Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/HtjvO8XpFfxN4LdHo7p4fFk-RlY.roa
File: HtjvO8XpFfxN4LdHo7p4fFk-RlY.roa (raw, json)
Hash identifier: s1+r43gnlayjJw2CEFB9rKgOM69J2t5zsC6SYoCuz4E=
Subject key identifier: 1E:D8:EF:3B:C5:E9:15:FC:4D:E0:B7:47:A3:BA:78:7C:59:3E:46:56
Certificate issuer: /CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Certificate serial: 0192AEFB4B416E8A6988946FD57DF95A36AC
Authority key identifier: B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/HtjvO8XpFfxN4LdHo7p4fFk-RlY.roa
Signing time: Mon 21 Oct 2024 12:09:17 +0000
ROA not before: Mon 21 Oct 2024 12:09:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31262
IP address blocks: 212.49.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:fb:4b:41:6e:8a:69:88:94:6f:d5:7d:f9:5a:36:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b914961f67f22c61e84a66c8ad9c1a8ce51d099b
Validity
Not Before: Oct 21 12:09:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1ed8ef3bc5e915fc4de0b747a3ba787c593e4656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:cb:06:ce:43:d3:28:16:d6:90:56:78:74:68:
3e:35:97:f7:8b:d5:95:fd:da:70:bd:d6:40:19:58:
03:80:4e:29:d5:56:72:5f:97:6a:66:9c:ff:93:8a:
6f:00:51:82:7f:bc:1f:55:55:ca:2d:ed:ff:a4:cb:
4d:4f:b0:e6:58:c3:23:9a:ca:a7:4e:61:3b:9f:fe:
df:8c:67:3c:8a:8b:1f:b7:e1:ba:66:71:26:4f:80:
6b:e1:2a:33:8c:bf:50:93:0c:f0:c5:94:60:08:ed:
66:ec:b9:a3:82:06:06:46:63:e7:48:6e:40:22:fc:
40:dd:ee:90:a1:f7:fc:5a:89:5d:07:a3:88:7a:5f:
a2:ce:53:55:3d:af:c8:f4:50:a5:cc:6d:d4:bb:d5:
3b:e8:10:20:88:75:3d:c6:d7:b4:db:54:bd:74:ce:
4d:38:71:49:5b:8e:31:59:7e:bc:56:a2:61:1b:57:
0c:1a:2e:10:16:3f:44:14:58:c8:77:9e:49:ec:5b:
16:10:71:e7:22:a4:b0:ce:df:9b:f4:c0:e6:39:ea:
16:6c:77:31:fe:69:95:3c:8e:31:5d:a9:6b:70:0b:
17:28:c2:e5:14:f7:df:06:d8:e2:e8:69:90:28:b1:
44:0a:35:bd:e8:20:b6:34:7f:3b:80:f6:76:c4:39:
96:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D8:EF:3B:C5:E9:15:FC:4D:E0:B7:47:A3:BA:78:7C:59:3E:46:56
X509v3 Authority Key Identifier:
keyid:B9:14:96:1F:67:F2:2C:61:E8:4A:66:C8:AD:9C:1A:8C:E5:1D:09:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uRSWH2fyLGHoSmbIrZwajOUdCZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/HtjvO8XpFfxN4LdHo7p4fFk-RlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0917a7-9ebd-45b9-9de2-27473ca612de/1/uRSWH2fyLGHoSmbIrZwajOUdCZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.49.145.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c9:c1:ac:53:14:60:57:1e:aa:18:8c:b2:a1:09:ac:90:6c:
6e:5c:4c:03:6d:88:70:48:ab:1f:19:90:ea:a3:b4:27:6e:6f:
2c:f8:c7:5f:2b:8e:24:b8:50:81:48:8b:0a:ef:e5:8f:50:3c:
13:51:b0:b4:82:14:6d:d1:74:b4:23:6a:9f:78:d2:36:cd:c9:
6a:8f:8f:14:b1:0b:47:c2:72:24:df:fe:15:2b:d3:b4:16:30:
82:42:20:d9:7e:80:55:11:3d:b6:6a:dc:99:ec:a6:bd:e6:f5:
37:8f:1b:7d:e7:4e:c8:b7:3f:f2:d0:04:8f:2d:34:e4:43:f3:
cd:da:e1:3d:27:34:4b:4b:8a:77:d3:c3:f3:54:78:1f:f6:fe:
99:46:06:97:c1:44:1b:b3:53:93:5a:6f:2d:28:a7:42:3d:a5:
d1:af:c9:ed:b2:43:c2:ab:21:04:e2:9b:bf:ab:91:e6:eb:52:
ad:31:22:d8:15:24:ab:54:f4:2d:fa:16:07:32:de:58:0d:ec:
bb:6e:95:e8:e9:ff:9c:90:16:d5:fc:64:14:0a:dc:f9:cd:da:
4b:cc:5d:bc:94:61:87:9d:bf:f3:69:f1:96:fa:51:8b:9b:8a:
5d:9b:54:44:b7:c3:07:75:9c:8f:13:a6:5a:ae:1c:c2:b1:24:
25:7c:61:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKu+0tBboppiJRv1X35WjasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5MTQ5NjFmNjdmMjJjNjFlODRhNjZjOGFkOWMxYThjZTUx
ZDA5OWIwHhcNMjQxMDIxMTIwOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ4ZWYzYmM1ZTkxNWZjNGRlMGI3NDdhM2JhNzg3YzU5M2U0NjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMsGzkPTKBbWkFZ4dGg+NZf3i9WV
/dpwvdZAGVgDgE4p1VZyX5dqZpz/k4pvAFGCf7wfVVXKLe3/pMtNT7DmWMMjmsqn
TmE7n/7fjGc8iosft+G6ZnEmT4Br4SozjL9QkwzwxZRgCO1m7LmjggYGRmPnSG5A
IvxA3e6Qoff8WoldB6OIel+izlNVPa/I9FClzG3Uu9U76BAgiHU9xte021S9dM5N
OHFJW44xWX68VqJhG1cMGi4QFj9EFFjId55J7FsWEHHnIqSwzt+b9MDmOeoWbHcx
/mmVPI4xXalrcAsXKMLlFPffBtji6GmQKLFECjW96CC2NH87gPZ2xDmWBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB7Y7zvF6RX8TeC3R6O6eHxZPkZWMB8GA1UdIwQY
MBaAFLkUlh9n8ixh6EpmyK2cGozlHQmbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTIt
Mjc0NzNjYTYxMmRlLzEvSHRqdk84WHBGZnhONExkSG83cDRmRmstUmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wOTE3YTctOWViZC00NWI5LTlkZTItMjc0NzNjYTYxMmRl
LzEvdVJTV0gyZnlMR0hvU21iSXJad2FqT1VkQ1pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1DGRMA0G
CSqGSIb3DQEBCwUAA4IBAQAMycGsUxRgVx6qGIyyoQmskGxuXEwDbYhwSKsfGZDq
o7Qnbm8s+MdfK44kuFCBSIsK7+WPUDwTUbC0ghRt0XS0I2qfeNI2zclqj48UsQtH
wnIk3/4VK9O0FjCCQiDZfoBVET22atyZ7Ka95vU3jxt9507Itz/y0ASPLTTkQ/PN
2uE9JzRLS4p308PzVHgf9v6ZRgaXwUQbs1OTWm8tKKdCPaXRr8ntskPCqyEE4pu/
q5Hm61KtMSLYFSSrVPQt+hYHMt5YDey7bpXo6f+ckBbV/GQUCtz5zdpLzF28lGGH
nb/zafGW+lGLm4pdm1REt8MHdZyPE6ZarhzCsSQlfGFE
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:31:23 2025 by rpki-client