Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/PN-hNBC2YiRvBhT7CiQffYhGTZI.roa
File: PN-hNBC2YiRvBhT7CiQffYhGTZI.roa (raw, json)
Hash identifier: HlCF3505pz3FUxgf118Kbo0us350ojRdmyDphTKI9Bs=
Subject key identifier: 3C:DF:A1:34:10:B6:62:24:6F:06:14:FB:0A:24:1F:7D:88:46:4D:92
Certificate issuer: /CN=c755702467770ed69b367b77bbe640bc6db4153e
Certificate serial: 018CC8DF20C33E39E769868EFC4626C6D041
Authority key identifier: C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/PN-hNBC2YiRvBhT7CiQffYhGTZI.roa
Signing time: Tue 02 Jan 2024 06:31:55 +0000
ROA not before: Tue 02 Jan 2024 06:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 84.254.136.0/24 maxlen: 24
84.254.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:20:c3:3e:39:e7:69:86:8e:fc:46:26:c6:d0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c755702467770ed69b367b77bbe640bc6db4153e
Validity
Not Before: Jan 2 06:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cdfa13410b662246f0614fb0a241f7d88464d92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:dd:40:28:94:49:f4:4c:be:7f:b2:d3:4e:76:
06:22:ab:d6:ac:b9:30:fa:6c:38:c9:cb:8b:22:5c:
f2:68:d3:33:5e:9d:58:3b:ed:cf:21:87:3e:29:ca:
f5:8c:d2:9d:08:e0:bc:53:d9:0d:b6:17:23:9c:fd:
f6:66:db:91:03:ab:9e:ec:a6:88:ce:49:29:75:29:
62:88:fe:38:cf:fc:f8:27:21:6e:db:68:45:46:91:
98:9f:0c:6e:0c:ec:ff:ec:36:02:61:ce:25:3d:53:
66:40:5e:18:89:e1:10:89:45:14:94:f5:89:98:8d:
27:32:d3:48:93:a3:66:c4:c6:a7:ef:07:a3:9c:c0:
7c:4b:34:77:87:f6:b1:85:56:11:01:ea:81:dc:47:
4e:82:61:b4:75:9a:84:49:1f:3e:00:a3:85:49:c4:
ff:42:3e:d3:8c:6b:02:12:89:a5:6d:b0:a5:c9:69:
0f:6f:f4:bb:9d:bc:1a:d2:7c:3a:5e:56:f1:fd:57:
2c:f9:31:16:e0:5c:1c:2f:90:a9:d1:50:01:96:ac:
cc:bf:97:b0:c6:7e:3e:86:0a:e2:91:fa:fb:c3:65:
a0:50:e8:fe:5e:4e:90:cc:f0:34:08:bd:bc:2a:ad:
37:ba:58:cd:ea:97:41:3e:8c:ce:a3:18:47:6b:28:
fe:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:DF:A1:34:10:B6:62:24:6F:06:14:FB:0A:24:1F:7D:88:46:4D:92
X509v3 Authority Key Identifier:
keyid:C7:55:70:24:67:77:0E:D6:9B:36:7B:77:BB:E6:40:BC:6D:B4:15:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x1VwJGd3DtabNnt3u-ZAvG20FT4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/PN-hNBC2YiRvBhT7CiQffYhGTZI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/243f91-8747-4981-9cbf-1d373499924e/1/x1VwJGd3DtabNnt3u-ZAvG20FT4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.254.134.0/24
84.254.136.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:22:a2:d6:a3:a7:e7:3b:f2:6e:d3:ca:56:ed:4a:ce:6b:7b:
b7:73:84:e4:7d:e1:c8:66:c1:8e:e6:34:b6:59:36:7d:56:ef:
f7:6d:07:7c:72:12:be:e7:66:49:7b:7c:af:fd:62:ec:6d:e6:
d7:2c:97:50:eb:fd:7b:ef:5f:a4:ab:9b:9c:63:72:82:a3:8d:
b3:42:0c:e6:f0:fd:87:ba:26:01:5f:45:49:df:60:25:ad:b6:
d8:7f:42:e6:24:a0:dd:23:b4:2a:29:5a:74:f4:36:c3:51:83:
a7:72:65:bb:01:ec:32:e0:fd:71:fa:78:41:48:28:e8:d3:04:
c0:13:63:a3:08:f7:b7:b2:69:da:17:44:9f:bc:a5:89:66:96:
dd:4e:24:dd:dd:d9:04:a9:ff:2b:0b:d4:80:17:bc:57:3f:84:
e9:23:b1:27:eb:b0:1c:50:95:31:f4:d7:9d:97:04:d9:a4:2c:
32:d3:e6:9c:d6:38:42:4d:ab:c0:db:2e:72:8e:e1:6b:06:b1:
7c:3e:3f:f5:32:45:2f:f1:dd:dd:95:02:ad:b0:1a:44:d9:ea:
1e:fc:af:69:ff:cc:56:a5:85:7d:9d:70:83:72:52:32:7d:fa:
88:67:ef:25:bb:c9:9a:5c:ac:53:45:9b:18:02:47:c9:17:07:
23:55:d8:3f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3yDDPjnnaYaO/EYmxtBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NTU3MDI0Njc3NzBlZDY5YjM2N2I3N2JiZTY0MGJjNmRi
NDE1M2UwHhcNMjQwMTAyMDYzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2RmYTEzNDEwYjY2MjI0NmYwNjE0ZmIwYTI0MWY3ZDg4NDY0ZDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5t1AKJRJ9Ey+f7LTTnYGIqvWrLkw
+mw4ycuLIlzyaNMzXp1YO+3PIYc+Kcr1jNKdCOC8U9kNthcjnP32ZtuRA6ue7KaI
zkkpdSliiP44z/z4JyFu22hFRpGYnwxuDOz/7DYCYc4lPVNmQF4YieEQiUUUlPWJ
mI0nMtNIk6NmxMan7wejnMB8SzR3h/axhVYRAeqB3EdOgmG0dZqESR8+AKOFScT/
Qj7TjGsCEomlbbClyWkPb/S7nbwa0nw6Xlbx/Vcs+TEW4FwcL5Cp0VABlqzMv5ew
xn4+hgrikfr7w2WgUOj+Xk6QzPA0CL28Kq03uljN6pdBPozOoxhHayj+jwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDzfoTQQtmIkbwYU+wokH32IRk2SMB8GA1UdIwQY
MBaAFMdVcCRndw7WmzZ7d7vmQLxttBU+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYt
MWQzNzM0OTk5MjRlLzEvUE4taE5CQzJZaVJ2QmhUN0NpUWZmWWhHVFpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yNDNmOTEtODc0Ny00OTgxLTljYmYtMWQzNzM0OTk5MjRl
LzEveDFWd0pHZDNEdGFiTm50M3UtWkF2RzIwRlQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVP6GAwQA
VP6IMA0GCSqGSIb3DQEBCwUAA4IBAQAtIqLWo6fnO/Ju08pW7UrOa3u3c4TkfeHI
ZsGO5jS2WTZ9Vu/3bQd8chK+52ZJe3yv/WLsbebXLJdQ6/1771+kq5ucY3KCo42z
Qgzm8P2HuiYBX0VJ32AlrbbYf0LmJKDdI7QqKVp09DbDUYOncmW7Aewy4P1x+nhB
SCjo0wTAE2OjCPe3smnaF0SfvKWJZpbdTiTd3dkEqf8rC9SAF7xXP4TpI7En67Ac
UJUx9NedlwTZpCwy0+ac1jhCTavA2y5yjuFrBrF8Pj/1MkUv8d3dlQKtsBpE2eoe
/K9p/8xWpYV9nXCDclIyffqIZ+8lu8maXKxTRZsYAkfJFwcjVdg/
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:03 2025 by rpki-client