Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/hbWDqtvQLP-KfdNaJ_jU08mRQQA.roa
File: hbWDqtvQLP-KfdNaJ_jU08mRQQA.roa (raw, json)
Hash identifier: BiwRvDdiLesNWQ9i3kZpv9ZSkFymtwRHySAvz9I2dg4=
Subject key identifier: 85:B5:83:AA:DB:D0:2C:FF:8A:7D:D3:5A:27:F8:D4:D3:C9:91:41:00
Certificate issuer: /CN=3ac4446ba99b43891ecf1f7fa2cdb02e14a344f3
Certificate serial: 018CC6B7E441C17D8AAD4F4C27C23FE5E10A
Authority key identifier: 3A:C4:44:6B:A9:9B:43:89:1E:CF:1F:7F:A2:CD:B0:2E:14:A3:44:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OsREa6mbQ4kezx9_os2wLhSjRPM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/hbWDqtvQLP-KfdNaJ_jU08mRQQA.roa
Signing time: Mon 01 Jan 2024 20:29:49 +0000
ROA not before: Mon 01 Jan 2024 20:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198765
IP address blocks: 91.238.199.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:e4:41:c1:7d:8a:ad:4f:4c:27:c2:3f:e5:e1:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ac4446ba99b43891ecf1f7fa2cdb02e14a344f3
Validity
Not Before: Jan 1 20:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85b583aadbd02cff8a7dd35a27f8d4d3c9914100
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:96:7f:88:e1:17:e8:93:b0:56:db:5f:38:17:
b4:bf:fd:b5:8c:a7:21:ae:79:9c:16:e4:ec:cd:12:
23:fc:4c:40:0f:c1:8f:9d:75:bc:2e:f4:d4:0c:fb:
9c:aa:0e:45:a7:6a:64:66:c6:c2:ba:bf:b5:fe:61:
7f:78:a1:b8:ce:26:32:0f:ec:46:6d:d7:df:a3:44:
55:2e:43:ac:6c:66:4b:97:96:1f:b3:0f:a9:ee:a5:
c1:e4:39:18:78:36:f6:09:f1:48:16:f8:01:51:1c:
a8:d2:11:6f:4d:ce:49:3e:14:c9:f4:58:f3:07:d0:
60:8e:f4:be:a8:66:d5:38:b9:f2:15:14:c5:60:c2:
bb:3a:5f:48:f9:12:40:78:3f:f3:34:45:02:e2:89:
59:0a:d8:53:66:b2:64:49:4b:a6:e5:eb:53:1d:4e:
46:bb:5b:e9:d6:ad:df:a2:6e:01:7d:a1:e7:b3:9f:
b4:87:4f:73:fc:d5:a1:20:45:87:9c:6f:16:3d:42:
1b:02:ac:a9:9b:00:95:e5:40:88:51:d4:50:f4:51:
fa:f8:e8:97:da:8f:0d:42:f4:58:9e:e3:e5:82:82:
02:0b:dd:f0:4f:a1:00:c3:eb:89:22:7b:12:6e:df:
ea:61:7e:de:1b:74:59:1b:d9:9d:45:40:09:33:7b:
b3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:B5:83:AA:DB:D0:2C:FF:8A:7D:D3:5A:27:F8:D4:D3:C9:91:41:00
X509v3 Authority Key Identifier:
keyid:3A:C4:44:6B:A9:9B:43:89:1E:CF:1F:7F:A2:CD:B0:2E:14:A3:44:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsREa6mbQ4kezx9_os2wLhSjRPM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/hbWDqtvQLP-KfdNaJ_jU08mRQQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/e5c877-a2ee-4c3f-ad5c-02a7f6df6810/1/OsREa6mbQ4kezx9_os2wLhSjRPM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.199.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c4:a2:a2:26:22:bb:b7:b9:7b:4c:72:e9:d4:03:93:d0:46:
20:00:ec:00:06:70:da:8a:b1:d8:cf:9e:59:02:62:eb:ed:9d:
dc:12:fa:4f:7f:4b:03:57:12:24:30:eb:29:f8:cd:6d:16:af:
be:7d:06:e1:c2:fe:70:1f:7b:34:ba:72:e5:7a:6b:f5:ce:58:
22:f2:15:75:88:d9:e1:83:c0:d2:b3:cd:9e:f0:b6:80:33:f6:
68:76:8b:35:8c:73:5e:95:ff:6c:6d:f9:47:00:5b:37:ac:c5:
34:cd:09:0b:d2:9f:6b:14:ee:d6:0c:e5:c9:bb:e0:c8:c6:c9:
1f:81:d0:c0:f7:0f:dc:1a:11:d6:7c:d4:eb:78:c3:6a:83:4f:
3b:08:a7:bb:0d:ab:84:9d:c4:f7:51:7e:c6:07:e7:be:37:25:
2e:49:bb:fc:4e:a5:7d:c1:df:a8:20:a1:07:a6:33:9d:45:93:
59:74:bc:a8:55:e5:c1:a9:37:35:5a:34:de:15:12:7c:63:e0:
7a:de:ae:0b:39:9e:54:d1:7d:16:30:40:5a:ab:b7:6c:0e:f4:
a1:1c:7a:1e:fe:71:8c:ba:1b:4e:f1:d1:0d:7d:db:b3:26:f8:
d3:74:b8:30:e1:3f:77:de:57:d3:5a:74:e2:b9:2c:92:84:ac:
68:99:98:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt+RBwX2KrU9MJ8I/5eEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzQ0NDZiYTk5YjQzODkxZWNmMWY3ZmEyY2RiMDJlMTRh
MzQ0ZjMwHhcNMjQwMTAxMjAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWI1ODNhYWRiZDAyY2ZmOGE3ZGQzNWEyN2Y4ZDRkM2M5OTE0MTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtZZ/iOEX6JOwVttfOBe0v/21jKch
rnmcFuTszRIj/ExAD8GPnXW8LvTUDPucqg5Fp2pkZsbCur+1/mF/eKG4ziYyD+xG
bdffo0RVLkOsbGZLl5Yfsw+p7qXB5DkYeDb2CfFIFvgBURyo0hFvTc5JPhTJ9Fjz
B9BgjvS+qGbVOLnyFRTFYMK7Ol9I+RJAeD/zNEUC4olZCthTZrJkSUum5etTHU5G
u1vp1q3fom4BfaHns5+0h09z/NWhIEWHnG8WPUIbAqypmwCV5UCIUdRQ9FH6+OiX
2o8NQvRYnuPlgoICC93wT6EAw+uJInsSbt/qYX7eG3RZG9mdRUAJM3uzSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIW1g6rb0Cz/in3TWif41NPJkUEAMB8GA1UdIwQY
MBaAFDrERGupm0OJHs8ff6LNsC4Uo0TzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NSRWE2bWJRNGtleng5X29zMndMaFNqUlBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS9lNWM4NzctYTJlZS00YzNmLWFkNWMt
MDJhN2Y2ZGY2ODEwLzEvaGJXRHF0dlFMUC1LZmROYUpfalUwOG1SUVFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS9lNWM4NzctYTJlZS00YzNmLWFkNWMtMDJhN2Y2ZGY2ODEw
LzEvT3NSRWE2bWJRNGtleng5X29zMndMaFNqUlBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+7HMA0G
CSqGSIb3DQEBCwUAA4IBAQAcxKKiJiK7t7l7THLp1AOT0EYgAOwABnDairHYz55Z
AmLr7Z3cEvpPf0sDVxIkMOsp+M1tFq++fQbhwv5wH3s0unLlemv1zlgi8hV1iNnh
g8DSs82e8LaAM/Zodos1jHNelf9sbflHAFs3rMU0zQkL0p9rFO7WDOXJu+DIxskf
gdDA9w/cGhHWfNTreMNqg087CKe7DauEncT3UX7GB+e+NyUuSbv8TqV9wd+oIKEH
pjOdRZNZdLyoVeXBqTc1WjTeFRJ8Y+B63q4LOZ5U0X0WMEBaq7dsDvShHHoe/nGM
uhtO8dENfduzJvjTdLgw4T933lfTWnTiuSyShKxomZhx
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:05:46 2025 by rpki-client