Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/hPXCU67W62QwiLx0WWE3O8AfOUk.roa
File: hPXCU67W62QwiLx0WWE3O8AfOUk.roa (raw, json)
Hash identifier: oePWuppcbyRGRaxjLhwhFWZFFWyxO+i9lGSXPgqytQ0=
Subject key identifier: 84:F5:C2:53:AE:D6:EB:64:30:88:BC:74:59:61:37:3B:C0:1F:39:49
Certificate issuer: /CN=95d9fc815e90ca87927907c5eab3fe79ca215eaa
Certificate serial: 01935331735681AC840A3623D9A8AFA706DE
Authority key identifier: 95:D9:FC:81:5E:90:CA:87:92:79:07:C5:EA:B3:FE:79:CA:21:5E:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/hPXCU67W62QwiLx0WWE3O8AfOUk.roa
Signing time: Fri 22 Nov 2024 09:26:09 +0000
ROA not before: Fri 22 Nov 2024 09:26:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21362
IP address blocks: 193.109.232.0/24 maxlen: 24
194.187.92.0/22 maxlen: 22
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:53:31:73:56:81:ac:84:0a:36:23:d9:a8:af:a7:06:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=95d9fc815e90ca87927907c5eab3fe79ca215eaa
Validity
Not Before: Nov 22 09:26:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84f5c253aed6eb643088bc745961373bc01f3949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:48:f4:25:e7:e4:59:66:f9:d5:4b:c2:95:0b:
84:a5:fe:b7:da:3f:3f:0d:43:c1:2f:28:e0:36:d7:
8c:a8:a9:1c:bd:f1:0b:ae:82:29:fd:8a:d4:bc:28:
95:ab:0b:f3:71:5b:0c:9b:c4:5d:93:92:14:37:d2:
33:a0:3b:c3:35:73:79:af:51:39:0a:32:ca:81:be:
6a:70:94:63:db:2b:fa:60:7e:e3:e0:30:2f:15:71:
42:02:82:d3:b6:20:2f:43:7e:2f:9b:e9:25:55:eb:
e6:45:d6:90:e7:02:c0:67:b9:f9:88:11:f6:25:b6:
ce:d1:cc:e6:7d:47:31:0f:93:21:41:92:57:ae:c5:
24:91:40:47:fe:15:e5:e6:f2:3c:2c:cd:66:72:7e:
a8:53:f6:21:1d:22:6e:80:43:4d:58:3b:19:bd:14:
75:85:8d:ed:ce:e3:42:1b:75:86:33:54:9f:de:b7:
5b:b6:07:e8:57:9e:86:2a:7c:53:f5:ed:a0:6e:5d:
68:ce:09:6d:8d:5f:c7:ca:91:0d:a9:ed:b8:92:ae:
8d:2e:d3:3d:b6:33:db:f6:d5:86:ef:fa:b1:b7:da:
d5:d0:09:dd:f2:32:d7:71:6e:88:96:fb:b9:29:67:
95:c2:0a:ab:18:6b:e4:45:b4:4d:cf:69:51:d6:68:
b4:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:F5:C2:53:AE:D6:EB:64:30:88:BC:74:59:61:37:3B:C0:1F:39:49
X509v3 Authority Key Identifier:
keyid:95:D9:FC:81:5E:90:CA:87:92:79:07:C5:EA:B3:FE:79:CA:21:5E:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ldn8gV6QyoeSeQfF6rP-ecohXqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/hPXCU67W62QwiLx0WWE3O8AfOUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/9caa50-a510-417a-b589-8ce4179232c8/1/ldn8gV6QyoeSeQfF6rP-ecohXqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.232.0/24
194.187.92.0/22
Signature Algorithm: sha256WithRSAEncryption
96:c3:9a:d7:30:ea:f1:1c:a8:8e:27:d2:cc:b3:8a:d1:7d:3d:
ee:26:59:5a:b6:c3:2f:90:ad:80:e1:14:03:b4:cb:f0:f6:6d:
a4:73:a3:40:50:5f:5e:b1:85:6f:7e:f0:7a:23:ec:82:db:45:
5f:a7:80:1f:5d:94:72:6a:7a:84:53:91:99:7b:9b:b9:c4:c2:
a3:4c:ac:80:c0:9b:db:f0:b5:e9:25:66:14:b2:76:73:24:9b:
e4:ca:a9:e5:98:1f:71:da:0f:40:ba:0b:a7:51:7c:c7:04:38:
af:ca:a6:88:b5:1b:4a:18:08:37:c1:46:ad:c0:84:ae:95:3f:
ea:48:4c:dd:31:fb:77:58:20:cb:57:be:bd:19:62:8d:c0:01:
53:93:3a:2c:3c:4a:e6:10:f2:9a:eb:11:2b:a2:8c:92:ce:14:
c3:f3:1f:73:1d:a2:d1:87:82:41:bb:1a:e2:ae:f9:76:c5:b5:
3f:06:80:97:cb:b2:88:4d:18:60:6c:f9:a7:40:c3:75:48:cd:
4e:f2:1d:d1:08:81:d9:58:15:1a:c9:35:6e:7f:c2:56:8e:12:
cb:68:b8:f9:78:69:36:29:db:86:16:c8:7b:81:87:c0:98:0c:
9b:ac:10:f8:de:6d:a8:94:8d:b8:11:9a:a4:c2:43:de:c1:a4:
f5:d7:af:3b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNTMXNWgayECjYj2aivpwbeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ZDlmYzgxNWU5MGNhODc5Mjc5MDdjNWVhYjNmZTc5Y2Ey
MTVlYWEwHhcNMjQxMTIyMDkyNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGY1YzI1M2FlZDZlYjY0MzA4OGJjNzQ1OTYxMzczYmMwMWYzOTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtEj0JefkWWb51UvClQuEpf632j8/
DUPBLyjgNteMqKkcvfELroIp/YrUvCiVqwvzcVsMm8Rdk5IUN9IzoDvDNXN5r1E5
CjLKgb5qcJRj2yv6YH7j4DAvFXFCAoLTtiAvQ34vm+klVevmRdaQ5wLAZ7n5iBH2
JbbO0czmfUcxD5MhQZJXrsUkkUBH/hXl5vI8LM1mcn6oU/YhHSJugENNWDsZvRR1
hY3tzuNCG3WGM1Sf3rdbtgfoV56GKnxT9e2gbl1ozgltjV/HypENqe24kq6NLtM9
tjPb9tWG7/qxt9rV0And8jLXcW6Ilvu5KWeVwgqrGGvkRbRNz2lR1mi0iQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIT1wlOu1utkMIi8dFlhNzvAHzlJMB8GA1UdIwQY
MBaAFJXZ/IFekMqHknkHxeqz/nnKIV6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbGRuOGdWNlF5b2VTZVFmRjZyUC1lY29oWHFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS85Y2FhNTAtYTUxMC00MTdhLWI1ODkt
OGNlNDE3OTIzMmM4LzEvaFBYQ1U2N1c2MlF3aUx4MFdXRTNPOEFmT1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS85Y2FhNTAtYTUxMC00MTdhLWI1ODktOGNlNDE3OTIzMmM4
LzEvbGRuOGdWNlF5b2VTZVFmRjZyUC1lY29oWHFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwW3oAwQC
wrtcMA0GCSqGSIb3DQEBCwUAA4IBAQCWw5rXMOrxHKiOJ9LMs4rRfT3uJllatsMv
kK2A4RQDtMvw9m2kc6NAUF9esYVvfvB6I+yC20Vfp4AfXZRyanqEU5GZe5u5xMKj
TKyAwJvb8LXpJWYUsnZzJJvkyqnlmB9x2g9AugunUXzHBDivyqaItRtKGAg3wUat
wISulT/qSEzdMft3WCDLV769GWKNwAFTkzosPErmEPKa6xErooySzhTD8x9zHaLR
h4JBuxrirvl2xbU/BoCXy7KITRhgbPmnQMN1SM1O8h3RCIHZWBUayTVuf8JWjhLL
aLj5eGk2KduGFsh7gYfAmAybrBD43m2olI24EZqkwkPewaT11687
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:43:32 2025 by rpki-client