Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/98d41e-234e-45e7-82eb-3d1e0ee4b651/1/H2Gl6r-sx_kg92CD30cIG3tuPCg.roa
File: H2Gl6r-sx_kg92CD30cIG3tuPCg.roa (raw, json)
Hash identifier: UpJiZQRPZY2HIWJEh4M6veBeH/0oK+GHY3P3ZwMxnD0=
Subject key identifier: 1F:61:A5:EA:BF:AC:C7:F9:20:F7:60:83:DF:47:08:1B:7B:6E:3C:28
Certificate issuer: /CN=5bcaab7aa1ac7143f8bc823c734b1673a09bb880
Certificate serial: 018CC94D58F2B466A0C20846392DBD2CEED9
Authority key identifier: 5B:CA:AB:7A:A1:AC:71:43:F8:BC:82:3C:73:4B:16:73:A0:9B:B8:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W8qreqGscUP4vII8c0sWc6CbuIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/98d41e-234e-45e7-82eb-3d1e0ee4b651/1/H2Gl6r-sx_kg92CD30cIG3tuPCg.roa
Signing time: Tue 02 Jan 2024 08:32:18 +0000
ROA not before: Tue 02 Jan 2024 08:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16263
IP address blocks: 193.111.144.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:58:f2:b4:66:a0:c2:08:46:39:2d:bd:2c:ee:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bcaab7aa1ac7143f8bc823c734b1673a09bb880
Validity
Not Before: Jan 2 08:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f61a5eabfacc7f920f76083df47081b7b6e3c28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ad:85:df:5e:c5:c3:92:c2:1d:31:b1:0b:5f:
ab:fc:58:d8:10:fa:86:31:f6:61:74:15:c1:30:d3:
fe:a5:de:77:b9:97:e6:a4:e2:15:1a:dc:d5:35:df:
6f:0b:a4:f1:4a:cc:dc:1f:05:00:c1:ca:60:15:3e:
c0:5f:b0:b3:e3:58:b2:2b:da:8d:f6:eb:55:d1:7c:
c5:40:ac:61:12:af:af:d4:e4:f2:30:c4:33:1a:90:
1b:2e:ac:cb:57:3e:07:56:6e:7f:2b:0e:93:82:05:
4b:e0:10:fa:ef:40:50:fd:a6:a1:83:28:dc:6e:bd:
7f:1b:ba:eb:1b:5f:f1:04:c4:7b:6e:64:bc:6e:b2:
63:2e:75:44:e7:f2:15:6c:64:a3:83:4a:c8:5a:0f:
91:22:8f:17:ed:ad:9c:a9:15:ab:d7:05:c6:0f:78:
fa:30:88:59:d4:3b:ea:55:89:16:dd:7a:f3:69:39:
f1:d2:fe:7b:a8:27:b1:be:3a:1a:36:87:c0:bb:95:
ad:9f:b0:9e:dc:4c:92:47:1c:c8:f8:c4:19:cc:7b:
5f:e6:7c:09:17:80:02:02:48:3f:09:33:b0:9b:2e:
88:0d:08:19:6d:43:26:c2:04:45:12:69:4b:a8:b2:
60:23:46:35:7f:1f:79:ba:46:4b:07:91:c7:89:2a:
2b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:61:A5:EA:BF:AC:C7:F9:20:F7:60:83:DF:47:08:1B:7B:6E:3C:28
X509v3 Authority Key Identifier:
keyid:5B:CA:AB:7A:A1:AC:71:43:F8:BC:82:3C:73:4B:16:73:A0:9B:B8:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W8qreqGscUP4vII8c0sWc6CbuIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d41e-234e-45e7-82eb-3d1e0ee4b651/1/H2Gl6r-sx_kg92CD30cIG3tuPCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/98d41e-234e-45e7-82eb-3d1e0ee4b651/1/W8qreqGscUP4vII8c0sWc6CbuIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.144.0/22
Signature Algorithm: sha256WithRSAEncryption
04:b6:d6:ee:d5:78:96:f6:2a:d2:89:68:c1:ba:39:f0:79:81:
26:74:11:f4:78:33:9a:7a:fc:67:0c:ab:27:f3:49:fd:8d:4d:
24:4f:26:2c:52:64:c9:78:ab:fe:61:bf:17:3c:4a:eb:06:1d:
75:bc:cd:bf:1e:0f:f3:a4:20:90:06:33:43:03:83:9b:57:2f:
51:65:14:57:bd:4f:39:fc:0c:45:37:16:29:f5:d2:a2:5d:38:
65:b4:b4:9e:f7:b9:b7:97:e9:bc:02:b8:83:35:99:9d:f0:ab:
1a:5e:f3:07:90:c9:6f:6b:ad:5f:42:07:66:79:63:5e:b2:2a:
2a:39:ae:78:3b:f4:84:1c:78:27:df:67:b6:58:c7:1e:42:55:
ea:92:fc:e6:a2:a2:b1:9f:f1:17:62:16:2d:88:d7:38:a2:ac:
7d:46:fe:a8:bf:e5:df:3f:3d:16:9c:1f:ca:f2:b1:60:a8:37:
7a:e7:a7:83:c1:58:80:a7:e6:0e:be:41:cf:fc:09:a9:d3:9a:
e9:c8:55:24:82:28:ee:c9:71:b1:56:8c:ee:22:d3:d3:31:55:
07:6b:7a:d6:f5:49:1e:65:25:23:37:03:56:61:18:ef:90:00:
f3:30:bb:70:7a:1a:7e:b6:1f:08:bb:74:a5:e3:d9:9d:a2:34:
b0:5d:2f:6a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTVjytGagwghGOS29LO7ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViY2FhYjdhYTFhYzcxNDNmOGJjODIzYzczNGIxNjczYTA5
YmI4ODAwHhcNMjQwMTAyMDgzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjYxYTVlYWJmYWNjN2Y5MjBmNzYwODNkZjQ3MDgxYjdiNmUzYzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqq2F317Fw5LCHTGxC1+r/FjYEPqG
MfZhdBXBMNP+pd53uZfmpOIVGtzVNd9vC6TxSszcHwUAwcpgFT7AX7Cz41iyK9qN
9utV0XzFQKxhEq+v1OTyMMQzGpAbLqzLVz4HVm5/Kw6TggVL4BD670BQ/aahgyjc
br1/G7rrG1/xBMR7bmS8brJjLnVE5/IVbGSjg0rIWg+RIo8X7a2cqRWr1wXGD3j6
MIhZ1DvqVYkW3XrzaTnx0v57qCexvjoaNofAu5Wtn7Ce3EySRxzI+MQZzHtf5nwJ
F4ACAkg/CTOwmy6IDQgZbUMmwgRFEmlLqLJgI0Y1fx95ukZLB5HHiSorLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9hpeq/rMf5IPdgg99HCBt7bjwoMB8GA1UdIwQY
MBaAFFvKq3qhrHFD+LyCPHNLFnOgm7iAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzhxcmVxR3NjVVA0dklJOGMwc1djNkNidUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi85OGQ0MWUtMjM0ZS00NWU3LTgyZWIt
M2QxZTBlZTRiNjUxLzEvSDJHbDZyLXN4X2tnOTJDRDMwY0lHM3R1UENnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi85OGQ0MWUtMjM0ZS00NWU3LTgyZWItM2QxZTBlZTRiNjUx
LzEvVzhxcmVxR3NjVVA0dklJOGMwc1djNkNidUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwW+QMA0G
CSqGSIb3DQEBCwUAA4IBAQAEttbu1XiW9irSiWjBujnweYEmdBH0eDOaevxnDKsn
80n9jU0kTyYsUmTJeKv+Yb8XPErrBh11vM2/Hg/zpCCQBjNDA4ObVy9RZRRXvU85
/AxFNxYp9dKiXThltLSe97m3l+m8AriDNZmd8KsaXvMHkMlva61fQgdmeWNesioq
Oa54O/SEHHgn32e2WMceQlXqkvzmoqKxn/EXYhYtiNc4oqx9Rv6ov+XfPz0WnB/K
8rFgqDd656eDwViAp+YOvkHP/Amp05rpyFUkgijuyXGxVozuItPTMVUHa3rW9Uke
ZSUjNwNWYRjvkADzMLtwehp+th8Iu3Sl49mdojSwXS9q
-----END CERTIFICATE-----
Generated at Tue Apr 22 02:18:44 2025 by rpki-client