Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/R2G9ZjWsJDtX_O4du1ssHZhgan0.roa
File: R2G9ZjWsJDtX_O4du1ssHZhgan0.roa (raw, json)
Hash identifier: GHpvADo5LJx8xeE5zCaOYSpzXNih31pZDtuaUH8MLvM=
Subject key identifier: 47:61:BD:66:35:AC:24:3B:57:FC:EE:1D:BB:5B:2C:1D:98:60:6A:7D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01920FF070CA713233AE9556A827AB513C4A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/R2G9ZjWsJDtX_O4du1ssHZhgan0.roa
Signing time: Fri 20 Sep 2024 14:57:48 +0000
ROA not before: Fri 20 Sep 2024 14:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 11798
IP address blocks: 150.241.64.0/18 maxlen: 18
185.176.94.0/24 maxlen: 24
185.216.104.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 30 Sep 2024 17:55:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:0f:f0:70:ca:71:32:33:ae:95:56:a8:27:ab:51:3c:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Sep 20 14:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4761bd6635ac243b57fcee1dbb5b2c1d98606a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d5:3f:53:4e:79:f2:32:b5:31:fe:d0:70:ea:
ac:26:ef:59:9e:2f:77:f5:61:bf:99:dd:af:95:da:
0a:94:28:6d:99:bb:06:0d:c0:42:62:67:97:db:d8:
bd:bc:2d:e4:80:07:56:99:65:0d:2c:94:90:87:07:
9f:a5:c1:ff:b1:d6:3b:3e:35:64:ae:d2:04:f4:92:
73:7f:e9:7e:ef:16:1c:e1:0c:8f:f7:86:59:6b:ef:
2b:e1:1d:36:1d:5e:3a:a3:38:6d:6d:32:cd:3c:a4:
d8:e3:4d:c1:90:ad:aa:41:ae:84:e0:3f:d2:64:40:
5d:01:41:d0:7a:22:ab:11:ed:2b:2d:57:db:9e:f0:
84:dc:90:f5:b3:2c:d1:35:a9:01:d9:3e:53:5f:bb:
ac:8d:52:57:fe:7e:cc:ce:50:a6:1e:5b:5d:07:a6:
cb:bb:37:3d:62:98:e1:43:00:0f:78:b2:53:02:5c:
09:db:e4:1a:64:77:d1:97:36:17:58:8e:66:d2:da:
3b:0a:9f:ca:d8:11:93:c2:72:2a:ac:dc:db:6c:03:
2a:46:99:fe:8f:c6:d7:1f:01:df:c1:fd:ce:64:f9:
e5:cf:87:63:23:ba:00:65:f1:cc:64:ec:a1:54:b2:
aa:cd:3a:54:0e:7c:54:8b:ac:75:7e:4d:08:5d:08:
54:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:61:BD:66:35:AC:24:3B:57:FC:EE:1D:BB:5B:2C:1D:98:60:6A:7D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/R2G9ZjWsJDtX_O4du1ssHZhgan0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.64.0/18
185.176.94.0/24
185.216.104.0/22
Signature Algorithm: sha256WithRSAEncryption
6e:83:29:1d:29:71:09:75:3c:1c:62:7b:97:03:a8:e8:e1:99:
33:d4:6b:b6:8e:2c:6b:ad:3d:cd:0f:7e:46:91:93:a4:14:70:
3d:c1:40:81:3d:5d:b7:0e:d5:ae:19:16:5a:00:d0:3a:0f:3c:
60:e2:5b:ff:1c:d2:3a:49:5f:17:79:a1:29:9c:be:c4:3d:b0:
5b:bb:ab:1f:46:eb:78:c6:63:04:5f:4b:8f:03:44:bd:ff:13:
c7:8f:15:ea:2e:8b:f7:4c:2c:63:9c:2a:71:37:31:74:d1:87:
fe:e3:0c:9a:bc:9a:b3:0d:6b:f7:97:0b:5e:ba:3b:87:98:17:
c4:75:64:f5:86:25:d5:bd:67:93:97:5d:a6:1a:f1:2a:f6:2d:
fb:e0:22:ab:03:2a:b9:0b:65:fa:13:f0:0c:85:c9:66:c7:ee:
d9:06:ba:19:8c:b5:1c:84:32:3b:4f:ef:fc:5f:f1:61:f1:b5:
0c:59:d5:38:0a:66:e9:f3:12:5f:99:c2:8a:bf:9c:89:83:33:
cf:31:d4:bd:eb:28:c0:e5:3e:66:e7:92:8d:cd:7f:3b:c0:48:
e7:50:95:ab:60:81:fb:cc:60:87:6a:3d:89:9a:77:2c:19:61:
81:35:49:e6:48:29:38:af:2b:a5:dc:59:c3:2e:28:92:e7:d4:
95:35:af:e5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIP8HDKcTIzrpVWqCerUTxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQwOTIwMTQ1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzYxYmQ2NjM1YWMyNDNiNTdmY2VlMWRiYjViMmMxZDk4NjA2YTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tU/U0558jK1Mf7QcOqsJu9Zni93
9WG/md2vldoKlChtmbsGDcBCYmeX29i9vC3kgAdWmWUNLJSQhwefpcH/sdY7PjVk
rtIE9JJzf+l+7xYc4QyP94ZZa+8r4R02HV46ozhtbTLNPKTY403BkK2qQa6E4D/S
ZEBdAUHQeiKrEe0rLVfbnvCE3JD1syzRNakB2T5TX7usjVJX/n7MzlCmHltdB6bL
uzc9YpjhQwAPeLJTAlwJ2+QaZHfRlzYXWI5m0to7Cp/K2BGTwnIqrNzbbAMqRpn+
j8bXHwHfwf3OZPnlz4djI7oAZfHMZOyhVLKqzTpUDnxUi6x1fk0IXQhUcQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEdhvWY1rCQ7V/zuHbtbLB2YYGp9MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvUjJHOVpqV3NKRHRYX080ZHUxc3NIWmhnYW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQGlvFAAwQA
ubBeAwQCudhoMA0GCSqGSIb3DQEBCwUAA4IBAQBugykdKXEJdTwcYnuXA6jo4Zkz
1Gu2jixrrT3ND35GkZOkFHA9wUCBPV23DtWuGRZaANA6Dzxg4lv/HNI6SV8XeaEp
nL7EPbBbu6sfRut4xmMEX0uPA0S9/xPHjxXqLov3TCxjnCpxNzF00Yf+4wyavJqz
DWv3lwteujuHmBfEdWT1hiXVvWeTl12mGvEq9i374CKrAyq5C2X6E/AMhclmx+7Z
BroZjLUchDI7T+/8X/Fh8bUMWdU4Cmbp8xJfmcKKv5yJgzPPMdS96yjA5T5m55KN
zX87wEjnUJWrYIH7zGCHaj2JmncsGWGBNUnmSCk4ryul3FnDLiiS59SVNa/l
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:26:31 2025 by rpki-client