Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/h6wzQpJhqqRXLVSSNX76iJRFaAI.roa
File: h6wzQpJhqqRXLVSSNX76iJRFaAI.roa (raw, json)
Hash identifier: M+fHF4o4k7Ua88UXJSXnPG24mCESu8q7y7YeuYHBRGI=
Subject key identifier: 87:AC:33:42:92:61:AA:A4:57:2D:54:92:35:7E:FA:88:94:45:68:02
Certificate issuer: /CN=ce28340a209b2ba12ae903a74cbb5e2e23aed238
Certificate serial: 018CC42562D3C6638B49A6A1DAA7DF907C4F
Authority key identifier: CE:28:34:0A:20:9B:2B:A1:2A:E9:03:A7:4C:BB:5E:2E:23:AE:D2:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zig0CiCbK6Eq6QOnTLteLiOu0jg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/h6wzQpJhqqRXLVSSNX76iJRFaAI.roa
Signing time: Mon 01 Jan 2024 08:30:33 +0000
ROA not before: Mon 01 Jan 2024 08:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62298
IP address blocks: 91.205.40.0/24 maxlen: 24
2a01:5340::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:62:d3:c6:63:8b:49:a6:a1:da:a7:df:90:7c:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce28340a209b2ba12ae903a74cbb5e2e23aed238
Validity
Not Before: Jan 1 08:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=87ac33429261aaa4572d5492357efa8894456802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f1:32:18:d8:da:d4:a4:d9:bd:59:6f:78:f8:
36:8b:53:8b:a9:86:5a:f8:8d:a4:ba:5d:1a:44:a3:
33:0d:6b:68:d2:b6:00:b8:6b:5d:06:db:7a:93:ae:
eb:0e:59:ee:92:97:2e:5a:b7:90:a4:2b:a4:16:67:
11:37:33:b2:ae:c2:e9:08:96:45:24:da:af:b8:9a:
25:6c:28:ae:3a:fc:7a:bb:58:a2:66:bf:1c:3f:16:
09:c3:c1:f7:29:7c:e8:e5:d2:33:fa:00:db:1e:ec:
23:7b:57:22:a4:4f:d3:b3:36:78:97:e7:09:c5:5b:
34:59:84:64:f7:10:b4:87:d0:82:8b:69:b9:bc:fe:
cb:9b:a5:ff:67:e1:3e:64:52:ec:02:79:48:af:c6:
c8:8c:79:e1:da:db:2f:00:7e:6d:5f:65:ce:f0:b6:
b5:a9:cc:9b:99:a3:93:b2:8c:cc:28:53:95:d5:fe:
43:03:30:67:4f:18:26:02:c2:85:11:09:7f:a1:39:
3d:f6:39:b3:f8:55:e2:89:ff:bf:5b:ad:cc:57:87:
f5:7e:5a:ae:3a:72:26:b6:53:43:b1:7b:36:81:52:
4e:c1:f7:15:1a:79:13:70:63:16:ba:4d:06:5e:2c:
fc:0c:46:74:6e:48:9a:77:89:00:94:73:ce:43:30:
7a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:AC:33:42:92:61:AA:A4:57:2D:54:92:35:7E:FA:88:94:45:68:02
X509v3 Authority Key Identifier:
keyid:CE:28:34:0A:20:9B:2B:A1:2A:E9:03:A7:4C:BB:5E:2E:23:AE:D2:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zig0CiCbK6Eq6QOnTLteLiOu0jg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/h6wzQpJhqqRXLVSSNX76iJRFaAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/45c689-751f-46d7-9b6c-b1fc547b7322/1/zig0CiCbK6Eq6QOnTLteLiOu0jg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.40.0/24
IPv6:
2a01:5340::/29
Signature Algorithm: sha256WithRSAEncryption
6e:21:95:b3:12:11:e8:98:fd:10:65:c3:c0:c9:f6:2b:5c:c4:
2c:f7:32:1e:34:9a:b1:1e:1d:93:5f:77:6a:82:d3:cd:b6:3f:
be:9a:c5:38:83:a0:90:72:3f:2a:b4:27:db:81:cf:c8:a6:43:
ec:83:63:38:44:48:66:77:49:dc:33:eb:ac:38:96:f3:3a:24:
04:b1:6d:03:5b:54:67:6b:e8:fc:ee:45:8e:8e:76:d0:a7:02:
8b:7e:87:3b:8c:2d:62:1b:c6:21:a8:d1:cf:52:b0:43:09:f6:
10:b1:79:58:34:eb:56:10:8e:64:ac:b7:82:65:a2:e9:a8:9b:
f9:8e:7e:4e:18:3e:9d:36:1d:6f:b7:af:9f:79:ef:07:3c:bd:
cd:65:ca:b1:0c:2b:fb:3e:66:83:b7:a2:8e:0f:46:96:c0:ee:
fe:16:c4:cb:bd:08:ff:c6:f9:64:8a:2d:6f:82:f8:0f:7e:05:
9d:c9:8b:ff:3b:df:0f:62:e8:22:1c:c7:de:a0:ea:74:ea:3f:
cd:35:1d:6c:0c:75:45:ef:04:2d:89:e1:13:0a:bf:ad:d2:6b:
70:a4:0b:d2:ab:54:c0:c2:18:ce:85:b0:9d:5d:b5:59:3a:52:
fb:74:e9:b4:3b:6b:70:8a:8e:6a:d9:66:b5:5c:22:7d:ca:27:
4e:ac:24:cf
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJWLTxmOLSaah2qffkHxPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMjgzNDBhMjA5YjJiYTEyYWU5MDNhNzRjYmI1ZTJlMjNh
ZWQyMzgwHhcNMjQwMTAxMDgzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2FjMzM0MjkyNjFhYWE0NTcyZDU0OTIzNTdlZmE4ODk0NDU2ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofEyGNja1KTZvVlvePg2i1OLqYZa
+I2kul0aRKMzDWto0rYAuGtdBtt6k67rDlnukpcuWreQpCukFmcRNzOyrsLpCJZF
JNqvuJolbCiuOvx6u1iiZr8cPxYJw8H3KXzo5dIz+gDbHuwje1cipE/TszZ4l+cJ
xVs0WYRk9xC0h9CCi2m5vP7Lm6X/Z+E+ZFLsAnlIr8bIjHnh2tsvAH5tX2XO8La1
qcybmaOTsozMKFOV1f5DAzBnTxgmAsKFEQl/oTk99jmz+FXiif+/W63MV4f1flqu
OnImtlNDsXs2gVJOwfcVGnkTcGMWuk0GXiz8DEZ0bkiad4kAlHPOQzB6oQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIesM0KSYaqkVy1UkjV++oiURWgCMB8GA1UdIwQY
MBaAFM4oNAogmyuhKukDp0y7Xi4jrtI4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemlnMENpQ2JLNkVxNlFPblRMdGVMaU91MGpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80NWM2ODktNzUxZi00NmQ3LTliNmMt
YjFmYzU0N2I3MzIyLzEvaDZ3elFwSmhxcVJYTFZTU05YNzZpSlJGYUFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80NWM2ODktNzUxZi00NmQ3LTliNmMtYjFmYzU0N2I3MzIy
LzEvemlnMENpQ2JLNkVxNlFPblRMdGVMaU91MGpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW80oMA0E
AgACMAcDBQMqAVNAMA0GCSqGSIb3DQEBCwUAA4IBAQBuIZWzEhHomP0QZcPAyfYr
XMQs9zIeNJqxHh2TX3dqgtPNtj++msU4g6CQcj8qtCfbgc/IpkPsg2M4REhmd0nc
M+usOJbzOiQEsW0DW1Rna+j87kWOjnbQpwKLfoc7jC1iG8YhqNHPUrBDCfYQsXlY
NOtWEI5krLeCZaLpqJv5jn5OGD6dNh1vt6+fee8HPL3NZcqxDCv7PmaDt6KOD0aW
wO7+FsTLvQj/xvlkii1vgvgPfgWdyYv/O98PYugiHMfeoOp06j/NNR1sDHVF7wQt
ieETCr+t0mtwpAvSq1TAwhjOhbCdXbVZOlL7dOm0O2twio5q2Wa1XCJ9yidOrCTP
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:22:39 2025 by rpki-client