Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/DV-01Hl1YNL_ST5LSPJ-gaXI93k.roa
File: DV-01Hl1YNL_ST5LSPJ-gaXI93k.roa (raw, json)
Hash identifier: mGjLjzVFpXNpWkDIjnHeLL0bt4Q15Tj/00B7tg16j0o=
Subject key identifier: 0D:5F:B4:D4:79:75:60:D2:FF:49:3E:4B:48:F2:7E:81:A5:C8:F7:79
Certificate issuer: /CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Certificate serial: 0191FA3FC49270BCF8811316D7F749FAE272
Authority key identifier: AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/DV-01Hl1YNL_ST5LSPJ-gaXI93k.roa
Signing time: Mon 16 Sep 2024 09:52:48 +0000
ROA not before: Mon 16 Sep 2024 09:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25484
IP address blocks: 84.200.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 10:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:3f:c4:92:70:bc:f8:81:13:16:d7:f7:49:fa:e2:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa1dc50a4b526df18e8b0a6565d7b9d58a75d315
Validity
Not Before: Sep 16 09:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0d5fb4d4797560d2ff493e4b48f27e81a5c8f779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a3:cc:1e:ce:1c:69:23:a5:13:20:5c:e7:2f:
1d:18:19:12:8b:bd:66:f3:ec:68:92:fd:82:8c:63:
c9:d2:d8:a4:2b:66:ad:e1:87:f4:16:cf:b1:cd:da:
10:94:89:98:ae:4c:1c:92:2c:c0:91:55:08:fb:6b:
87:10:f1:a2:ea:e5:28:26:95:f1:f8:e0:5a:5d:93:
a9:c6:0e:92:ed:72:98:d3:3c:1c:8e:3f:60:bd:7b:
50:16:d3:56:54:b5:d8:af:ce:e4:38:79:32:55:92:
8d:eb:e7:b6:48:58:56:78:87:71:55:9d:c2:a5:e3:
e0:e5:49:d8:f9:72:e2:98:6b:cb:cd:a9:61:ae:85:
44:f5:3c:ab:74:63:6e:6e:f4:58:21:e3:f3:0f:83:
5f:e8:aa:06:65:ca:b3:78:8d:d3:d8:6e:30:4d:6b:
f7:72:db:f4:bb:4c:40:b6:2e:7f:08:04:84:be:5d:
24:26:08:57:38:4a:d4:d4:0e:7e:1a:f6:db:5a:72:
2d:2b:c6:3a:19:3c:79:f1:0e:c7:ce:a3:bb:af:da:
a1:f4:b0:5e:3d:88:6d:49:13:de:76:28:c8:a2:2b:
18:07:40:10:ea:4a:44:00:85:5b:67:be:12:0f:14:
43:0c:ff:66:ea:a7:88:a9:53:85:3a:01:72:1e:c5:
30:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:5F:B4:D4:79:75:60:D2:FF:49:3E:4B:48:F2:7E:81:A5:C8:F7:79
X509v3 Authority Key Identifier:
keyid:AA:1D:C5:0A:4B:52:6D:F1:8E:8B:0A:65:65:D7:B9:D5:8A:75:D3:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qh3FCktSbfGOiwplZde51Yp10xU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/DV-01Hl1YNL_ST5LSPJ-gaXI93k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/f23929-7375-41c8-9973-33d728433c11/1/qh3FCktSbfGOiwplZde51Yp10xU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.200.19.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:e6:71:2f:c2:2c:a7:ec:f5:3e:a5:3f:32:a5:c3:73:32:bb:
e9:39:7c:34:f4:e4:5b:b4:36:ae:a7:f6:28:3b:b2:ee:d7:6f:
d4:c3:7b:f6:83:d4:f1:65:ea:b6:5c:7d:26:bc:dd:5d:be:66:
1a:9f:52:51:63:9d:15:47:e7:43:23:06:21:78:79:fc:e6:b5:
be:37:91:44:4c:f3:71:af:34:36:f3:85:dc:fe:00:9b:bb:29:
7b:7d:c0:31:11:e0:a1:e5:5b:98:76:b6:74:d5:1d:b6:11:c6:
63:87:3c:d5:ce:4e:11:13:ae:ef:5e:97:7f:da:fc:74:11:c3:
7c:8c:d1:a7:7f:64:1a:8f:b9:f0:48:b2:5a:08:21:6d:da:f8:
2e:24:45:73:da:0d:12:81:b2:87:df:21:3e:14:e9:09:31:db:
05:a8:51:3f:2c:a3:46:0a:b6:d1:fa:35:52:4a:d7:b7:b0:2c:
7e:43:5c:de:d4:1a:72:b6:17:77:89:47:fd:72:76:8d:73:ea:
e7:03:45:d5:39:6c:a1:ed:15:d2:7b:66:8e:65:1d:2a:05:55:
f8:c2:95:da:6c:7f:d9:75:0b:76:1d:73:2f:0b:6a:df:fb:cc:
23:9f:f6:af:96:55:99:f7:7e:43:4f:d7:51:9c:98:d8:64:8a:
7b:41:a7:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZH6P8SScLz4gRMW1/dJ+uJyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhMWRjNTBhNGI1MjZkZjE4ZThiMGE2NTY1ZDdiOWQ1OGE3
NWQzMTUwHhcNMjQwOTE2MDk1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDVmYjRkNDc5NzU2MGQyZmY0OTNlNGI0OGYyN2U4MWE1YzhmNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKPMHs4caSOlEyBc5y8dGBkSi71m
8+xokv2CjGPJ0tikK2at4Yf0Fs+xzdoQlImYrkwckizAkVUI+2uHEPGi6uUoJpXx
+OBaXZOpxg6S7XKY0zwcjj9gvXtQFtNWVLXYr87kOHkyVZKN6+e2SFhWeIdxVZ3C
pePg5UnY+XLimGvLzalhroVE9TyrdGNubvRYIePzD4Nf6KoGZcqzeI3T2G4wTWv3
ctv0u0xAti5/CASEvl0kJghXOErU1A5+GvbbWnItK8Y6GTx58Q7HzqO7r9qh9LBe
PYhtSRPedijIoisYB0AQ6kpEAIVbZ74SDxRDDP9m6qeIqVOFOgFyHsUw/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA1ftNR5dWDS/0k+S0jyfoGlyPd5MB8GA1UdIwQY
MBaAFKodxQpLUm3xjosKZWXXudWKddMVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMt
MzNkNzI4NDMzYzExLzEvRFYtMDFIbDFZTkxfU1Q1TFNQSi1nYVhJOTNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mMjM5MjktNzM3NS00MWM4LTk5NzMtMzNkNzI4NDMzYzEx
LzEvcWgzRkNrdFNiZkdPaXdwbFpkZTUxWXAxMHhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVMgTMA0G
CSqGSIb3DQEBCwUAA4IBAQAf5nEvwiyn7PU+pT8ypcNzMrvpOXw09ORbtDaup/Yo
O7Lu12/Uw3v2g9TxZeq2XH0mvN1dvmYan1JRY50VR+dDIwYheHn85rW+N5FETPNx
rzQ284Xc/gCbuyl7fcAxEeCh5VuYdrZ01R22EcZjhzzVzk4RE67vXpd/2vx0EcN8
jNGnf2Qaj7nwSLJaCCFt2vguJEVz2g0SgbKH3yE+FOkJMdsFqFE/LKNGCrbR+jVS
Ste3sCx+Q1ze1Bpythd3iUf9cnaNc+rnA0XVOWyh7RXSe2aOZR0qBVX4wpXabH/Z
dQt2HXMvC2rf+8wjn/avllWZ935DT9dRnJjYZIp7Qae9
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:38:51 2025 by rpki-client