Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/hOtBS8iM0FDTHbiwcSMOPZF34yE.roa
File: hOtBS8iM0FDTHbiwcSMOPZF34yE.roa (raw, json)
Hash identifier: AUdfiKnm5D1cyICwV+8eU9Q1PePsFFZ2UQgApby7zlM=
Subject key identifier: 84:EB:41:4B:C8:8C:D0:50:D3:1D:B8:B0:71:23:0E:3D:91:77:E3:21
Certificate issuer: /CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Certificate serial: 018CC94ABFF52667915B5FA544837B491015
Authority key identifier: 43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/hOtBS8iM0FDTHbiwcSMOPZF34yE.roa
Signing time: Tue 02 Jan 2024 08:29:28 +0000
ROA not before: Tue 02 Jan 2024 08:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210687
IP address blocks: 5.183.109.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:48:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:bf:f5:26:67:91:5b:5f:a5:44:83:7b:49:10:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4384f6fa6decced5578a85a51e0bd65701ea34ec
Validity
Not Before: Jan 2 08:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84eb414bc88cd050d31db8b071230e3d9177e321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:52:ff:d0:f5:c9:ef:66:99:18:e9:f2:54:3f:
00:37:c9:7b:28:bc:62:da:35:31:be:09:2c:d4:06:
8b:c3:6c:46:b7:60:a0:23:55:11:3d:04:08:a2:b0:
9d:8c:f8:2e:34:35:ba:4a:ee:15:af:8d:4d:75:c1:
f2:a6:ec:82:41:db:44:10:7f:fe:b4:46:d5:e1:b7:
49:90:9f:89:b3:bb:46:18:2f:d7:78:87:aa:5d:3c:
fe:78:14:3f:0e:34:c4:36:5a:04:98:7f:6e:2c:af:
40:52:cc:65:08:4e:83:15:96:4e:9a:00:29:87:11:
ed:c9:b5:28:49:1b:5c:1c:43:e7:a3:4f:e2:44:6e:
8f:d7:ed:ee:6e:96:a6:23:51:ab:cf:75:99:71:f4:
49:a4:25:df:83:d0:7c:f0:d2:a6:83:08:65:39:51:
90:a6:db:ab:e7:08:09:76:2d:b4:80:23:3b:06:3e:
07:ef:41:a5:c4:ab:4e:da:89:bf:33:f0:2a:4a:dd:
bc:d0:98:92:ef:bc:0d:f0:fd:b5:d4:11:1c:11:ee:
9b:ca:d1:28:a0:3d:2b:b2:7f:4d:34:c7:a5:64:b6:
84:95:56:16:64:10:b8:d0:62:80:fe:58:08:00:db:
5f:ee:46:3d:1e:31:fa:ee:de:5e:cc:80:77:45:67:
61:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:EB:41:4B:C8:8C:D0:50:D3:1D:B8:B0:71:23:0E:3D:91:77:E3:21
X509v3 Authority Key Identifier:
keyid:43:84:F6:FA:6D:EC:CE:D5:57:8A:85:A5:1E:0B:D6:57:01:EA:34:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q4T2-m3sztVXioWlHgvWVwHqNOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/hOtBS8iM0FDTHbiwcSMOPZF34yE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/b698bd-8dd2-40be-82a3-1b13bd4566a5/1/Q4T2-m3sztVXioWlHgvWVwHqNOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.109.0/24
Signature Algorithm: sha256WithRSAEncryption
15:7c:13:c3:4e:5d:2c:1b:fb:3d:ee:a9:98:32:55:9d:de:80:
44:c0:5f:56:1e:e4:f5:fc:9e:43:f3:34:c9:7c:30:a1:bd:cb:
1f:5a:73:11:7c:83:74:76:6d:e6:ec:a2:39:67:fe:4a:7b:22:
69:9e:bd:7e:82:92:4b:e1:0f:fb:1f:48:d9:ed:85:b9:09:bf:
c1:36:67:72:aa:c2:30:5b:6b:41:25:bc:e2:63:6c:39:cd:65:
6d:26:7d:78:05:cb:5d:16:58:b1:c1:eb:d0:6a:82:8b:b6:de:
01:12:a6:11:24:71:ae:8a:fb:43:44:05:a9:68:45:99:93:4d:
b2:02:71:94:e4:04:78:fa:9d:e5:c7:9e:d5:e3:00:e1:88:c6:
10:62:b3:6e:1c:7d:74:41:6f:6a:12:88:c8:54:55:80:60:89:
0d:55:d5:95:d1:b5:01:ea:40:be:e1:f8:ea:cc:75:91:40:a8:
e7:b9:f3:5f:63:c1:85:38:25:75:e6:2a:83:39:aa:d2:29:ea:
36:22:9a:8d:eb:35:d7:45:93:e0:f5:f7:cf:50:c8:2f:28:99:
60:ce:bb:0d:4f:b9:bb:5c:03:92:96:6a:51:da:89:0c:bf:3a:
d9:ce:94:27:f4:5d:53:de:c7:93:73:02:8e:f3:fd:db:ab:76:
d5:29:aa:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJSr/1JmeRW1+lRIN7SRAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzODRmNmZhNmRlY2NlZDU1NzhhODVhNTFlMGJkNjU3MDFl
YTM0ZWMwHhcNMjQwMTAyMDgyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGViNDE0YmM4OGNkMDUwZDMxZGI4YjA3MTIzMGUzZDkxNzdlMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1L/0PXJ72aZGOnyVD8AN8l7KLxi
2jUxvgks1AaLw2xGt2CgI1URPQQIorCdjPguNDW6Su4Vr41NdcHypuyCQdtEEH/+
tEbV4bdJkJ+Js7tGGC/XeIeqXTz+eBQ/DjTENloEmH9uLK9AUsxlCE6DFZZOmgAp
hxHtybUoSRtcHEPno0/iRG6P1+3ubpamI1Grz3WZcfRJpCXfg9B88NKmgwhlOVGQ
ptur5wgJdi20gCM7Bj4H70GlxKtO2om/M/AqSt280JiS77wN8P211BEcEe6bytEo
oD0rsn9NNMelZLaElVYWZBC40GKA/lgIANtf7kY9HjH67t5ezIB3RWdhlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFITrQUvIjNBQ0x24sHEjDj2Rd+MhMB8GA1UdIwQY
MBaAFEOE9vpt7M7VV4qFpR4L1lcB6jTsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMt
MWIxM2JkNDU2NmE1LzEvaE90QlM4aU0wRkRUSGJpd2NTTU9QWkYzNHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9iNjk4YmQtOGRkMi00MGJlLTgyYTMtMWIxM2JkNDU2NmE1
LzEvUTRUMi1tM3N6dFZYaW9XbEhndldWd0hxTk93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbdtMA0G
CSqGSIb3DQEBCwUAA4IBAQAVfBPDTl0sG/s97qmYMlWd3oBEwF9WHuT1/J5D8zTJ
fDChvcsfWnMRfIN0dm3m7KI5Z/5KeyJpnr1+gpJL4Q/7H0jZ7YW5Cb/BNmdyqsIw
W2tBJbziY2w5zWVtJn14BctdFlixwevQaoKLtt4BEqYRJHGuivtDRAWpaEWZk02y
AnGU5AR4+p3lx57V4wDhiMYQYrNuHH10QW9qEojIVFWAYIkNVdWV0bUB6kC+4fjq
zHWRQKjnufNfY8GFOCV15iqDOarSKeo2IpqN6zXXRZPg9ffPUMgvKJlgzrsNT7m7
XAOSlmpR2okMvzrZzpQn9F1T3seTcwKO8/3bq3bVKaoU
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:35:39 2025 by rpki-client