Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/HaPjKoO1y3nEpjVyBAMKHcpQ2aY.roa
File: HaPjKoO1y3nEpjVyBAMKHcpQ2aY.roa (raw, json)
Hash identifier: RTVXlr1AaYmUT22be4F+G8m7kvJJRn+cyKHlvXDCVUM=
Subject key identifier: 1D:A3:E3:2A:83:B5:CB:79:C4:A6:35:72:04:03:0A:1D:CA:50:D9:A6
Certificate issuer: /CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Certificate serial: 018CC7935EDB04BDD462EC54001A56AEEBBC
Authority key identifier: 98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/HaPjKoO1y3nEpjVyBAMKHcpQ2aY.roa
Signing time: Tue 02 Jan 2024 00:29:33 +0000
ROA not before: Tue 02 Jan 2024 00:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206764
IP address blocks: 93.95.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:5e:db:04:bd:d4:62:ec:54:00:1a:56:ae:eb:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9891c4488699e6d024e39cc4d61eeeabd38010fa
Validity
Not Before: Jan 2 00:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1da3e32a83b5cb79c4a6357204030a1dca50d9a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:85:73:b5:31:ed:57:f2:ac:23:79:ec:9e:46:
da:53:d8:58:f5:7a:7a:06:97:c5:07:46:7b:3f:70:
83:1c:c3:d5:e8:cb:1b:95:04:cf:aa:87:ae:ba:59:
18:f8:1a:cd:40:4b:52:df:59:fb:ea:96:a2:4f:3b:
e5:85:81:0b:c1:d1:0b:2c:06:3a:04:f1:14:a3:c8:
da:dd:6e:dc:0e:21:22:9f:cf:63:a9:21:0e:de:56:
d4:d2:ab:40:32:1e:66:15:ca:09:41:50:6e:03:82:
3f:e4:d8:e8:ce:e0:5c:66:05:a8:8b:f3:4c:e6:59:
41:fd:72:bc:c4:85:a7:18:d9:3e:41:38:cc:11:32:
94:85:2c:13:08:ac:03:b2:af:54:bc:d6:ec:cd:a4:
50:3d:34:c9:1c:92:49:83:99:fa:ec:be:11:d5:29:
f8:08:16:98:50:83:83:0e:2c:56:33:4b:c2:78:f1:
06:5f:ca:7a:c9:36:74:7f:40:f1:87:25:11:96:e0:
d8:64:78:c8:d3:1b:c5:89:b9:f6:09:2b:2d:24:93:
64:94:11:3f:a5:6b:f6:35:5d:19:d4:ba:7c:7a:6c:
d0:ed:52:38:6b:2e:9a:97:05:2f:b3:b8:44:50:29:
cc:e6:9b:cf:6b:8f:1a:ab:96:4b:ce:84:40:7f:ea:
7d:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:A3:E3:2A:83:B5:CB:79:C4:A6:35:72:04:03:0A:1D:CA:50:D9:A6
X509v3 Authority Key Identifier:
keyid:98:91:C4:48:86:99:E6:D0:24:E3:9C:C4:D6:1E:EE:AB:D3:80:10:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mJHESIaZ5tAk45zE1h7uq9OAEPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/HaPjKoO1y3nEpjVyBAMKHcpQ2aY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/47df00-8468-4c39-be95-e10a60596c26/1/mJHESIaZ5tAk45zE1h7uq9OAEPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.95.96.0/24
Signature Algorithm: sha256WithRSAEncryption
27:75:f3:03:6b:f2:17:ea:1e:d1:e3:35:07:94:e0:46:f5:d9:
2f:a3:5f:47:4e:46:b5:54:38:df:63:48:ca:08:8e:ca:fd:a3:
52:c1:f0:45:97:58:06:ee:8f:22:35:08:7c:5a:c0:f2:0d:90:
c2:14:55:c5:f2:cb:68:75:ef:92:25:3d:04:99:0e:50:9d:0d:
ad:b2:24:7e:18:0c:81:e3:1d:05:b4:cc:10:95:01:98:a7:44:
15:f0:4c:4e:af:30:c1:1f:bc:75:e1:77:ca:94:58:ef:46:17:
f9:fa:bd:01:f9:38:fb:d8:a4:52:9a:33:ae:6c:34:76:73:b4:
71:c8:dd:c7:a2:a1:4b:88:f3:86:ea:29:07:c6:6c:97:2f:6b:
00:ed:30:08:be:1c:83:c5:ea:63:c6:d7:cd:ce:4a:9c:3b:87:
1b:4f:9c:eb:05:48:e5:66:24:d6:87:1b:74:19:7d:1c:25:d9:
83:07:34:78:66:b8:ab:55:2d:95:d3:d5:ef:80:af:d7:b4:93:
dd:0f:59:ec:fe:13:a7:9d:10:45:86:53:86:02:ee:bf:b8:83:
24:ee:5b:13:74:b3:d3:65:a9:69:dc:02:3f:70:29:35:11:5f:
e0:7d:c6:4b:dd:29:16:95:b0:ea:14:eb:5c:13:32:c8:bf:c6:
79:83:15:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk17bBL3UYuxUABpWruu8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4OTFjNDQ4ODY5OWU2ZDAyNGUzOWNjNGQ2MWVlZWFiZDM4
MDEwZmEwHhcNMjQwMTAyMDAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGEzZTMyYTgzYjVjYjc5YzRhNjM1NzIwNDAzMGExZGNhNTBkOWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4VztTHtV/KsI3nsnkbaU9hY9Xp6
BpfFB0Z7P3CDHMPV6MsblQTPqoeuulkY+BrNQEtS31n76paiTzvlhYELwdELLAY6
BPEUo8ja3W7cDiEin89jqSEO3lbU0qtAMh5mFcoJQVBuA4I/5NjozuBcZgWoi/NM
5llB/XK8xIWnGNk+QTjMETKUhSwTCKwDsq9UvNbszaRQPTTJHJJJg5n67L4R1Sn4
CBaYUIODDixWM0vCePEGX8p6yTZ0f0DxhyURluDYZHjI0xvFibn2CSstJJNklBE/
pWv2NV0Z1Lp8emzQ7VI4ay6alwUvs7hEUCnM5pvPa48aq5ZLzoRAf+p9IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2j4yqDtct5xKY1cgQDCh3KUNmmMB8GA1UdIwQY
MBaAFJiRxEiGmebQJOOcxNYe7qvTgBD6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUt
ZTEwYTYwNTk2YzI2LzEvSGFQaktvTzF5M25FcGpWeUJBTUtIY3BRMmFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi80N2RmMDAtODQ2OC00YzM5LWJlOTUtZTEwYTYwNTk2YzI2
LzEvbUpIRVNJYVo1dEFrNDV6RTFoN3VxOU9BRVBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXV9gMA0G
CSqGSIb3DQEBCwUAA4IBAQAndfMDa/IX6h7R4zUHlOBG9dkvo19HTka1VDjfY0jK
CI7K/aNSwfBFl1gG7o8iNQh8WsDyDZDCFFXF8stode+SJT0EmQ5QnQ2tsiR+GAyB
4x0FtMwQlQGYp0QV8ExOrzDBH7x14XfKlFjvRhf5+r0B+Tj72KRSmjOubDR2c7Rx
yN3HoqFLiPOG6ikHxmyXL2sA7TAIvhyDxepjxtfNzkqcO4cbT5zrBUjlZiTWhxt0
GX0cJdmDBzR4ZrirVS2V09XvgK/XtJPdD1ns/hOnnRBFhlOGAu6/uIMk7lsTdLPT
Zalp3AI/cCk1EV/gfcZL3SkWlbDqFOtcEzLIv8Z5gxX4
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:34:33 2025 by rpki-client