Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/hUP90rVS4Bpdr3-_3xZFf6QV9CY.roa
File: hUP90rVS4Bpdr3-_3xZFf6QV9CY.roa (raw, json)
Hash identifier: xYYw4KjNZ6tHKSTCPNMaONdgSy7RfQpmsYUoFxQNlio=
Subject key identifier: 85:43:FD:D2:B5:52:E0:1A:5D:AF:7F:BF:DF:16:45:7F:A4:15:F4:26
Certificate issuer: /CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Certificate serial: 018CC50144BD72BF9DDDE043072A7A18C827
Authority key identifier: 68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/hUP90rVS4Bpdr3-_3xZFf6QV9CY.roa
Signing time: Mon 01 Jan 2024 12:30:43 +0000
ROA not before: Mon 01 Jan 2024 12:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56368
IP address blocks: 91.198.196.0/24 maxlen: 24
2a0f:8840::/29 maxlen: 30
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:47:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:44:bd:72:bf:9d:dd:e0:43:07:2a:7a:18:c8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68579722c3a0cb0c3351c595dfa3d7ead81f16bf
Validity
Not Before: Jan 1 12:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8543fdd2b552e01a5daf7fbfdf16457fa415f426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:7f:5e:5b:f4:8f:60:d7:03:d5:5d:e5:a9:d6:
94:5c:83:cd:18:ad:4d:80:4d:28:d3:06:22:22:73:
9f:d8:0b:3d:e9:0f:11:53:50:2a:7a:15:19:5e:ec:
ce:49:b9:42:05:1f:2a:53:71:63:24:a0:b1:3d:91:
04:28:92:1f:76:95:37:fe:2c:97:ae:1a:24:f3:b2:
09:83:a9:9b:3d:27:51:cf:74:34:12:fc:30:58:e0:
5b:17:ec:9c:75:0c:ea:28:72:cc:b9:92:00:19:75:
e3:63:22:76:42:7a:18:8c:77:6d:45:d0:aa:cf:a6:
dd:fd:58:b8:0c:83:63:b3:1f:c3:3e:f1:b5:13:06:
8a:13:50:a0:80:1c:cb:0f:e8:72:15:70:93:af:de:
ff:4f:0b:13:09:76:e6:3b:40:73:22:8f:ec:13:4a:
3f:24:4c:7f:45:e0:78:17:f7:ce:2f:9b:1c:f0:a5:
da:99:4f:15:84:0d:53:59:c1:3c:b1:5c:67:eb:46:
34:28:0b:32:9f:51:a4:63:aa:f1:be:e0:1d:21:ab:
78:49:91:8b:70:0e:58:23:c7:f5:3a:1c:7d:c9:d0:
2d:75:e0:69:4d:cb:4a:9c:02:4b:96:26:59:be:fa:
50:39:c6:f0:f5:50:a3:ae:ca:a4:91:99:0f:45:44:
50:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:43:FD:D2:B5:52:E0:1A:5D:AF:7F:BF:DF:16:45:7F:A4:15:F4:26
X509v3 Authority Key Identifier:
keyid:68:57:97:22:C3:A0:CB:0C:33:51:C5:95:DF:A3:D7:EA:D8:1F:16:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aFeXIsOgywwzUcWV36PX6tgfFr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/hUP90rVS4Bpdr3-_3xZFf6QV9CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/fa836c-1cd3-4ba7-b598-9f5597b56b76/1/aFeXIsOgywwzUcWV36PX6tgfFr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.196.0/24
IPv6:
2a0f:8840::/29
Signature Algorithm: sha256WithRSAEncryption
51:7d:1a:4e:e4:8d:13:7f:bb:73:0d:b5:4f:19:f6:a5:40:be:
8c:8f:39:3c:da:fe:a5:3e:63:1e:bd:48:e0:3b:89:1e:2c:73:
dc:e0:6c:23:e3:03:a1:f6:33:82:d8:6f:85:2a:fe:a4:e5:ff:
bd:dc:89:c4:9c:1a:7d:2d:ff:66:98:f0:87:b1:6d:a2:95:b2:
f7:db:6e:9c:df:42:36:6a:2c:b8:3a:34:b7:f4:f2:ea:42:ae:
2b:51:04:2b:ba:1e:0d:e6:4a:ad:fd:94:d4:83:b3:8c:11:ff:
d0:0f:3a:e7:ae:ab:c9:57:21:aa:27:2c:e1:ea:83:fb:ba:50:
6e:ef:33:32:0b:08:86:96:2e:9c:7f:3b:cb:e5:23:ad:8c:1c:
14:44:3d:6b:1a:0c:ab:3b:84:7a:a4:ed:3d:7c:b7:8c:0c:15:
8a:bc:5a:54:57:73:10:96:a4:0f:45:f4:67:ad:bf:6d:11:04:
c5:9a:f0:2e:a2:d9:48:7e:0f:51:fa:fa:98:12:0a:9b:25:72:
d4:91:3c:43:b5:4f:a7:e2:5e:3a:c0:b9:1c:4f:f9:55:00:39:
dd:82:bb:65:ce:b4:78:d0:9a:da:a9:1b:c2:3c:cb:81:6b:f9:
96:97:23:7f:aa:36:53:1b:e8:f2:76:75:85:4f:72:33:42:7f:
cf:1d:b3:45
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAUS9cr+d3eBDByp6GMgnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4NTc5NzIyYzNhMGNiMGMzMzUxYzU5NWRmYTNkN2VhZDgx
ZjE2YmYwHhcNMjQwMTAxMTIzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQzZmRkMmI1NTJlMDFhNWRhZjdmYmZkZjE2NDU3ZmE0MTVmNDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzn9eW/SPYNcD1V3lqdaUXIPNGK1N
gE0o0wYiInOf2As96Q8RU1AqehUZXuzOSblCBR8qU3FjJKCxPZEEKJIfdpU3/iyX
rhok87IJg6mbPSdRz3Q0EvwwWOBbF+ycdQzqKHLMuZIAGXXjYyJ2QnoYjHdtRdCq
z6bd/Vi4DINjsx/DPvG1EwaKE1CggBzLD+hyFXCTr97/TwsTCXbmO0BzIo/sE0o/
JEx/ReB4F/fOL5sc8KXamU8VhA1TWcE8sVxn60Y0KAsyn1GkY6rxvuAdIat4SZGL
cA5YI8f1Ohx9ydAtdeBpTctKnAJLliZZvvpQOcbw9VCjrsqkkZkPRURQywIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIVD/dK1UuAaXa9/v98WRX+kFfQmMB8GA1UdIwQY
MBaAFGhXlyLDoMsMM1HFld+j1+rYHxa/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgt
OWY1NTk3YjU2Yjc2LzEvaFVQOTByVlM0QnBkcjMtXzN4WkZmNlFWOUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9mYTgzNmMtMWNkMy00YmE3LWI1OTgtOWY1NTk3YjU2Yjc2
LzEvYUZlWElzT2d5d3d6VWNXVjM2UFg2dGdmRnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW8bEMA0E
AgACMAcDBQMqD4hAMA0GCSqGSIb3DQEBCwUAA4IBAQBRfRpO5I0Tf7tzDbVPGfal
QL6Mjzk82v6lPmMevUjgO4keLHPc4Gwj4wOh9jOC2G+FKv6k5f+93InEnBp9Lf9m
mPCHsW2ilbL3226c30I2aiy4OjS39PLqQq4rUQQruh4N5kqt/ZTUg7OMEf/QDzrn
rqvJVyGqJyzh6oP7ulBu7zMyCwiGli6cfzvL5SOtjBwURD1rGgyrO4R6pO09fLeM
DBWKvFpUV3MQlqQPRfRnrb9tEQTFmvAuotlIfg9R+vqYEgqbJXLUkTxDtU+n4l46
wLkcT/lVADndgrtlzrR40JraqRvCPMuBa/mWlyN/qjZTG+jydnWFT3IzQn/PHbNF
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:24 2025 by rpki-client