Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hPJe3ZTHXe8s7n0-fzL34kCvVCM.roa
File: hPJe3ZTHXe8s7n0-fzL34kCvVCM.roa (raw, json)
Hash identifier: ypRM5ChK2XFhOgPC/RgFU0QbV3DzZDZZ1wHi9xy/CD0=
Subject key identifier: 84:F2:5E:DD:94:C7:5D:EF:2C:EE:7D:3E:7F:32:F7:E2:40:AF:54:23
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 019402C9FB315EB789ACC1B1F7A4E9BDF8F2
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hPJe3ZTHXe8s7n0-fzL34kCvVCM.roa
Signing time: Thu 26 Dec 2024 11:46:19 +0000
ROA not before: Thu 26 Dec 2024 11:46:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12389
IP address blocks: 2a04:c106::/32 maxlen: 32
2a10:d8c0::/32 maxlen: 32
2a11:b85::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:02:c9:fb:31:5e:b7:89:ac:c1:b1:f7:a4:e9:bd:f8:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Dec 26 11:46:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84f25edd94c75def2cee7d3e7f32f7e240af5423
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:76:ad:6e:f3:0d:0e:73:a2:6b:b8:f7:59:db:
de:3f:5f:73:72:fd:d8:13:ee:da:18:8d:6b:80:a3:
b7:ad:22:6e:6e:a2:79:16:4c:06:c7:bd:54:34:5c:
96:0a:df:91:89:f2:a4:5d:43:f5:69:5f:65:32:24:
0c:e0:e3:10:39:0e:e1:7d:bc:1a:53:cd:5e:5a:6d:
d8:39:81:a9:39:19:11:1e:b6:4c:02:6d:8c:2f:a9:
76:a6:99:ed:25:79:a1:07:8a:c9:dc:fe:de:b6:23:
8b:84:7b:90:da:9e:29:2f:cf:77:a4:89:12:22:c1:
f4:9b:fe:40:1b:e2:88:32:ae:7e:50:c9:bf:46:85:
78:25:ad:1a:fb:09:1e:1c:48:bc:f2:03:67:5a:03:
ec:b9:a9:8c:c8:bd:fe:ba:c0:2a:03:e7:ee:6e:8b:
ea:48:77:13:c0:45:6e:e2:17:6a:ef:21:c1:4e:8e:
00:9f:1e:d9:1c:47:5b:f2:5c:7a:4c:8f:b4:60:fb:
a2:45:a7:99:a1:62:b7:57:3b:a1:00:cf:06:6d:18:
87:f3:c6:2f:ad:17:a8:49:4a:b7:21:61:2c:24:fa:
ee:dd:12:f8:08:1e:fa:f1:5d:6c:2a:d7:cf:f8:66:
d8:ad:55:54:5b:3f:54:5a:94:7d:6c:83:0d:71:c0:
3a:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F2:5E:DD:94:C7:5D:EF:2C:EE:7D:3E:7F:32:F7:E2:40:AF:54:23
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/hPJe3ZTHXe8s7n0-fzL34kCvVCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a04:c106::/32
2a10:d8c0::/32
2a11:b85::/32
Signature Algorithm: sha256WithRSAEncryption
81:79:ff:07:61:04:14:e5:89:82:6c:aa:59:b7:a6:80:f2:a7:
b2:30:0b:a2:cf:c5:7e:6b:fc:45:82:ef:d9:ab:59:14:84:8a:
a4:9a:0d:18:81:77:5c:41:d3:40:b9:e7:4f:aa:8e:cb:81:3b:
2a:ad:63:cb:c1:d1:ea:7e:3d:5f:41:ce:99:5f:2b:a8:ca:92:
8c:f7:8d:52:25:a5:61:47:4d:d0:b4:93:35:b9:b6:ea:3b:27:
e5:2c:70:13:f4:70:1f:15:49:9f:95:10:6e:09:4c:fa:d0:22:
89:17:c5:58:02:23:f3:00:b9:92:97:ab:4a:07:3c:21:06:9e:
e1:0b:71:95:e6:1d:1a:a4:7e:d9:4d:c2:12:03:f6:f1:09:6e:
6d:80:d5:ed:1d:18:95:9a:86:30:7d:8a:03:9d:6c:93:d5:3a:
2e:00:cd:99:51:0d:8f:68:06:13:84:9a:f6:7a:68:f6:e3:a0:
c2:ec:a3:75:a3:46:f2:8d:b3:7b:39:fb:97:da:8c:03:bc:13:
f7:21:f7:4d:c0:d8:ee:61:25:03:4d:22:ca:fa:e1:41:d7:ed:
60:cb:79:5c:ec:e9:8c:4e:66:12:96:1b:10:eb:8e:76:2e:f5:
ab:49:79:4e:a6:10:67:d7:f1:bd:70:61:0c:21:4e:98:24:6f:
a7:f5:4f:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQCyfsxXreJrMGx96TpvfjyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQxMjI2MTE0NjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGYyNWVkZDk0Yzc1ZGVmMmNlZTdkM2U3ZjMyZjdlMjQwYWY1NDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXatbvMNDnOia7j3WdveP19zcv3Y
E+7aGI1rgKO3rSJubqJ5FkwGx71UNFyWCt+RifKkXUP1aV9lMiQM4OMQOQ7hfbwa
U81eWm3YOYGpORkRHrZMAm2ML6l2ppntJXmhB4rJ3P7etiOLhHuQ2p4pL893pIkS
IsH0m/5AG+KIMq5+UMm/RoV4Ja0a+wkeHEi88gNnWgPsuamMyL3+usAqA+fubovq
SHcTwEVu4hdq7yHBTo4Anx7ZHEdb8lx6TI+0YPuiRaeZoWK3VzuhAM8GbRiH88Yv
rReoSUq3IWEsJPru3RL4CB768V1sKtfP+GbYrVVUWz9UWpR9bIMNccA67wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFITyXt2Ux13vLO59Pn8y9+JAr1QjMB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvaFBKZTNaVEhYZThzN24wLWZ6TDM0a0N2VkNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgTBBgMF
ACoQ2MADBQAqEQuFMA0GCSqGSIb3DQEBCwUAA4IBAQCBef8HYQQU5YmCbKpZt6aA
8qeyMAuiz8V+a/xFgu/Zq1kUhIqkmg0YgXdcQdNAuedPqo7LgTsqrWPLwdHqfj1f
Qc6ZXyuoypKM941SJaVhR03QtJM1ubbqOyflLHAT9HAfFUmflRBuCUz60CKJF8VY
AiPzALmSl6tKBzwhBp7hC3GV5h0apH7ZTcISA/bxCW5tgNXtHRiVmoYwfYoDnWyT
1TouAM2ZUQ2PaAYThJr2emj246DC7KN1o0byjbN7OfuX2owDvBP3IfdNwNjuYSUD
TSLK+uFB1+1gy3lc7OmMTmYSlhsQ6452LvWrSXlOphBn1/G9cGEMIU6YJG+n9U9E
-----END CERTIFICATE-----
Generated at Sun Apr 6 21:25:56 2025 by rpki-client