Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/Hyf2QSODUhF5brvT5vUSCmjGSR8.roa
File: Hyf2QSODUhF5brvT5vUSCmjGSR8.roa (raw, json)
Hash identifier: Xhg6QxPijm2cZXAYOs5tnvTJhy/Kx5NSIe2wlWks8QY=
Subject key identifier: 1F:27:F6:41:23:83:52:11:79:6E:BB:D3:E6:F5:12:0A:68:C6:49:1F
Certificate issuer: /CN=21a00080cd2cb1bb073903b32b25ad660a366486
Certificate serial: 018D188E3E385041D309AB7C5C2339D8B19F
Authority key identifier: 21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/Hyf2QSODUhF5brvT5vUSCmjGSR8.roa
Signing time: Wed 17 Jan 2024 17:53:11 +0000
ROA not before: Wed 17 Jan 2024 17:53:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51167
IP address blocks: 91.239.43.0/24 maxlen: 24
195.191.65.0/24 maxlen: 24
213.109.76.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 21 Aug 2024 15:45:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:8e:3e:38:50:41:d3:09:ab:7c:5c:23:39:d8:b1:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21a00080cd2cb1bb073903b32b25ad660a366486
Validity
Not Before: Jan 17 17:53:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f27f64123835211796ebbd3e6f5120a68c6491f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:fd:84:a7:29:8e:4a:86:70:c6:43:90:8f:7b:
b8:3d:dc:f8:cb:fa:fc:99:5b:00:c8:13:b1:1f:f9:
38:15:bd:ec:e7:98:d5:ea:ef:d4:4c:76:ef:5d:e9:
37:4b:78:86:6b:0c:da:85:c4:e3:8f:70:45:4b:fc:
a9:be:cd:d2:17:b2:be:76:c0:3c:0b:62:87:dc:79:
74:8c:6f:39:6c:41:1b:4a:9e:da:58:cf:40:b0:4a:
44:3d:c9:2f:c7:1a:81:25:a3:17:ee:b0:0b:c6:e2:
18:c9:05:81:33:e9:7f:7e:41:15:fd:dc:16:1a:b0:
4f:eb:8b:8d:8d:8e:43:7f:e1:fd:50:4b:f1:61:4e:
09:b0:43:0d:cd:62:ae:24:88:ae:d3:05:23:e1:43:
4b:5a:04:57:f4:0a:5e:3c:62:a3:b5:c1:6a:2d:12:
ef:4a:07:34:9a:43:7b:6e:cd:df:a1:5a:7d:bf:f0:
ee:17:2a:9f:d1:85:09:da:f6:24:71:6d:7f:ba:5f:
58:8e:83:c8:95:e2:82:36:2e:90:7b:e9:94:b6:d2:
c7:7e:8d:25:ee:97:b7:df:dd:7f:eb:a5:31:f4:f3:
88:7c:b5:66:c6:6b:f2:e7:c6:90:27:24:5f:80:96:
f0:16:9e:41:ce:84:34:38:67:d2:50:26:ed:29:28:
01:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:27:F6:41:23:83:52:11:79:6E:BB:D3:E6:F5:12:0A:68:C6:49:1F
X509v3 Authority Key Identifier:
keyid:21:A0:00:80:CD:2C:B1:BB:07:39:03:B3:2B:25:AD:66:0A:36:64:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/Hyf2QSODUhF5brvT5vUSCmjGSR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6c3d9f-8a4f-4a6c-8579-e92ece4d3cb3/1/IaAAgM0ssbsHOQOzKyWtZgo2ZIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.43.0/24
195.191.65.0/24
213.109.76.0/23
Signature Algorithm: sha256WithRSAEncryption
7a:e8:92:ae:a4:df:68:4e:80:61:bd:0b:53:4c:9f:c8:55:9e:
58:a4:97:5b:88:5d:85:35:f6:62:fb:6f:14:29:91:cb:62:66:
0d:df:00:37:74:13:df:52:22:67:7f:b0:c1:89:0a:76:a6:14:
48:04:d0:f0:2d:7d:31:2f:dd:6a:91:33:2a:88:45:4a:5a:76:
cb:a3:45:a0:84:6e:3a:7a:7f:b8:67:13:1d:4d:3b:ee:74:2e:
1c:bd:e3:aa:42:d1:a4:f0:d0:ca:47:c4:50:9c:71:25:66:83:
bb:d8:21:0f:5c:b6:cd:9d:3c:7c:57:ce:e7:03:a4:84:38:24:
a6:d2:d3:f6:18:dd:25:b0:7c:a5:95:8c:91:6c:8d:d3:ba:a2:
32:75:b9:22:bb:01:2e:6b:03:b0:3f:65:56:a1:c8:bb:e2:e9:
55:44:bc:8f:cf:33:01:3b:36:ae:bd:ae:03:a5:66:c9:2e:f3:
d8:26:f7:c4:ff:f9:75:3a:b6:ae:a0:85:4f:8b:b0:c3:06:7b:
bc:51:fc:76:d2:40:fd:df:0f:6d:e3:f6:9c:dc:51:6e:d9:3e:
37:5d:9f:f7:93:2a:c6:80:84:f3:bd:54:f4:85:83:f5:df:65:
ec:11:75:0a:5e:7e:20:2a:b5:83:cf:e9:16:44:99:95:a5:3e:
cb:db:9e:99
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY0Yjj44UEHTCat8XCM52LGfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYTAwMDgwY2QyY2IxYmIwNzM5MDNiMzJiMjVhZDY2MGEz
NjY0ODYwHhcNMjQwMTE3MTc1MzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjI3ZjY0MTIzODM1MjExNzk2ZWJiZDNlNmY1MTIwYTY4YzY0OTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/2EpymOSoZwxkOQj3u4Pdz4y/r8
mVsAyBOxH/k4Fb3s55jV6u/UTHbvXek3S3iGawzahcTjj3BFS/ypvs3SF7K+dsA8
C2KH3Hl0jG85bEEbSp7aWM9AsEpEPckvxxqBJaMX7rALxuIYyQWBM+l/fkEV/dwW
GrBP64uNjY5Df+H9UEvxYU4JsEMNzWKuJIiu0wUj4UNLWgRX9ApePGKjtcFqLRLv
Sgc0mkN7bs3foVp9v/DuFyqf0YUJ2vYkcW1/ul9YjoPIleKCNi6Qe+mUttLHfo0l
7pe3391/66Ux9POIfLVmxmvy58aQJyRfgJbwFp5BzoQ0OGfSUCbtKSgBgQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFB8n9kEjg1IReW670+b1EgpoxkkfMB8GA1UdIwQY
MBaAFCGgAIDNLLG7BzkDsyslrWYKNmSGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1Nzkt
ZTkyZWNlNGQzY2IzLzEvSHlmMlFTT0RVaEY1YnJ2VDV2VVNDbWpHU1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82YzNkOWYtOGE0Zi00YTZjLTg1NzktZTkyZWNlNGQzY2Iz
LzEvSWFBQWdNMHNzYnNIT1FPekt5V3RaZ28yWklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW+8rAwQA
w79BAwQB1W1MMA0GCSqGSIb3DQEBCwUAA4IBAQB66JKupN9oToBhvQtTTJ/IVZ5Y
pJdbiF2FNfZi+28UKZHLYmYN3wA3dBPfUiJnf7DBiQp2phRIBNDwLX0xL91qkTMq
iEVKWnbLo0WghG46en+4ZxMdTTvudC4cveOqQtGk8NDKR8RQnHElZoO72CEPXLbN
nTx8V87nA6SEOCSm0tP2GN0lsHyllYyRbI3TuqIydbkiuwEuawOwP2VWoci74ulV
RLyPzzMBOzauva4DpWbJLvPYJvfE//l1OrauoIVPi7DDBnu8Ufx20kD93w9t4/ac
3FFu2T43XZ/3kyrGgITzvVT0hYP132XsEXUKXn4gKrWDz+kWRJmVpT7L256Z
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:50:02 2025 by rpki-client