Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/hyZJtkvXrMZWCVb0mSoAwOnYLE4.roa
File: hyZJtkvXrMZWCVb0mSoAwOnYLE4.roa (raw, json)
Hash identifier: BfxdutaAx2SZ/fE3n7MTcT6ZOT4BhnYSh3/LMg0c3zg=
Subject key identifier: 87:26:49:B6:4B:D7:AC:C6:56:09:56:F4:99:2A:00:C0:E9:D8:2C:4E
Certificate issuer: /CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Certificate serial: 018CC9BCF0C11B1E04F65DE50410938F3E98
Authority key identifier: 4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/hyZJtkvXrMZWCVb0mSoAwOnYLE4.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47280
IP address blocks: 185.191.151.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:48:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:f0:c1:1b:1e:04:f6:5d:e5:04:10:93:8f:3e:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c3789ecf67e04298c5ee44c67d8fb7f5d6d95a1
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=872649b64bd7acc6560956f4992a00c0e9d82c4e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:7d:b2:f5:a2:3a:ba:b6:bf:d9:62:ae:01:35:
90:6f:ff:63:f5:31:b1:4c:81:bc:04:c8:2c:2e:44:
85:f3:51:6c:9e:35:04:9f:cb:f1:2d:13:86:15:9b:
34:ab:aa:92:33:3f:dc:a9:34:42:be:c7:5d:ed:6b:
61:c6:dd:d0:9f:4f:87:23:40:b6:44:0b:89:eb:87:
c6:92:bf:04:74:e9:8a:4f:44:ad:11:2b:72:e7:07:
5c:81:41:ab:cb:f4:5e:b5:40:14:b5:f4:a8:41:95:
4a:17:17:da:1f:1a:73:25:4b:ac:c5:53:b0:c7:b7:
81:d0:2e:4a:02:5b:16:99:ed:6e:21:87:2e:84:23:
f9:5e:14:8c:0e:62:b3:72:99:7a:f0:3f:bc:7a:05:
00:d0:d3:af:ad:33:51:07:80:89:0d:b4:a8:86:11:
9e:fa:6c:73:ba:66:0b:db:a9:99:53:03:1d:fd:54:
03:8b:19:ea:bc:d3:5f:b0:b3:69:f6:34:e7:54:e1:
70:49:b5:47:59:af:bd:3e:88:67:15:aa:56:5b:5f:
e2:1f:bc:dd:76:fc:26:86:d2:13:d1:e3:48:f1:cd:
e0:b4:0d:7f:17:e7:6f:f5:24:f2:88:42:8a:4a:78:
b5:55:ce:76:e7:b9:1a:2f:6e:03:2f:ec:38:c4:da:
c1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:26:49:B6:4B:D7:AC:C6:56:09:56:F4:99:2A:00:C0:E9:D8:2C:4E
X509v3 Authority Key Identifier:
keyid:4C:37:89:EC:F6:7E:04:29:8C:5E:E4:4C:67:D8:FB:7F:5D:6D:95:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/hyZJtkvXrMZWCVb0mSoAwOnYLE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/7ed7b1-b8f3-43f3-96e3-1dc54d1c03a3/1/TDeJ7PZ-BCmMXuRMZ9j7f11tlaE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.191.151.0/24
Signature Algorithm: sha256WithRSAEncryption
80:3f:a2:93:20:31:31:34:c1:b2:90:ca:33:9d:96:d5:2a:4d:
18:ae:28:98:7d:f1:73:f3:da:dd:6b:7d:6b:42:53:b8:0e:e1:
f2:0a:c1:42:6e:fb:5b:8d:80:81:7f:0b:3a:58:0a:f6:6e:7c:
0c:00:27:83:03:15:7d:de:67:b4:56:e6:bd:3f:b8:2c:25:8b:
5e:f2:01:bb:56:71:13:46:db:9a:01:14:5e:e1:51:a7:a9:28:
be:38:97:33:fa:5d:4d:6d:ed:3d:72:ea:30:c0:0c:73:6a:b8:
7b:53:92:c6:a2:ce:ff:11:94:21:bb:32:21:82:2c:f1:c6:70:
35:22:2c:ca:d0:c0:e0:ca:db:8d:68:58:70:bf:2e:95:a9:e9:
39:9e:61:be:b0:6f:82:1d:66:55:12:a5:b7:19:3c:fd:5a:34:
90:07:ce:c8:a7:77:ba:b2:67:b3:7e:70:f0:99:0f:aa:0b:8a:
9b:e6:93:a4:c0:37:26:85:2a:ed:64:37:77:d3:65:bd:89:12:
f6:0e:17:00:43:d9:be:3b:ca:2b:fa:67:03:5f:7b:10:c4:fd:
03:bd:47:43:11:25:d8:6c:5f:aa:60:7a:a6:f5:cd:9b:1f:4e:
b0:61:cc:95:ea:0e:0f:0f:03:94:00:2e:1c:55:cc:e3:09:6e:
93:42:63:2d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvPDBGx4E9l3lBBCTjz6YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMzc4OWVjZjY3ZTA0Mjk4YzVlZTQ0YzY3ZDhmYjdmNWQ2
ZDk1YTEwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzI2NDliNjRiZDdhY2M2NTYwOTU2ZjQ5OTJhMDBjMGU5ZDgyYzRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj32y9aI6ura/2WKuATWQb/9j9TGx
TIG8BMgsLkSF81FsnjUEn8vxLROGFZs0q6qSMz/cqTRCvsdd7Wthxt3Qn0+HI0C2
RAuJ64fGkr8EdOmKT0StESty5wdcgUGry/RetUAUtfSoQZVKFxfaHxpzJUusxVOw
x7eB0C5KAlsWme1uIYcuhCP5XhSMDmKzcpl68D+8egUA0NOvrTNRB4CJDbSohhGe
+mxzumYL26mZUwMd/VQDixnqvNNfsLNp9jTnVOFwSbVHWa+9PohnFapWW1/iH7zd
dvwmhtIT0eNI8c3gtA1/F+dv9STyiEKKSni1Vc5257kaL24DL+w4xNrBWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIcmSbZL16zGVglW9JkqAMDp2CxOMB8GA1UdIwQY
MBaAFEw3iez2fgQpjF7kTGfY+39dbZWhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMt
MWRjNTRkMWMwM2EzLzEvaHlaSnRrdlhyTVpXQ1ZiMG1Tb0F3T25ZTEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC83ZWQ3YjEtYjhmMy00M2YzLTk2ZTMtMWRjNTRkMWMwM2Ez
LzEvVERlSjdQWi1CQ21NWHVSTVo5ajdmMTF0bGFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAub+XMA0G
CSqGSIb3DQEBCwUAA4IBAQCAP6KTIDExNMGykMoznZbVKk0YriiYffFz89rda31r
QlO4DuHyCsFCbvtbjYCBfws6WAr2bnwMACeDAxV93me0Vua9P7gsJYte8gG7VnET
RtuaARRe4VGnqSi+OJcz+l1Nbe09cuowwAxzarh7U5LGos7/EZQhuzIhgizxxnA1
IizK0MDgytuNaFhwvy6Vqek5nmG+sG+CHWZVEqW3GTz9WjSQB87Ip3e6smezfnDw
mQ+qC4qb5pOkwDcmhSrtZDd302W9iRL2DhcAQ9m+O8or+mcDX3sQxP0DvUdDESXY
bF+qYHqm9c2bH06wYcyV6g4PDwOUAC4cVczjCW6TQmMt
-----END CERTIFICATE-----
Generated at Fri Apr 18 06:39:45 2025 by rpki-client