Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/HhaaybdTvqtDFDMptefGa27M_2o.roa
File: HhaaybdTvqtDFDMptefGa27M_2o.roa (raw, json)
Hash identifier: IkkqElQ17ghUG0bqoG6xaxqsmoRmc68WwuYvemQd/lY=
Subject key identifier: 1E:16:9A:C9:B7:53:BE:AB:43:14:33:29:B5:E7:C6:6B:6E:CC:FF:6A
Certificate issuer: /CN=e5805c5fe3450287dcde6ade0d9c9558ba615e32
Certificate serial: 01914FC77D6FEAC123CFC8E46AC006F69BB1
Authority key identifier: E5:80:5C:5F:E3:45:02:87:DC:DE:6A:DE:0D:9C:95:58:BA:61:5E:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/HhaaybdTvqtDFDMptefGa27M_2o.roa
Signing time: Wed 14 Aug 2024 07:25:59 +0000
ROA not before: Wed 14 Aug 2024 07:25:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48817
IP address blocks: 185.139.248.0/22 maxlen: 22
193.22.15.0/24 maxlen: 24
2a10:db40::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:49:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4f:c7:7d:6f:ea:c1:23:cf:c8:e4:6a:c0:06:f6:9b:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5805c5fe3450287dcde6ade0d9c9558ba615e32
Validity
Not Before: Aug 14 07:25:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1e169ac9b753beab43143329b5e7c66b6eccff6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:11:d4:24:58:9a:e1:6c:cf:16:51:ea:a5:b4:
8a:92:55:03:09:a8:7a:df:96:64:ad:bf:66:2d:22:
29:7e:9b:af:ed:85:d8:3a:7c:45:65:9a:b6:70:fa:
df:f7:9e:cd:89:9f:f3:cf:27:81:f2:4d:7b:58:80:
ae:4a:ac:f5:58:17:59:39:02:73:96:0e:f1:8b:cd:
cb:9d:7a:d0:9c:14:26:e7:d4:46:ec:96:cb:a7:3b:
f2:b3:24:00:d9:eb:9d:ee:9a:42:0c:0a:47:44:13:
63:08:52:dc:38:f4:79:a5:57:e9:36:d1:51:5f:35:
8d:fe:39:09:bf:e0:fe:80:82:c3:ee:77:3c:fa:16:
95:e7:8a:ff:72:3e:73:d3:ae:56:38:08:ef:2f:86:
ff:5a:a3:68:41:d2:6a:bc:95:0c:8b:43:82:87:33:
25:a2:59:dd:3b:23:fd:3e:e3:75:04:7f:9a:d8:f1:
5f:48:c5:e1:50:50:0e:89:d0:d6:a9:26:a6:44:69:
e6:03:7a:7e:10:2d:40:87:b3:0f:6b:a1:7d:84:36:
b3:c9:1d:b0:8f:6e:d7:99:52:50:b4:a6:05:5e:b6:
a3:95:b1:74:0f:81:08:39:2d:22:e6:2a:0d:14:2f:
7d:3d:f4:ae:62:ee:37:8c:9d:5a:7d:d0:e1:7d:70:
4d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:16:9A:C9:B7:53:BE:AB:43:14:33:29:B5:E7:C6:6B:6E:CC:FF:6A
X509v3 Authority Key Identifier:
keyid:E5:80:5C:5F:E3:45:02:87:DC:DE:6A:DE:0D:9C:95:58:BA:61:5E:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5YBcX-NFAofc3mreDZyVWLphXjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/HhaaybdTvqtDFDMptefGa27M_2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b4dc3c-ecab-436d-ac52-595307f47110/1/5YBcX-NFAofc3mreDZyVWLphXjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.248.0/22
193.22.15.0/24
IPv6:
2a10:db40::/29
Signature Algorithm: sha256WithRSAEncryption
40:cc:28:01:75:e2:ad:cf:04:5c:b0:b9:aa:81:60:8e:9f:df:
4e:f0:34:59:90:92:68:29:5b:b8:19:08:0b:e3:99:eb:2d:e3:
5c:f1:48:c8:e4:bb:05:83:78:59:3a:f3:18:cd:d6:53:50:93:
72:be:9b:c3:6a:c7:b2:2c:0e:d3:26:03:e7:a0:b7:f3:3d:7a:
da:94:d1:6f:96:d4:89:0f:e3:75:fe:7d:49:de:39:79:5d:05:
e9:b7:2d:13:64:63:27:c4:02:47:d4:e1:ec:a8:7a:e3:7e:04:
46:63:bc:f0:be:90:62:ce:1a:8b:40:ec:b5:ad:88:5b:84:64:
42:65:89:96:f5:16:d4:03:b9:8a:1a:68:9f:de:44:99:c1:d8:
d4:b0:3c:44:9f:c8:21:2f:d1:bd:f5:17:b5:d2:34:b2:bf:1b:
70:8e:95:90:5c:61:c9:c9:24:e0:e1:50:37:05:80:0e:0b:37:
27:dd:ac:5a:d9:b7:0d:dd:60:33:8e:42:d8:06:e4:1a:33:33:
b1:e8:87:d4:af:54:a8:bb:5b:19:df:62:94:da:e6:78:9a:4b:
e7:96:a1:bd:78:8e:f9:9c:88:eb:61:0c:ef:5f:25:e2:9a:d3:
f7:74:08:a2:14:43:25:08:b8:05:42:cb:33:14:de:ca:98:8c:
25:37:e6:3e
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFPx31v6sEjz8jkasAG9puxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ODA1YzVmZTM0NTAyODdkY2RlNmFkZTBkOWM5NTU4YmE2
MTVlMzIwHhcNMjQwODE0MDcyNTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTE2OWFjOWI3NTNiZWFiNDMxNDMzMjliNWU3YzY2YjZlY2NmZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBHUJFia4WzPFlHqpbSKklUDCah6
35Zkrb9mLSIpfpuv7YXYOnxFZZq2cPrf957NiZ/zzyeB8k17WICuSqz1WBdZOQJz
lg7xi83LnXrQnBQm59RG7JbLpzvysyQA2eud7ppCDApHRBNjCFLcOPR5pVfpNtFR
XzWN/jkJv+D+gILD7nc8+haV54r/cj5z065WOAjvL4b/WqNoQdJqvJUMi0OChzMl
olndOyP9PuN1BH+a2PFfSMXhUFAOidDWqSamRGnmA3p+EC1Ah7MPa6F9hDazyR2w
j27XmVJQtKYFXrajlbF0D4EIOS0i5ioNFC99PfSuYu43jJ1afdDhfXBNZwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFB4Wmsm3U76rQxQzKbXnxmtuzP9qMB8GA1UdIwQY
MBaAFOWAXF/jRQKH3N5q3g2clVi6YV4yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNVlCY1gtTkZBb2ZjM21yZURaeVZXTHBoWGpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iNGRjM2MtZWNhYi00MzZkLWFjNTIt
NTk1MzA3ZjQ3MTEwLzEvSGhhYXliZFR2cXRERkRNcHRlZkdhMjdNXzJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iNGRjM2MtZWNhYi00MzZkLWFjNTItNTk1MzA3ZjQ3MTEw
LzEvNVlCY1gtTkZBb2ZjM21yZURaeVZXTHBoWGpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuYv4AwQA
wRYPMA0EAgACMAcDBQMqENtAMA0GCSqGSIb3DQEBCwUAA4IBAQBAzCgBdeKtzwRc
sLmqgWCOn99O8DRZkJJoKVu4GQgL45nrLeNc8UjI5LsFg3hZOvMYzdZTUJNyvpvD
aseyLA7TJgPnoLfzPXralNFvltSJD+N1/n1J3jl5XQXpty0TZGMnxAJH1OHsqHrj
fgRGY7zwvpBizhqLQOy1rYhbhGRCZYmW9RbUA7mKGmif3kSZwdjUsDxEn8ghL9G9
9Re10jSyvxtwjpWQXGHJySTg4VA3BYAOCzcn3axa2bcN3WAzjkLYBuQaMzOx6IfU
r1Sou1sZ32KU2uZ4mkvnlqG9eI75nIjrYQzvXyXimtP3dAiiFEMlCLgFQsszFN7K
mIwlN+Y+
-----END CERTIFICATE-----
Generated at Tue Apr 8 05:52:40 2025 by rpki-client