Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/hqSJmNvyWy93FBBYpesr43pOvZY.roa
File: hqSJmNvyWy93FBBYpesr43pOvZY.roa (raw, json)
Hash identifier: UoCzQPaDQpFe1N1zjuSFecmlCY09TsxVwueE3zw5z1c=
Subject key identifier: 86:A4:89:98:DB:F2:5B:2F:77:14:10:58:A5:EB:2B:E3:7A:4E:BD:96
Certificate issuer: /CN=210da9e7af01de75448f4906aac41bd2964e8847
Certificate serial: 018CC3B6EF259F8441C2F14BF9DFAE852529
Authority key identifier: 21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/hqSJmNvyWy93FBBYpesr43pOvZY.roa
Signing time: Mon 01 Jan 2024 06:29:55 +0000
ROA not before: Mon 01 Jan 2024 06:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15830
IP address blocks: 159.100.60.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ef:25:9f:84:41:c2:f1:4b:f9:df:ae:85:25:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=210da9e7af01de75448f4906aac41bd2964e8847
Validity
Not Before: Jan 1 06:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86a48998dbf25b2f77141058a5eb2be37a4ebd96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:d9:e9:23:a5:5e:1a:14:23:63:1d:19:a5:11:
56:6b:9c:e5:2b:08:bf:a5:68:f3:fb:bf:a2:54:56:
f8:fb:d7:21:fd:19:e7:0a:99:fd:f0:85:58:d0:a2:
c3:14:bf:b9:1b:5d:a9:ee:b2:d3:e8:63:8e:e2:1f:
f1:d9:7c:9a:74:ca:c9:56:a3:57:80:cf:5d:2c:fb:
e5:5c:52:85:df:f2:71:60:32:25:77:4f:82:6d:c3:
0a:d9:f3:72:6d:32:94:e5:54:c7:e8:9d:55:c4:a8:
3c:28:27:bb:63:6f:63:e1:8e:d5:0b:33:94:a6:94:
13:63:f0:b4:e2:b0:65:df:32:66:2a:9e:f3:e8:cc:
7e:a1:07:04:14:70:87:29:e1:96:29:9d:0f:aa:0a:
e2:95:c1:bd:ad:e2:3d:fd:bf:fb:60:a0:83:ee:81:
df:52:0a:f4:bc:2c:5f:0d:7e:59:7a:b5:6d:7d:c3:
56:e4:0c:e2:de:33:43:a3:28:7c:36:95:f0:8c:6d:
16:d1:35:a0:e7:e7:e0:d1:c1:d9:41:65:be:2a:56:
0a:73:10:90:ec:92:2c:dd:b7:08:cf:ca:e0:5a:f4:
2a:4e:f2:4d:d9:ef:30:d0:39:14:63:f9:5b:2d:b0:
0f:d1:ec:93:ab:24:e8:4b:c3:6a:0f:5c:08:72:cf:
65:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A4:89:98:DB:F2:5B:2F:77:14:10:58:A5:EB:2B:E3:7A:4E:BD:96
X509v3 Authority Key Identifier:
keyid:21:0D:A9:E7:AF:01:DE:75:44:8F:49:06:AA:C4:1B:D2:96:4E:88:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IQ2p568B3nVEj0kGqsQb0pZOiEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/hqSJmNvyWy93FBBYpesr43pOvZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/f27821-4ccf-4d2e-8b15-6e12774f851e/1/IQ2p568B3nVEj0kGqsQb0pZOiEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.100.60.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:4f:78:81:0c:31:f2:20:8f:7f:39:0f:28:72:1f:6b:bd:4e:
33:d8:8c:0c:ae:66:7f:c0:3f:f3:fa:c3:27:6d:95:6c:af:0d:
95:a8:1f:e4:94:93:54:96:26:be:b4:c5:1b:8b:6a:4a:8a:b5:
cf:e9:6b:6c:83:a7:8d:5d:b2:92:8e:3f:03:a0:c0:ab:03:a1:
c0:1e:b2:98:b8:8c:e7:69:28:d8:e2:6a:94:b5:e8:28:89:c6:
bf:e1:cd:a0:27:b7:27:7b:66:91:1b:5e:93:b0:d0:a9:0f:82:
60:39:14:e6:e3:4e:e4:f0:8d:af:87:2e:c5:08:62:3f:f9:64:
6c:72:23:aa:73:38:d3:82:0f:d1:b8:c6:29:22:47:b8:0c:19:
af:95:6a:33:2d:7b:f1:41:29:f6:ab:84:0a:28:75:60:c9:ec:
24:a9:7a:96:b1:46:48:30:f3:d5:6a:e4:1d:fd:8b:ec:4f:a9:
e9:e5:04:0b:90:f5:71:fd:2a:85:24:2a:3d:32:c3:47:0b:58:
8e:8e:46:12:09:b4:4a:ee:60:21:ba:90:38:7c:71:24:79:64:
bf:e7:5a:cf:e4:46:ac:06:a6:72:6d:b3:42:cb:c1:ab:df:7c:
94:1e:5f:12:30:df:7c:a1:53:db:3f:9e:ed:41:21:56:6e:c4:
72:45:d1:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtu8ln4RBwvFL+d+uhSUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMGRhOWU3YWYwMWRlNzU0NDhmNDkwNmFhYzQxYmQyOTY0
ZTg4NDcwHhcNMjQwMTAxMDYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmE0ODk5OGRiZjI1YjJmNzcxNDEwNThhNWViMmJlMzdhNGViZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAptnpI6VeGhQjYx0ZpRFWa5zlKwi/
pWjz+7+iVFb4+9ch/RnnCpn98IVY0KLDFL+5G12p7rLT6GOO4h/x2XyadMrJVqNX
gM9dLPvlXFKF3/JxYDIld0+CbcMK2fNybTKU5VTH6J1VxKg8KCe7Y29j4Y7VCzOU
ppQTY/C04rBl3zJmKp7z6Mx+oQcEFHCHKeGWKZ0PqgrilcG9reI9/b/7YKCD7oHf
Ugr0vCxfDX5ZerVtfcNW5Azi3jNDoyh8NpXwjG0W0TWg5+fg0cHZQWW+KlYKcxCQ
7JIs3bcIz8rgWvQqTvJN2e8w0DkUY/lbLbAP0eyTqyToS8NqD1wIcs9l7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIakiZjb8lsvdxQQWKXrK+N6Tr2WMB8GA1UdIwQY
MBaAFCENqeevAd51RI9JBqrEG9KWTohHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUt
NmUxMjc3NGY4NTFlLzEvaHFTSm1OdnlXeTkzRkJCWXBlc3I0M3BPdlpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9mMjc4MjEtNGNjZi00ZDJlLThiMTUtNmUxMjc3NGY4NTFl
LzEvSVEycDU2OEIzblZFajBrR3FzUWIwcFpPaUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCn2Q8MA0G
CSqGSIb3DQEBCwUAA4IBAQAqT3iBDDHyII9/OQ8och9rvU4z2IwMrmZ/wD/z+sMn
bZVsrw2VqB/klJNUlia+tMUbi2pKirXP6Wtsg6eNXbKSjj8DoMCrA6HAHrKYuIzn
aSjY4mqUtegoica/4c2gJ7cne2aRG16TsNCpD4JgORTm407k8I2vhy7FCGI/+WRs
ciOqczjTgg/RuMYpIke4DBmvlWozLXvxQSn2q4QKKHVgyewkqXqWsUZIMPPVauQd
/YvsT6np5QQLkPVx/SqFJCo9MsNHC1iOjkYSCbRK7mAhupA4fHEkeWS/51rP5Eas
BqZybbNCy8Gr33yUHl8SMN98oVPbP57tQSFWbsRyRdHN
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:37:28 2025 by rpki-client