Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/b041a6-2911-40dd-b6bb-1d08c267ed9e/1/Hp3B74NNEZxvGKwXlYt8w5t6tIw.roa
File: Hp3B74NNEZxvGKwXlYt8w5t6tIw.roa (raw, json)
Hash identifier: /OVATpXBMVK5A7wei9uCVbRnV0TLOyE+YDSZ/t7tk5M=
Subject key identifier: 1E:9D:C1:EF:83:4D:11:9C:6F:18:AC:17:95:8B:7C:C3:9B:7A:B4:8C
Certificate issuer: /CN=ab0a843846156f08e2d8d7bfc91ab350534b9b8a
Certificate serial: 018CC6B7DBC99F6405C6878C4971900E6D1E
Authority key identifier: AB:0A:84:38:46:15:6F:08:E2:D8:D7:BF:C9:1A:B3:50:53:4B:9B:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwqEOEYVbwji2Ne_yRqzUFNLm4o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/b041a6-2911-40dd-b6bb-1d08c267ed9e/1/Hp3B74NNEZxvGKwXlYt8w5t6tIw.roa
Signing time: Mon 01 Jan 2024 20:29:47 +0000
ROA not before: Mon 01 Jan 2024 20:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210393
IP address blocks: 178.211.158.0/24 maxlen: 24
2a12:f480::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:db:c9:9f:64:05:c6:87:8c:49:71:90:0e:6d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0a843846156f08e2d8d7bfc91ab350534b9b8a
Validity
Not Before: Jan 1 20:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e9dc1ef834d119c6f18ac17958b7cc39b7ab48c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:12:17:13:b4:6d:30:40:7e:0e:86:9f:35:4b:
87:ae:64:78:6d:0e:8c:ee:ec:8d:b4:ad:fc:a7:d4:
cf:df:e4:9c:6a:e8:6e:e7:9a:7f:62:4c:8d:f4:23:
33:c9:87:81:f6:7e:c0:d1:dd:3b:75:23:fe:06:60:
9e:25:2b:06:af:92:c0:aa:7f:41:6a:7a:fc:9f:eb:
4f:24:ca:73:73:e5:19:32:89:e8:be:e8:2b:ae:97:
ee:37:d0:df:05:3f:1e:36:81:95:9f:e0:ba:4f:eb:
ad:0a:ea:f6:c1:91:b3:88:b6:61:03:7f:1a:2b:e0:
45:7b:09:c5:a4:cf:8c:7a:fc:ad:17:d4:34:85:08:
e5:19:17:56:08:d9:f5:7e:21:8d:ce:57:7f:b6:7f:
d0:e4:f9:44:48:da:89:9f:f4:01:81:a3:66:b0:43:
34:7b:c9:e9:53:15:b0:31:ad:d0:10:2e:b8:cb:d2:
8c:bd:97:4b:65:48:c6:41:70:39:83:ee:fc:ec:86:
ef:a4:43:50:c2:d0:61:70:ee:c2:4a:de:25:4a:dc:
e7:23:88:9a:69:2a:f2:83:8b:84:21:2b:21:d3:f6:
0d:35:99:d4:7a:49:5d:c2:5b:fb:f1:3f:1e:3c:8e:
a9:05:e4:16:16:5b:c9:b9:c3:92:7b:06:01:07:f6:
0a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9D:C1:EF:83:4D:11:9C:6F:18:AC:17:95:8B:7C:C3:9B:7A:B4:8C
X509v3 Authority Key Identifier:
keyid:AB:0A:84:38:46:15:6F:08:E2:D8:D7:BF:C9:1A:B3:50:53:4B:9B:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwqEOEYVbwji2Ne_yRqzUFNLm4o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b041a6-2911-40dd-b6bb-1d08c267ed9e/1/Hp3B74NNEZxvGKwXlYt8w5t6tIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/b041a6-2911-40dd-b6bb-1d08c267ed9e/1/qwqEOEYVbwji2Ne_yRqzUFNLm4o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.211.158.0/24
IPv6:
2a12:f480::/29
Signature Algorithm: sha256WithRSAEncryption
89:e6:cb:d3:51:63:f1:ca:4d:ad:38:e2:3c:5b:86:32:4a:4b:
b0:c2:31:d7:57:34:7c:82:2a:20:31:af:fd:e3:ce:a9:18:ce:
c1:e9:a3:69:96:37:2f:ca:d3:b7:71:f6:c6:ee:a3:1a:03:2d:
cc:51:a5:33:c6:0b:5d:9e:94:09:b3:77:0f:f7:a3:81:74:88:
03:e9:49:6b:f2:1d:a5:e4:92:d3:68:f9:60:fe:a2:d8:1d:04:
77:2c:7b:81:83:35:97:1b:a7:d2:29:17:10:79:a9:6c:d7:f3:
cf:53:7b:89:de:13:16:cf:0b:79:af:74:a8:85:6c:41:8c:ae:
2c:b4:86:95:97:96:25:5c:71:a2:22:d2:d3:37:41:6d:d8:92:
6b:bb:42:d8:ce:df:12:38:10:24:87:5d:8f:20:34:5f:f3:54:
79:1d:36:40:9c:7f:e9:a0:78:30:65:2f:06:3d:d1:4e:fd:be:
04:4a:ae:c3:12:cf:81:31:cd:bf:20:cb:17:1c:80:60:8f:13:
1c:8d:5f:d7:5e:2b:7c:4f:dd:73:80:83:90:2d:f5:89:50:ff:
93:1a:40:8c:37:1c:32:1c:15:3b:1e:77:f2:8e:3b:26:7a:40:
96:32:34:d0:d3:54:ae:c0:fc:b1:07:10:31:c1:e1:b7:a4:fd:
1b:2a:88:49
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt9vJn2QFxoeMSXGQDm0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMGE4NDM4NDYxNTZmMDhlMmQ4ZDdiZmM5MWFiMzUwNTM0
YjliOGEwHhcNMjQwMTAxMjAyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTlkYzFlZjgzNGQxMTljNmYxOGFjMTc5NThiN2NjMzliN2FiNDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxIXE7RtMEB+DoafNUuHrmR4bQ6M
7uyNtK38p9TP3+Scauhu55p/YkyN9CMzyYeB9n7A0d07dSP+BmCeJSsGr5LAqn9B
anr8n+tPJMpzc+UZMonovugrrpfuN9DfBT8eNoGVn+C6T+utCur2wZGziLZhA38a
K+BFewnFpM+MevytF9Q0hQjlGRdWCNn1fiGNzld/tn/Q5PlESNqJn/QBgaNmsEM0
e8npUxWwMa3QEC64y9KMvZdLZUjGQXA5g+787IbvpENQwtBhcO7CSt4lStznI4ia
aSryg4uEISsh0/YNNZnUekldwlv78T8ePI6pBeQWFlvJucOSewYBB/YK2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB6dwe+DTRGcbxisF5WLfMOberSMMB8GA1UdIwQY
MBaAFKsKhDhGFW8I4tjXv8kas1BTS5uKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdxRU9FWVZid2ppMk5lX3lScXpVRk5MbTRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy9iMDQxYTYtMjkxMS00MGRkLWI2YmIt
MWQwOGMyNjdlZDllLzEvSHAzQjc0Tk5FWnh2R0t3WGxZdDh3NXQ2dEl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy9iMDQxYTYtMjkxMS00MGRkLWI2YmItMWQwOGMyNjdlZDll
LzEvcXdxRU9FWVZid2ppMk5lX3lScXpVRk5MbTRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAstOeMA0E
AgACMAcDBQMqEvSAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ5svTUWPxyk2tOOI8W4Yy
SkuwwjHXVzR8giogMa/9486pGM7B6aNpljcvytO3cfbG7qMaAy3MUaUzxgtdnpQJ
s3cP96OBdIgD6Ulr8h2l5JLTaPlg/qLYHQR3LHuBgzWXG6fSKRcQeals1/PPU3uJ
3hMWzwt5r3SohWxBjK4stIaVl5YlXHGiItLTN0Ft2JJru0LYzt8SOBAkh12PIDRf
81R5HTZAnH/poHgwZS8GPdFO/b4ESq7DEs+BMc2/IMsXHIBgjxMcjV/XXit8T91z
gIOQLfWJUP+TGkCMNxwyHBU7HnfyjjsmekCWMjTQ01SuwPyxBxAxweG3pP0bKohJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:25:09 2025 by rpki-client