Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/Hp67PMrclU6Oy8HoEk9-JZtx1cc.roa
File: Hp67PMrclU6Oy8HoEk9-JZtx1cc.roa (raw, json)
Hash identifier: li29o2DTl2tNGox92xw6fMg+8v2QWgjsqdhJ8rxpiwA=
Subject key identifier: 1E:9E:BB:3C:CA:DC:95:4E:8E:CB:C1:E8:12:4F:7E:25:9B:71:D5:C7
Certificate issuer: /CN=b3674e822f3876d27deaed5f66dbe9c1a422eb16
Certificate serial: 01946108C249580C2BDCA88AF50891D303D6
Authority key identifier: B3:67:4E:82:2F:38:76:D2:7D:EA:ED:5F:66:DB:E9:C1:A4:22:EB:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s2dOgi84dtJ96u1fZtvpwaQi6xY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/Hp67PMrclU6Oy8HoEk9-JZtx1cc.roa
Signing time: Mon 13 Jan 2025 18:59:11 +0000
ROA not before: Mon 13 Jan 2025 18:59:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212150
IP address blocks: 79.110.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 21:19:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:61:08:c2:49:58:0c:2b:dc:a8:8a:f5:08:91:d3:03:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3674e822f3876d27deaed5f66dbe9c1a422eb16
Validity
Not Before: Jan 13 18:59:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e9ebb3ccadc954e8ecbc1e8124f7e259b71d5c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a9:65:8a:50:2b:22:16:ea:31:89:83:58:36:
d5:7e:9c:c9:b2:2b:3a:6a:5a:e9:d0:09:b5:e7:10:
be:f2:72:5b:a9:55:29:e3:74:a0:e6:38:9f:60:86:
30:69:c0:ea:a3:d2:e0:cf:ec:93:94:62:88:d8:20:
8e:56:87:86:fe:d7:4b:6b:75:a9:90:fd:98:a1:5c:
64:4e:2b:4e:29:fd:48:cf:c5:69:dd:db:24:19:7a:
5b:7d:f5:e4:d1:dd:b1:53:6f:d0:97:87:0c:6e:a6:
f0:47:38:4f:90:29:36:38:17:17:bc:6b:93:27:34:
11:6f:08:24:cc:b5:f1:60:2e:8d:7b:8a:15:86:69:
d9:4e:54:e7:b6:b2:9d:b6:12:d4:8b:4c:34:50:49:
f8:80:c1:9b:63:79:c5:7b:01:db:68:42:21:10:9f:
94:72:89:8a:3f:b7:9f:00:bf:1f:2c:6b:85:c3:25:
2b:7a:4c:13:b3:14:21:1f:d9:46:85:e0:3c:9d:7c:
df:ec:fb:31:e2:af:ce:72:ca:b4:55:9c:1a:63:43:
5e:d6:7d:8d:80:f1:f4:d5:9d:9c:a9:e7:23:61:04:
df:c2:f6:0e:82:3a:2a:f8:4b:44:7e:d6:70:39:eb:
8b:49:b3:74:f4:8a:43:66:97:3b:4b:59:d7:97:a3:
4b:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:9E:BB:3C:CA:DC:95:4E:8E:CB:C1:E8:12:4F:7E:25:9B:71:D5:C7
X509v3 Authority Key Identifier:
keyid:B3:67:4E:82:2F:38:76:D2:7D:EA:ED:5F:66:DB:E9:C1:A4:22:EB:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s2dOgi84dtJ96u1fZtvpwaQi6xY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/Hp67PMrclU6Oy8HoEk9-JZtx1cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/393251-b488-40d3-be39-f8f08fe64838/1/s2dOgi84dtJ96u1fZtvpwaQi6xY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.238.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:6b:c9:0f:e6:d1:7e:ef:3e:93:70:b0:43:57:6d:33:0a:7b:
70:c5:a5:c1:f8:a2:c1:08:6e:84:97:34:93:14:33:7c:70:df:
b0:94:7c:ab:1d:db:2e:7f:13:25:bc:68:78:8f:24:fe:1f:04:
24:b0:59:59:73:b4:e5:8b:0d:d6:05:4e:42:75:94:43:db:91:
ba:28:64:23:be:11:bd:7b:41:d9:e9:5f:fe:db:6d:2d:fe:50:
b0:98:f4:bd:5c:08:6b:c6:e7:05:f4:a1:06:30:d5:2d:78:bf:
56:76:82:0d:9f:24:10:25:15:e5:e8:a7:30:23:80:c6:75:21:
8b:9d:99:da:fc:c6:2f:46:9c:3a:b5:80:8c:df:5c:83:5b:94:
67:87:9e:11:a1:5b:96:91:d4:21:28:40:8c:84:1d:19:ab:13:
36:e3:24:5f:08:56:43:18:e6:a1:4a:59:7d:20:0b:4d:f6:2a:
04:75:10:52:fe:b7:fc:0e:da:0e:6b:2a:c3:c0:48:3a:bc:57:
fb:16:0a:19:66:a1:47:7f:11:b3:01:0b:ac:b7:14:91:28:0e:
5f:03:45:37:e3:d1:af:cf:2e:41:f4:3b:b2:c2:97:c9:74:15:
82:d3:4c:66:c3:a1:42:71:89:07:a9:43:3b:c3:da:62:ff:ce:
36:e5:bd:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRhCMJJWAwr3KiK9QiR0wPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNjc0ZTgyMmYzODc2ZDI3ZGVhZWQ1ZjY2ZGJlOWMxYTQy
MmViMTYwHhcNMjUwMTEzMTg1OTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTllYmIzY2NhZGM5NTRlOGVjYmMxZTgxMjRmN2UyNTliNzFkNWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKllilArIhbqMYmDWDbVfpzJsis6
alrp0Am15xC+8nJbqVUp43Sg5jifYIYwacDqo9Lgz+yTlGKI2CCOVoeG/tdLa3Wp
kP2YoVxkTitOKf1Iz8Vp3dskGXpbffXk0d2xU2/Ql4cMbqbwRzhPkCk2OBcXvGuT
JzQRbwgkzLXxYC6Ne4oVhmnZTlTntrKdthLUi0w0UEn4gMGbY3nFewHbaEIhEJ+U
comKP7efAL8fLGuFwyUrekwTsxQhH9lGheA8nXzf7Psx4q/Ocsq0VZwaY0Ne1n2N
gPH01Z2cqecjYQTfwvYOgjoq+EtEftZwOeuLSbN09IpDZpc7S1nXl6NLowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB6euzzK3JVOjsvB6BJPfiWbcdXHMB8GA1UdIwQY
MBaAFLNnToIvOHbSfertX2bb6cGkIusWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczJkT2dpODRkdEo5NnUxZlp0dnB3YVFpNnhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8zOTMyNTEtYjQ4OC00MGQzLWJlMzkt
ZjhmMDhmZTY0ODM4LzEvSHA2N1BNcmNsVTZPeThIb0VrOS1KWnR4MWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8zOTMyNTEtYjQ4OC00MGQzLWJlMzktZjhmMDhmZTY0ODM4
LzEvczJkT2dpODRkdEo5NnUxZlp0dnB3YVFpNnhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAT27uMA0G
CSqGSIb3DQEBCwUAA4IBAQCea8kP5tF+7z6TcLBDV20zCntwxaXB+KLBCG6ElzST
FDN8cN+wlHyrHdsufxMlvGh4jyT+HwQksFlZc7Tliw3WBU5CdZRD25G6KGQjvhG9
e0HZ6V/+220t/lCwmPS9XAhrxucF9KEGMNUteL9WdoINnyQQJRXl6KcwI4DGdSGL
nZna/MYvRpw6tYCM31yDW5Rnh54RoVuWkdQhKECMhB0ZqxM24yRfCFZDGOahSll9
IAtN9ioEdRBS/rf8DtoOayrDwEg6vFf7FgoZZqFHfxGzAQustxSRKA5fA0U349Gv
zy5B9DuywpfJdBWC00xmw6FCcYkHqUM7w9pi/8425b0M
-----END CERTIFICATE-----
Generated at Sun Apr 13 12:06:47 2025 by rpki-client