Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/6bdac7-62d4-4033-b9ad-31034c356fa3/1/RHnmXrYK4VZcsi9_67qhiwtd6JE.roa
File: RHnmXrYK4VZcsi9_67qhiwtd6JE.roa (raw, json)
Hash identifier: kT6JK4YgUku4RxEBkUHOuDr0Y5Lm23+ADbgBhbrS6/k=
Subject key identifier: 44:79:E6:5E:B6:0A:E1:56:5C:B2:2F:7F:EB:BA:A1:8B:0B:5D:E8:91
Certificate issuer: /CN=833e535db7e1b715ae34e9f1ddbd843692f6fefa
Certificate serial: 0192B9A479B589A9949A5A16EDB3DD729A9F
Authority key identifier: 83:3E:53:5D:B7:E1:B7:15:AE:34:E9:F1:DD:BD:84:36:92:F6:FE:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz5TXbfhtxWuNOnx3b2ENpL2_vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/6bdac7-62d4-4033-b9ad-31034c356fa3/1/RHnmXrYK4VZcsi9_67qhiwtd6JE.roa
Signing time: Wed 23 Oct 2024 13:50:16 +0000
ROA not before: Wed 23 Oct 2024 13:50:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214094
IP address blocks: 64.190.76.0/24 maxlen: 24
2001:67c:e28::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:a4:79:b5:89:a9:94:9a:5a:16:ed:b3:dd:72:9a:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e535db7e1b715ae34e9f1ddbd843692f6fefa
Validity
Not Before: Oct 23 13:50:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4479e65eb60ae1565cb22f7febbaa18b0b5de891
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:a6:b3:ca:c1:82:c0:09:b9:15:b3:d5:43:24:
9e:0a:c1:d2:6c:8a:50:aa:c9:20:da:43:7a:a7:02:
1c:39:ad:df:7e:c7:53:ee:01:40:d6:e6:ed:34:77:
16:30:a6:c0:ba:98:96:2d:9a:b8:44:bf:15:b5:ed:
dd:ed:da:6f:76:64:7b:29:38:4d:93:68:7c:12:67:
61:35:a4:97:3c:b0:af:77:82:52:a5:72:1a:1b:ab:
87:45:cb:10:f0:48:ed:61:1b:1e:6e:9a:6b:8e:46:
3e:48:eb:16:24:6a:c3:0b:69:73:fe:38:6b:a8:36:
da:b7:7f:0d:46:34:59:d7:0e:7b:e8:d4:b2:2c:73:
11:25:e4:b5:ae:1b:fa:89:e7:79:78:2d:4f:7a:02:
64:a0:68:83:83:aa:92:a6:bb:f7:ac:9f:65:54:27:
6f:8f:7c:a3:ff:79:31:3d:a6:e9:aa:d7:99:70:8b:
19:6e:e7:f6:cd:ad:bd:43:28:40:10:5d:ff:e4:ab:
1f:cb:f3:f4:c5:b7:20:e6:0c:e7:7b:e2:d0:fc:a4:
fc:63:5d:f1:6d:e0:0e:cc:99:02:5e:86:d6:5f:ba:
2c:ec:59:77:c1:12:7f:0d:7e:38:c2:c3:4b:ad:47:
76:6a:9b:68:32:9c:c3:42:e9:65:3a:c0:a4:24:fe:
91:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:79:E6:5E:B6:0A:E1:56:5C:B2:2F:7F:EB:BA:A1:8B:0B:5D:E8:91
X509v3 Authority Key Identifier:
keyid:83:3E:53:5D:B7:E1:B7:15:AE:34:E9:F1:DD:BD:84:36:92:F6:FE:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz5TXbfhtxWuNOnx3b2ENpL2_vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6bdac7-62d4-4033-b9ad-31034c356fa3/1/RHnmXrYK4VZcsi9_67qhiwtd6JE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/6bdac7-62d4-4033-b9ad-31034c356fa3/1/gz5TXbfhtxWuNOnx3b2ENpL2_vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.190.76.0/24
IPv6:
2001:67c:e28::/48
Signature Algorithm: sha256WithRSAEncryption
53:de:75:53:9f:e0:f8:7b:26:8a:22:e2:56:0b:ef:64:03:b6:
a8:0b:40:93:de:8d:c6:f3:30:e8:19:77:7b:4e:7d:be:bd:f5:
0f:a3:ae:75:2d:25:cc:03:c7:92:27:47:f1:5a:48:d3:89:e7:
7d:de:9c:cf:81:84:70:b3:c6:8e:3a:ea:37:f4:70:af:b9:f4:
63:b4:fc:2d:b9:11:d4:ca:e3:df:c5:e9:69:b5:16:73:9c:0c:
f4:1b:64:e9:c9:07:bb:48:f8:5a:f0:f7:81:d4:1b:6c:6e:b4:
d8:47:d3:d7:1b:cd:97:ad:f4:dc:0f:c1:f6:07:52:a1:a7:06:
6a:bf:42:db:d3:4d:cb:a7:6b:f4:18:c8:a5:43:22:37:9b:3a:
d3:66:7d:50:30:74:98:f9:a8:7e:e7:30:85:4f:5a:62:8c:eb:
1e:13:e6:c5:a9:24:cc:23:53:bb:b6:13:b2:63:4a:d8:be:51:
3f:b9:30:28:db:32:9f:cf:62:29:0b:25:cc:77:54:d0:40:a5:
69:cd:62:30:ea:4c:77:b2:04:92:32:38:11:a5:23:86:8e:ca:
bf:00:5a:1f:62:33:47:d0:53:0e:1f:7e:9e:eb:76:a4:91:63:
04:0d:14:b8:cf:22:69:e1:92:a6:a5:d8:ae:cf:c3:e3:82:f5:
ac:07:85:30
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZK5pHm1iamUmloW7bPdcpqfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2U1MzVkYjdlMWI3MTVhZTM0ZTlmMWRkYmQ4NDM2OTJm
NmZlZmEwHhcNMjQxMDIzMTM1MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDc5ZTY1ZWI2MGFlMTU2NWNiMjJmN2ZlYmJhYTE4YjBiNWRlODkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx6azysGCwAm5FbPVQySeCsHSbIpQ
qskg2kN6pwIcOa3ffsdT7gFA1ubtNHcWMKbAupiWLZq4RL8Vte3d7dpvdmR7KThN
k2h8EmdhNaSXPLCvd4JSpXIaG6uHRcsQ8EjtYRsebpprjkY+SOsWJGrDC2lz/jhr
qDbat38NRjRZ1w576NSyLHMRJeS1rhv6ied5eC1PegJkoGiDg6qSprv3rJ9lVCdv
j3yj/3kxPabpqteZcIsZbuf2za29QyhAEF3/5Ksfy/P0xbcg5gzne+LQ/KT8Y13x
beAOzJkCXobWX7os7Fl3wRJ/DX44wsNLrUd2aptoMpzDQullOsCkJP6RQQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFER55l62CuFWXLIvf+u6oYsLXeiRMB8GA1UdIwQY
MBaAFIM+U1234bcVrjTp8d29hDaS9v76MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o1VFhiZmh0eFd1Tk9ueDNiMkVOcEwyX3ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82YmRhYzctNjJkNC00MDMzLWI5YWQt
MzEwMzRjMzU2ZmEzLzEvUkhubVhyWUs0Vlpjc2k5XzY3cWhpd3RkNkpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82YmRhYzctNjJkNC00MDMzLWI5YWQtMzEwMzRjMzU2ZmEz
LzEvZ3o1VFhiZmh0eFd1Tk9ueDNiMkVOcEwyX3ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAQL5MMA8E
AgACMAkDBwAgAQZ8DigwDQYJKoZIhvcNAQELBQADggEBAFPedVOf4Ph7Jooi4lYL
72QDtqgLQJPejcbzMOgZd3tOfb699Q+jrnUtJcwDx5InR/FaSNOJ533enM+BhHCz
xo466jf0cK+59GO0/C25EdTK49/F6Wm1FnOcDPQbZOnJB7tI+Frw94HUG2xutNhH
09cbzZet9NwPwfYHUqGnBmq/QtvTTcuna/QYyKVDIjebOtNmfVAwdJj5qH7nMIVP
WmKM6x4T5sWpJMwjU7u2E7JjSti+UT+5MCjbMp/PYikLJcx3VNBApWnNYjDqTHey
BJIyOBGlI4aOyr8AWh9iM0fQUw4ffp7rdqSRYwQNFLjPImnhkqal2K7Pw+OC9awH
hTA=
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:12:33 2025 by rpki-client