Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/1HbC3ihkQnTCyJAdj3Dx55aYCU0.roa
File: 1HbC3ihkQnTCyJAdj3Dx55aYCU0.roa (raw, json)
Hash identifier: 5btH+RL0rcMK5w9gdmmyvvCCon9RL+02yUUweQerWXQ=
Subject key identifier: D4:76:C2:DE:28:64:42:74:C2:C8:90:1D:8F:70:F1:E7:96:98:09:4D
Certificate issuer: /CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Certificate serial: 018CC7940D44F9D604AFD4DD600E453AA2E2
Authority key identifier: 25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/1HbC3ihkQnTCyJAdj3Dx55aYCU0.roa
Signing time: Tue 02 Jan 2024 00:30:17 +0000
ROA not before: Tue 02 Jan 2024 00:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 194.104.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 14 Jun 2024 05:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:0d:44:f9:d6:04:af:d4:dd:60:0e:45:3a:a2:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25bbed0bff7ffeab67f302b411a00701854a6c30
Validity
Not Before: Jan 2 00:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d476c2de28644274c2c8901d8f70f1e79698094d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:d4:fe:7d:92:73:44:09:7b:46:69:bb:89:a1:
75:10:a9:f8:ae:fd:c7:71:62:22:5a:68:e7:9c:28:
3e:4c:58:3e:51:f4:12:61:99:07:c1:6b:db:8b:c6:
d6:bb:a8:22:7a:2f:e0:dc:43:56:93:1c:6f:7f:83:
a2:c8:b8:cd:4e:59:1d:63:5d:d7:12:b5:b3:71:ec:
70:25:d2:e4:61:b3:1a:e1:11:2e:cb:d0:eb:15:e5:
73:73:60:5b:80:d1:2b:9f:3e:69:8e:ce:03:dc:4b:
69:d2:d1:c6:a0:2c:60:d8:0c:4a:c1:fd:74:a3:ad:
4b:7f:78:42:1d:4f:53:5b:11:2d:ec:b9:f9:70:0f:
cc:2f:9c:65:6a:1a:42:53:33:67:ea:56:aa:2f:13:
94:12:19:86:51:55:88:f4:fa:4e:b8:de:ce:27:8c:
1b:7b:7b:32:60:e9:81:58:0e:13:34:59:23:70:55:
ed:28:24:ca:0f:9a:1c:4a:55:4e:5f:40:fd:42:0b:
82:45:d9:8c:ee:74:2e:cd:c4:0a:6d:b1:0c:8a:9d:
11:69:1b:02:09:41:5f:5e:ef:49:07:28:03:ce:f5:
30:cf:7a:67:19:b3:60:0f:a1:8c:3b:c5:98:06:fc:
00:d1:d1:ce:fa:31:a9:85:34:6f:01:b1:7c:5b:41:
02:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:76:C2:DE:28:64:42:74:C2:C8:90:1D:8F:70:F1:E7:96:98:09:4D
X509v3 Authority Key Identifier:
keyid:25:BB:ED:0B:FF:7F:FE:AB:67:F3:02:B4:11:A0:07:01:85:4A:6C:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JbvtC_9__qtn8wK0EaAHAYVKbDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/1HbC3ihkQnTCyJAdj3Dx55aYCU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/3b9aff-f00d-4187-af94-5717b4544237/1/JbvtC_9__qtn8wK0EaAHAYVKbDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.104.138.0/24
Signature Algorithm: sha256WithRSAEncryption
96:3a:1a:3f:dd:1e:f2:97:b5:8d:85:ec:e9:7e:ab:d5:d3:61:
2f:a0:11:7f:6c:6e:ea:35:4d:a1:07:53:74:82:ab:cc:54:31:
86:b8:60:a0:99:96:42:61:84:79:22:38:06:6a:2d:64:dc:0d:
48:93:c4:b0:21:ed:6d:18:ad:3e:cc:e5:87:6b:6f:ed:0f:57:
5b:07:51:31:d4:58:97:05:62:76:d4:b8:5d:e3:78:72:d0:6f:
9f:01:c7:5c:53:a9:82:ed:81:25:06:2a:b1:20:32:39:75:00:
54:3e:c9:8c:c5:9f:18:53:11:af:29:08:13:e1:03:e8:b5:1f:
de:42:d8:20:68:d9:44:2c:b2:13:f6:cf:5b:97:f5:2f:a6:4c:
6c:11:c5:fa:3b:80:e0:58:2a:21:51:b7:28:fb:c5:a1:e6:98:
25:df:b9:22:a9:86:b2:9c:57:f4:b3:37:ed:66:30:4b:c7:af:
ff:01:7c:38:cc:db:72:ab:1b:75:fa:7a:02:28:95:fc:93:56:
36:1e:f8:9d:43:74:0a:bc:17:3a:ff:7e:9a:eb:3e:8b:9c:04:
b5:77:41:de:8b:29:80:c1:bd:be:12:dc:cb:eb:d5:f2:df:78:
17:77:c5:f1:53:f4:0f:f4:6d:fb:af:06:c9:e9:06:70:af:19:
83:e2:bc:f0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlA1E+dYEr9TdYA5FOqLiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1YmJlZDBiZmY3ZmZlYWI2N2YzMDJiNDExYTAwNzAxODU0
YTZjMzAwHhcNMjQwMTAyMDAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDc2YzJkZTI4NjQ0Mjc0YzJjODkwMWQ4ZjcwZjFlNzk2OTgwOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9T+fZJzRAl7Rmm7iaF1EKn4rv3H
cWIiWmjnnCg+TFg+UfQSYZkHwWvbi8bWu6giei/g3ENWkxxvf4OiyLjNTlkdY13X
ErWzcexwJdLkYbMa4REuy9DrFeVzc2BbgNErnz5pjs4D3Etp0tHGoCxg2AxKwf10
o61Lf3hCHU9TWxEt7Ln5cA/ML5xlahpCUzNn6laqLxOUEhmGUVWI9PpOuN7OJ4wb
e3syYOmBWA4TNFkjcFXtKCTKD5ocSlVOX0D9QguCRdmM7nQuzcQKbbEMip0RaRsC
CUFfXu9JBygDzvUwz3pnGbNgD6GMO8WYBvwA0dHO+jGphTRvAbF8W0ECkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNR2wt4oZEJ0wsiQHY9w8eeWmAlNMB8GA1UdIwQY
MBaAFCW77Qv/f/6rZ/MCtBGgBwGFSmwwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQt
NTcxN2I0NTQ0MjM3LzEvMUhiQzNpaGtRblRDeUpBZGozRHg1NWFZQ1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8zYjlhZmYtZjAwZC00MTg3LWFmOTQtNTcxN2I0NTQ0MjM3
LzEvSmJ2dENfOV9fcXRuOHdLMEVhQUhBWVZLYkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwmiKMA0G
CSqGSIb3DQEBCwUAA4IBAQCWOho/3R7yl7WNhezpfqvV02EvoBF/bG7qNU2hB1N0
gqvMVDGGuGCgmZZCYYR5IjgGai1k3A1Ik8SwIe1tGK0+zOWHa2/tD1dbB1Ex1FiX
BWJ21Lhd43hy0G+fAcdcU6mC7YElBiqxIDI5dQBUPsmMxZ8YUxGvKQgT4QPotR/e
QtggaNlELLIT9s9bl/UvpkxsEcX6O4DgWCohUbco+8Wh5pgl37kiqYaynFf0szft
ZjBLx6//AXw4zNtyqxt1+noCKJX8k1Y2HvidQ3QKvBc6/36a6z6LnAS1d0HeiymA
wb2+EtzL69Xy33gXd8XxU/QP9G37rwbJ6QZwrxmD4rzw
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:37 2025 by rpki-client