7:
6c:42:5d:4b:0a:13:d6:e0:9d:8a:a0:7a:f1:4b:01:
81:94:5e:aa:c8:02:ff:28:69:37:07:2f:e3:12:85:
26:4f:98:d0:c6:b7:35:74:d7:7f:a9:7f:22:62:32:
e3:a0:25:1d:33:fc:f7:95:7c:24:dd:5c:aa:7e:ab:
31:f3:61:28:8d:5c:a8:db:97:7b:3f:44:2f:41:dc:
88:13:d2:64:84:0b:cc:8a:77:96:e2:bf:da:ec:8a:
ab:da:cb:47:2a:90:86:97:ea:73:3c:f9:64:42:6d:
9a:d5:c9:e7:bb:f6:1c:b9:58:fe:5a:fd:45:3e:cf:
42:53:57:7b:c6:69:ce:01:2d:df:db:a0:f3:8a:2d:
58:46:7b:c8:2c:b4:ee:5f:0a:ec:d0:14:62:61:b5:
de:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:7D:77:80:64:0E:FA:40:03:5A:96:95:3B:50:5D:05:52:A5:C6:10
X509v3 Authority Key Identifier:
keyid:8B:47:AA:09:F2:C6:10:F6:F4:4B:4E:75:C1:CD:9D:CD:38:84:E5:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i0eqCfLGEPb0S051wc2dzTiE5V0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/CH13gGQO-kADWpaVO1BdBVKlxhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/f560e1-7840-4951-ab78-5001539d7185/1/i0eqCfLGEPb0S051wc2dzTiE5V0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
157.119.189.0/24
Signature Algorithm: sha256WithRSAEncryption
37:67:27:6d:06:39:fb:16:26:55:90:db:80:fa:a3:0b:47:06:
f3:1c:25:5b:a2:60:b5:67:d6:b0:5d:3f:63:b2:2f:60:0a:38:
f5:bd:bc:b9:8a:1a:89:2e:ac:e2:83:d5:70:95:e4:a3:ae:14:
21:b9:61:a0:68:1b:76:6f:19:e7:9d:66:f9:7e:23:9f:ff:c8:
f7:c7:73:dc:f0:21:b9:aa:bb:26:b6:6c:1d:96:fb:64:fb:3d:
c9:3d:3a:63:1b:00:58:6a:e3:fb:ad:e9:96:7c:b1:19:4d:ed:
a2:fb:26:15:8a:16:6a:e7:6c:d4:09:6a:bd:3f:50:ac:c3:3d:
32:57:00:4d:37:a3:18:81:26:3f:93:3c:74:68:b2:cc:bd:d7:
c9:5d:89:e7:b3:88:b6:e4:ff:dd:ac:b8:eb:04:da:db:1a:50:
d4:ba:8b:9f:13:84:96:c1:e5:28:94:55:ef:e8:cb:6f:e9:37:
09:59:f3:c7:f3:b8:6a:e7:9e:40:18:7e:25:6f:0f:5c:d3:06:
4f:d1:df:e6:f2:a9:12:22:e4:10:8d:27:b5:2b:60:49:48:b7:
1e:c9:14:99:88:b9:1a:93:30:94:a6:d9:36:44:0e:b1:05:ac:
7a:d3:9f:7f:a0:64:1d:dc:39:fc:07:d8:30:bc:8d:f3:bd:ec:
31:6b:04:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPzrfhFs3GLSBCN7hd4P7m8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiNDdhYTA5ZjJjNjEwZjZmNDRiNGU3NWMxY2Q5ZGNkMzg4
NGU1NWQwHhcNMjQxMjIzMTMyMTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODdkNzc4MDY0MGVmYTQwMDM1YTk2OTUzYjUwNWQwNTUyYTVjNjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuviXq5btmAjp8yndoWioHQTl/LP1
v4eJtxoa1GQr5mNqLotNGd0gmKkyxpaR1zf+ch/hPVkzrqcuJ3tuJ5oKMD7Oq+nR
FPLGa0YL72FkBZrLXgr8QtqIlU+UB5XkmSJ4E5CeRGj4SqdsQl1LChPW4J2KoHrx
SwGBlF6qyAL/KGk3By/jEoUmT5jQxrc1dNd/qX8iYjLjoCUdM/z3lXwk3Vyqfqsx
82EojVyo25d7P0QvQdyIE9JkhAvMineW4r/a7Iqr2stHKpCGl+pzPPlkQm2a1cnn
u/YcuVj+Wv1FPs9CU1d7xmnOAS3f26Dzii1YRnvILLTuXwrs0BRiYbXeowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAh9d4BkDvpAA1qWlTtQXQVSpcYQMB8GA1UdIwQY
MBaAFItHqgnyxhD29EtOdcHNnc04hOVdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgt
NTAwMTUzOWQ3MTg1LzEvQ0gxM2dHUU8ta0FEV3BhVk8xQmRCVktseGhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9mNTYwZTEtNzg0MC00OTUxLWFiNzgtNTAwMTUzOWQ3MTg1
LzEvaTBlcUNmTEdFUGIwUzA1MXdjMmR6VGlFNVYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAnXe9MA0G
CSqGSIb3DQEBCwUAA4IBAQA3ZydtBjn7FiZVkNuA+qMLRwbzHCVbomC1Z9awXT9j
si9gCjj1vby5ihqJLqzig9VwleSjrhQhuWGgaBt2bxnnnWb5fiOf/8j3x3Pc8CG5
qrsmtmwdlvtk+z3JPTpjGwBYauP7remWfLEZTe2i+yYVihZq52zUCWq9P1Cswz0y
VwBNN6MYgSY/kzx0aLLMvdfJXYnns4i25P/drLjrBNrbGlDUuoufE4SWweUolFXv
6Mtv6TcJWfPH87hq555AGH4lbw9c0wZP0d/m8qkSIuQQjSe1K2BJSLceyRSZiLka
kzCUptk2RA6xBax6059/oGQd3Dn8B9gwvI3zvewxawT6
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:11:16 2025 by rpki-client