Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/HZuO2AQaxcn4xYcJEiKJlkueZTw.roa
File: HZuO2AQaxcn4xYcJEiKJlkueZTw.roa (raw, json)
Hash identifier: nfz+isR7WUF3dpqmqxyF36OVdHseYiiaXZ5rT5hkhK4=
Subject key identifier: 1D:9B:8E:D8:04:1A:C5:C9:F8:C5:87:09:12:22:89:96:4B:9E:65:3C
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 0192DD19B1F1766AD7D1CDE2D20DA2E1766E
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/HZuO2AQaxcn4xYcJEiKJlkueZTw.roa
Signing time: Wed 30 Oct 2024 11:05:01 +0000
ROA not before: Wed 30 Oct 2024 11:05:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51167
IP address blocks: 195.191.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 31 Oct 2024 09:05:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dd:19:b1:f1:76:6a:d7:d1:cd:e2:d2:0d:a2:e1:76:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Oct 30 11:05:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d9b8ed8041ac5c9f8c58709122289964b9e653c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:57:96:ed:5c:74:fb:86:47:dd:8e:54:07:85:
cd:da:0c:f1:0e:be:e2:45:33:46:56:dc:12:c6:8a:
44:af:2d:3e:df:20:9c:5c:57:87:91:be:b0:97:91:
bf:21:72:1f:25:da:1c:ec:60:c7:4b:d1:4c:f5:01:
58:fe:07:d6:d0:7f:31:cf:9a:a7:c1:56:e3:ae:21:
c2:d7:67:8e:2f:75:c4:16:ae:2f:0a:6c:bb:0e:ca:
cb:bc:6e:ae:51:1b:3f:06:e2:85:2d:eb:cb:7d:e2:
49:da:7e:58:b6:0b:82:c8:25:10:a6:64:45:ca:8d:
11:af:77:42:8e:d7:86:60:f4:02:a9:b4:86:a7:9b:
82:53:7a:eb:8d:33:7c:94:8f:2e:b1:32:01:50:15:
7f:7b:ba:81:16:85:69:14:31:25:c1:ef:31:a7:e7:
55:5c:73:ef:e0:2c:40:b3:32:c5:a4:88:c6:be:f8:
c3:7e:6f:ef:01:90:6f:1b:67:b7:0f:83:f1:ef:fc:
64:d1:54:f5:7a:6c:88:06:aa:4b:fe:08:37:19:f5:
68:6d:de:39:b9:51:02:59:3b:47:67:8a:ca:56:79:
7d:c4:3c:95:7d:60:e2:7f:b4:f1:8c:ab:87:3a:35:
58:7d:3a:76:da:00:d6:03:a8:07:f0:30:71:c1:ce:
c4:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:9B:8E:D8:04:1A:C5:C9:F8:C5:87:09:12:22:89:96:4B:9E:65:3C
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/HZuO2AQaxcn4xYcJEiKJlkueZTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.191.65.0/24
Signature Algorithm: sha256WithRSAEncryption
33:9b:8b:03:8f:d9:8e:a5:c7:6c:96:35:30:d0:dd:e5:74:eb:
3e:ad:26:79:1d:6e:ec:c1:51:3d:c7:cb:9f:4c:b2:13:bb:06:
ba:17:e8:00:7e:26:d9:77:fe:f4:58:eb:9b:74:e8:32:12:71:
9c:45:3d:63:8c:b7:a9:3e:bf:96:64:ce:27:70:35:2e:90:06:
0d:8e:df:50:11:98:a6:bb:07:41:ba:6f:86:ce:f0:8a:98:e8:
15:ec:cf:d6:30:f2:de:c5:df:71:6e:19:bb:65:21:09:73:f9:
c8:33:df:4a:e1:92:93:33:c8:16:c0:25:9e:3f:da:db:c0:f8:
77:64:99:bc:7f:aa:b9:a7:c9:08:61:c1:4e:32:c9:ee:04:6e:
26:12:0c:ba:58:c2:62:29:7f:f9:c0:c2:54:5c:4b:73:fb:c5:
69:ed:49:a4:d7:26:32:3f:08:f8:b9:8c:92:ee:3e:d0:ba:47:
7f:bd:7d:c7:15:63:b7:dd:b6:dc:a6:6b:c3:d3:a2:02:26:21:
af:7e:bc:4f:31:ab:03:55:0d:4e:e9:33:81:81:bc:56:fb:f1:
71:a1:04:f4:95:da:79:a9:c7:ef:a0:b8:68:b9:21:d4:78:53:
ef:28:14:a4:4f:3e:69:39:a1:b0:e6:b9:62:8d:b2:24:c3:b1:
1d:32:90:d3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZLdGbHxdmrX0c3i0g2i4XZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjQxMDMwMTEwNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDliOGVkODA0MWFjNWM5ZjhjNTg3MDkxMjIyODk5NjRiOWU2NTNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxFeW7Vx0+4ZH3Y5UB4XN2gzxDr7i
RTNGVtwSxopEry0+3yCcXFeHkb6wl5G/IXIfJdoc7GDHS9FM9QFY/gfW0H8xz5qn
wVbjriHC12eOL3XEFq4vCmy7DsrLvG6uURs/BuKFLevLfeJJ2n5YtguCyCUQpmRF
yo0Rr3dCjteGYPQCqbSGp5uCU3rrjTN8lI8usTIBUBV/e7qBFoVpFDElwe8xp+dV
XHPv4CxAszLFpIjGvvjDfm/vAZBvG2e3D4Px7/xk0VT1emyIBqpL/gg3GfVobd45
uVECWTtHZ4rKVnl9xDyVfWDif7TxjKuHOjVYfTp22gDWA6gH8DBxwc7EuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB2bjtgEGsXJ+MWHCRIiiZZLnmU8MB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvSFp1TzJBUWF4Y240eFljSkVpS0psa3VlWlR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw79BMA0G
CSqGSIb3DQEBCwUAA4IBAQAzm4sDj9mOpcdsljUw0N3ldOs+rSZ5HW7swVE9x8uf
TLITuwa6F+gAfibZd/70WOubdOgyEnGcRT1jjLepPr+WZM4ncDUukAYNjt9QEZim
uwdBum+GzvCKmOgV7M/WMPLexd9xbhm7ZSEJc/nIM99K4ZKTM8gWwCWeP9rbwPh3
ZJm8f6q5p8kIYcFOMsnuBG4mEgy6WMJiKX/5wMJUXEtz+8Vp7Umk1yYyPwj4uYyS
7j7Qukd/vX3HFWO33bbcpmvD06ICJiGvfrxPMasDVQ1O6TOBgbxW+/FxoQT0ldp5
qcfvoLhouSHUeFPvKBSkTz5pOaGw5rlijbIkw7EdMpDT
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:14:16 2025 by rpki-client