Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HrEbqibhhkqP7o60cqOeQ1udVL8.roa
File: HrEbqibhhkqP7o60cqOeQ1udVL8.roa (raw, json)
Hash identifier: mE3ZJ+jwI+pPnkmWM3/93TjLMfls+6GjL/GRsLmXw/Y=
Subject key identifier: 1E:B1:1B:AA:26:E1:86:4A:8F:EE:8E:B4:72:A3:9E:43:5B:9D:54:BF
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0193EAED9B636ABD4C45D08642F8128F60B9
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HrEbqibhhkqP7o60cqOeQ1udVL8.roa
Signing time: Sat 21 Dec 2024 20:34:20 +0000
ROA not before: Sat 21 Dec 2024 20:34:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197537
IP address blocks: 62.171.244.0/22 maxlen: 24
213.18.242.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ea:ed:9b:63:6a:bd:4c:45:d0:86:42:f8:12:8f:60:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Dec 21 20:34:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eb11baa26e1864a8fee8eb472a39e435b9d54bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:99:ea:ad:ac:63:41:35:19:6a:8d:f0:9b:cb:
72:b4:d1:13:7c:e8:db:78:29:bf:72:05:ca:66:a9:
0b:a7:8b:bb:2f:56:42:e7:28:db:6b:fd:3c:d9:49:
9e:0a:e6:bc:87:a6:dc:68:91:e2:68:e8:1f:39:39:
52:ca:58:41:fa:aa:44:80:b0:51:98:0e:1c:99:bc:
7f:79:5d:71:00:2e:94:56:9c:86:74:87:8b:ac:9d:
7d:f5:d4:51:38:23:b3:7b:46:7e:59:e2:5e:ae:32:
f0:d4:2b:32:f6:c2:26:5a:9d:89:2f:ef:be:fc:46:
c7:f3:15:15:ed:03:02:06:3f:0f:bd:8f:7d:07:98:
09:00:f2:d4:63:88:37:77:39:b0:de:e6:38:85:ae:
84:9c:a2:5e:a8:93:bc:3b:80:c9:7f:29:57:eb:f6:
55:03:20:31:76:06:c9:2b:f6:26:56:e7:8d:e8:c9:
84:0b:09:41:18:97:da:51:23:7d:92:2f:21:c0:58:
ac:cc:64:4c:21:32:e7:98:ba:32:29:b1:a1:1c:ab:
74:e5:22:e3:b3:bf:e8:50:32:7f:00:eb:96:e8:fa:
ad:ed:2b:dc:68:a2:31:ef:b4:69:79:c9:45:fd:28:
08:56:4f:6c:fd:b9:2b:e5:3e:86:d8:31:df:00:f3:
03:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:B1:1B:AA:26:E1:86:4A:8F:EE:8E:B4:72:A3:9E:43:5B:9D:54:BF
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/HrEbqibhhkqP7o60cqOeQ1udVL8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.244.0/22
213.18.242.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:23:3e:15:77:a1:1c:1c:cb:59:2d:2c:d2:e6:06:ca:52:3d:
0e:28:e5:11:0c:c3:3b:4b:55:a2:fe:17:af:68:61:bc:bc:ff:
fe:00:70:b8:87:64:a1:ab:5d:86:b8:b3:80:52:5e:25:59:44:
0b:1a:c1:f7:2c:39:3e:15:7d:bc:7c:76:ca:c0:59:4c:e4:fd:
20:0d:ee:e9:fa:c8:47:13:89:6b:d4:b0:86:4b:e7:37:10:df:
b1:76:2d:0e:8d:ff:68:ef:d3:b2:9d:f5:a9:00:a5:89:bb:da:
2b:15:a5:19:0e:af:9e:db:f1:2c:9a:af:33:0b:37:f9:41:dc:
f4:a1:3f:b1:a6:cb:9f:26:22:54:94:0a:01:0f:aa:77:d2:03:
5e:8a:46:ae:51:b1:84:13:53:3b:6e:3b:7c:38:11:ad:18:8a:
a0:8f:e0:29:4c:b3:73:15:38:aa:25:ef:49:d4:14:44:89:c3:
29:54:43:11:dc:a0:d1:15:84:7f:8f:ec:0b:94:36:c1:a6:1a:
96:19:23:af:4e:5c:97:ab:d2:0b:cd:c2:ef:b5:fd:d2:b4:c2:
36:5e:6a:a0:9d:f1:7d:7a:40:5c:a3:b1:7e:f1:24:67:0b:58:
c7:1d:e8:7e:38:b6:4a:3a:10:0c:e7:f8:37:12:20:fc:17:0c:
7e:6d:13:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZPq7Ztjar1MRdCGQvgSj2C5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjQxMjIxMjAzNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWIxMWJhYTI2ZTE4NjRhOGZlZThlYjQ3MmEzOWU0MzViOWQ1NGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5nqraxjQTUZao3wm8tytNETfOjb
eCm/cgXKZqkLp4u7L1ZC5yjba/082UmeCua8h6bcaJHiaOgfOTlSylhB+qpEgLBR
mA4cmbx/eV1xAC6UVpyGdIeLrJ199dRROCOze0Z+WeJerjLw1Csy9sImWp2JL+++
/EbH8xUV7QMCBj8PvY99B5gJAPLUY4g3dzmw3uY4ha6EnKJeqJO8O4DJfylX6/ZV
AyAxdgbJK/YmVueN6MmECwlBGJfaUSN9ki8hwFiszGRMITLnmLoyKbGhHKt05SLj
s7/oUDJ/AOuW6Pqt7SvcaKIx77RpeclF/SgIVk9s/bkr5T6G2DHfAPMDDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB6xG6om4YZKj+6OtHKjnkNbnVS/MB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvSHJFYnFpYmhoa3FQN282MGNxT2VRMXVkVkw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPqv0AwQB
1RLyMA0GCSqGSIb3DQEBCwUAA4IBAQCkIz4Vd6EcHMtZLSzS5gbKUj0OKOURDMM7
S1Wi/hevaGG8vP/+AHC4h2Shq12GuLOAUl4lWUQLGsH3LDk+FX28fHbKwFlM5P0g
De7p+shHE4lr1LCGS+c3EN+xdi0Ojf9o79OynfWpAKWJu9orFaUZDq+e2/Esmq8z
Czf5Qdz0oT+xpsufJiJUlAoBD6p30gNeikauUbGEE1M7bjt8OBGtGIqgj+ApTLNz
FTiqJe9J1BREicMpVEMR3KDRFYR/j+wLlDbBphqWGSOvTlyXq9ILzcLvtf3StMI2
XmqgnfF9ekBco7F+8SRnC1jHHeh+OLZKOhAM5/g3EiD8Fwx+bRN5
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:50:06 2025 by rpki-client