Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/Ha1eK6ml2MxNitOYWFbqRrKnvnI.roa
File: Ha1eK6ml2MxNitOYWFbqRrKnvnI.roa (raw, json)
Hash identifier: 71fz6Wu9m8HM6ha5JKqa4kOgHfensWm1zZGnh3jic5Y=
Subject key identifier: 1D:AD:5E:2B:A9:A5:D8:CC:4D:8A:D3:98:58:56:EA:46:B2:A7:BE:72
Certificate issuer: /CN=b1940f000996ebfd2dab71c469cc51ee881b3f5e
Certificate serial: 018CC26D8331BB0B695FBEC12EB75D4E58A0
Authority key identifier: B1:94:0F:00:09:96:EB:FD:2D:AB:71:C4:69:CC:51:EE:88:1B:3F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sZQPAAmW6_0tq3HEacxR7ogbP14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/Ha1eK6ml2MxNitOYWFbqRrKnvnI.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 194.42.96.0/23 maxlen: 24
194.42.104.0/23 maxlen: 24
2a0f:340::/29 maxlen: 128
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:83:31:bb:0b:69:5f:be:c1:2e:b7:5d:4e:58:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1940f000996ebfd2dab71c469cc51ee881b3f5e
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dad5e2ba9a5d8cc4d8ad3985856ea46b2a7be72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:c5:4c:01:75:02:82:57:9f:70:5d:ce:f6:d9:
3d:4f:e0:59:e4:ba:8e:27:f4:bf:f1:11:44:f4:e2:
bf:90:c2:0d:0d:11:91:6f:c3:ad:e3:f3:75:76:f6:
d1:fd:97:c2:29:e6:ab:2e:a2:27:f2:8d:0c:6e:ec:
f6:45:72:f2:0a:29:36:c6:45:19:6f:7c:ff:5e:9c:
6e:7c:12:2b:41:98:0e:23:e0:3a:10:a1:46:57:3c:
70:04:c0:71:e6:f9:14:81:ed:34:17:9b:3c:cc:28:
78:7d:f7:fb:c4:f7:ef:38:1a:58:44:5d:e8:f9:c7:
a6:31:5e:5d:81:0f:fd:59:7e:19:8b:f8:94:d4:9a:
41:0c:f5:cf:b3:14:d2:c6:89:d3:4b:2a:ed:f4:2f:
85:6d:a1:dc:19:69:eb:0d:a7:0b:7a:58:50:1c:b2:
e7:2a:d8:b8:10:81:bb:4b:58:e3:4b:7b:cf:8e:46:
54:43:a0:5e:3e:ea:c3:08:00:48:f0:b6:9d:1a:17:
d0:60:d4:48:76:e4:90:b7:e4:8e:02:59:3f:7b:59:
0d:96:17:88:b6:0d:f5:20:98:e5:94:98:4f:48:4c:
3a:81:2c:a5:11:2a:5a:bc:71:70:7d:b9:6d:c7:aa:
56:c2:59:13:17:0c:c7:c5:90:97:62:d6:57:fd:14:
6e:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AD:5E:2B:A9:A5:D8:CC:4D:8A:D3:98:58:56:EA:46:B2:A7:BE:72
X509v3 Authority Key Identifier:
keyid:B1:94:0F:00:09:96:EB:FD:2D:AB:71:C4:69:CC:51:EE:88:1B:3F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sZQPAAmW6_0tq3HEacxR7ogbP14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/Ha1eK6ml2MxNitOYWFbqRrKnvnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/1c13d9-81d5-4cdb-a2e1-a5abb20d2462/1/sZQPAAmW6_0tq3HEacxR7ogbP14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.96.0/23
194.42.104.0/23
IPv6:
2a0f:340::/29
Signature Algorithm: sha256WithRSAEncryption
84:6d:13:54:18:cf:90:95:b7:aa:3e:e6:6a:79:9e:6d:bf:0d:
fd:fb:e0:d1:21:80:d1:78:e8:cc:4b:d8:b8:db:67:ba:de:f2:
69:f0:24:b3:96:c2:13:77:fc:a2:d1:91:51:3e:c8:7c:31:c2:
07:95:5d:06:62:63:1a:f9:8f:04:b5:e8:4d:89:58:aa:76:5a:
7f:90:b4:33:98:bd:ff:a5:c4:7a:a3:d5:bf:2c:9b:48:88:f8:
55:57:1d:47:c2:ca:32:3c:ae:49:5d:77:7e:d8:e5:90:b1:3d:
b1:72:9f:85:9a:96:aa:e1:09:00:73:90:07:c3:fe:8b:d4:54:
86:a2:27:bd:07:45:05:1c:ac:c4:e7:6a:6a:40:11:52:7f:b8:
4e:71:b9:59:37:0b:e1:58:87:c3:ea:64:f9:7b:38:57:43:ee:
5b:11:69:d0:7e:3a:56:9c:d4:98:01:5e:20:fb:42:8b:04:c0:
e8:68:e1:63:35:d5:50:65:b9:25:fa:4f:77:89:2e:af:d4:ad:
39:c4:5f:b7:f2:b0:ce:ba:e5:da:13:b4:60:2b:45:b6:72:19:
dd:6e:e5:c5:aa:cf:ee:d5:71:ca:62:22:ba:07:3d:17:c7:71:
91:9e:ba:44:af:72:b8:a3:56:b1:9f:17:9b:df:f6:a8:3e:cf:
d5:d3:5d:4c
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzCbYMxuwtpX77BLrddTligMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxOTQwZjAwMDk5NmViZmQyZGFiNzFjNDY5Y2M1MWVlODgx
YjNmNWUwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFkNWUyYmE5YTVkOGNjNGQ4YWQzOTg1ODU2ZWE0NmIyYTdiZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo8VMAXUCglefcF3O9tk9T+BZ5LqO
J/S/8RFE9OK/kMINDRGRb8Ot4/N1dvbR/ZfCKearLqIn8o0Mbuz2RXLyCik2xkUZ
b3z/XpxufBIrQZgOI+A6EKFGVzxwBMBx5vkUge00F5s8zCh4fff7xPfvOBpYRF3o
+cemMV5dgQ/9WX4Zi/iU1JpBDPXPsxTSxonTSyrt9C+FbaHcGWnrDacLelhQHLLn
Kti4EIG7S1jjS3vPjkZUQ6BePurDCABI8LadGhfQYNRIduSQt+SOAlk/e1kNlheI
tg31IJjllJhPSEw6gSylESpavHFwfbltx6pWwlkTFwzHxZCXYtZX/RRumQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB2tXiuppdjMTYrTmFhW6kayp75yMB8GA1UdIwQY
MBaAFLGUDwAJluv9LatxxGnMUe6IGz9eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1pRUEFBbVc2XzB0cTNIRWFjeFI3b2diUDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8xYzEzZDktODFkNS00Y2RiLWEyZTEt
YTVhYmIyMGQyNDYyLzEvSGExZUs2bWwyTXhOaXRPWVdGYnFScktudm5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8xYzEzZDktODFkNS00Y2RiLWEyZTEtYTVhYmIyMGQyNDYy
LzEvc1pRUEFBbVc2XzB0cTNIRWFjeFI3b2diUDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwipgAwQB
wipoMA0EAgACMAcDBQMqDwNAMA0GCSqGSIb3DQEBCwUAA4IBAQCEbRNUGM+Qlbeq
PuZqeZ5tvw39++DRIYDReOjMS9i422e63vJp8CSzlsITd/yi0ZFRPsh8McIHlV0G
YmMa+Y8EtehNiViqdlp/kLQzmL3/pcR6o9W/LJtIiPhVVx1HwsoyPK5JXXd+2OWQ
sT2xcp+Fmpaq4QkAc5AHw/6L1FSGoie9B0UFHKzE52pqQBFSf7hOcblZNwvhWIfD
6mT5ezhXQ+5bEWnQfjpWnNSYAV4g+0KLBMDoaOFjNdVQZbkl+k93iS6v1K05xF+3
8rDOuuXaE7RgK0W2chndbuXFqs/u1XHKYiK6Bz0Xx3GRnrpEr3K4o1axnxeb3/ao
Ps/V011M
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:10 2025 by rpki-client