Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/urHjBmM5Yy2hHrpmYv2-u6xq51Q.roa
File: urHjBmM5Yy2hHrpmYv2-u6xq51Q.roa (raw, json)
Hash identifier: bRUCyaJXoFM9/bv6n9BHxbF0mrBEy9VmCYdXKj0LjBs=
Subject key identifier: BA:B1:E3:06:63:39:63:2D:A1:1E:BA:66:62:FD:BE:BB:AC:6A:E7:54
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 018CC493698B4C07FC4B7C8AD1BA8B85BB22
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/urHjBmM5Yy2hHrpmYv2-u6xq51Q.roa
Signing time: Mon 01 Jan 2024 10:30:44 +0000
ROA not before: Mon 01 Jan 2024 10:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212496
IP address blocks: 141.98.184.0/22 maxlen: 22
2a13:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 12 Jul 2024 09:17:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:69:8b:4c:07:fc:4b:7c:8a:d1:ba:8b:85:bb:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Jan 1 10:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bab1e3066339632da11eba6662fdbebbac6ae754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:14:b4:c0:6c:d3:a8:64:d8:d7:73:de:49:e1:
58:8a:a0:d5:17:f2:5a:9e:d8:e9:85:45:e0:da:3a:
e5:3a:5b:b4:59:1c:a0:f0:30:c8:5f:37:d9:05:8a:
09:9c:cb:1b:bc:37:59:c5:f4:ef:b6:9c:ce:0f:28:
e2:84:ba:ad:fe:5c:5f:9e:25:01:fd:55:ef:bc:ac:
ba:95:70:9c:ea:d0:02:9c:ed:3c:03:e9:1a:b0:4f:
f0:6c:c5:a2:11:b9:7f:70:b7:af:1b:b2:64:61:69:
62:4d:19:9c:f3:79:61:e5:2a:86:c5:59:79:cb:5c:
47:e9:b1:5c:35:a6:ba:3f:7c:5d:d2:c3:15:60:da:
76:80:96:79:ef:8a:30:d5:77:0f:20:45:c3:0a:0c:
f8:0c:38:da:15:a3:63:15:2f:3a:4f:cb:8e:59:98:
e7:61:25:1d:c2:93:9d:60:5c:e4:9e:c2:38:d0:9a:
9b:11:de:c7:2d:6d:79:5c:67:67:d6:29:ee:d1:10:
dc:3a:41:35:dc:3e:20:65:1c:67:4b:ed:95:1c:bb:
f8:d6:99:6d:6f:5b:ad:c3:66:fb:c8:e2:c3:2c:96:
c4:e0:a5:45:76:6b:5d:ba:c5:21:cd:06:f0:9b:91:
2f:80:55:29:ac:b1:78:94:b3:94:0f:b9:09:5c:0c:
d9:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:B1:E3:06:63:39:63:2D:A1:1E:BA:66:62:FD:BE:BB:AC:6A:E7:54
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/urHjBmM5Yy2hHrpmYv2-u6xq51Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.184.0/22
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
6e:a2:4d:d6:93:b3:69:98:85:fa:aa:ad:8f:7e:89:65:10:79:
8c:f2:ab:b7:7e:e0:a7:49:46:16:2e:8b:2a:65:76:53:10:19:
c0:31:80:11:a3:6d:2f:35:8b:3c:03:89:05:fd:34:8f:59:6c:
a4:0d:ac:96:ff:3a:d7:48:82:81:62:f4:92:3e:a5:dc:be:c9:
00:d1:98:1d:e5:8f:5d:6d:3b:ec:c0:75:ab:99:70:a9:a8:12:
c6:78:d5:04:eb:94:a6:2e:59:56:1e:ae:03:77:35:74:61:20:
89:85:d7:3c:7f:26:0d:08:a3:3e:6f:af:5a:5f:66:c8:8c:39:
b1:96:be:9d:78:d6:d6:b8:24:e3:1c:31:82:b8:b0:d2:c3:60:
38:c6:c6:f5:89:49:b7:5a:8b:ed:f1:a2:9d:aa:20:f0:e6:f3:
cc:c9:48:a7:5a:f8:5c:47:fa:0d:27:ff:b6:25:a6:8b:fc:13:
bf:b6:14:ae:9f:50:aa:bf:c6:5b:f0:d7:fe:c0:4a:f1:2a:83:
ba:c9:9e:e9:5a:98:27:81:c1:99:85:b7:25:a8:e5:f3:c8:ff:
0f:da:1e:e2:e8:d4:f9:9e:22:42:1c:06:fa:98:53:c8:21:2b:
2c:06:84:77:27:31:3d:92:4f:d9:49:fc:1b:66:3d:e7:40:8f:
f3:92:a8:1b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEk2mLTAf8S3yK0bqLhbsiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjQwMTAxMTAzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWIxZTMwNjYzMzk2MzJkYTExZWJhNjY2MmZkYmViYmFjNmFlNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuBS0wGzTqGTY13PeSeFYiqDVF/Ja
ntjphUXg2jrlOlu0WRyg8DDIXzfZBYoJnMsbvDdZxfTvtpzODyjihLqt/lxfniUB
/VXvvKy6lXCc6tACnO08A+kasE/wbMWiEbl/cLevG7JkYWliTRmc83lh5SqGxVl5
y1xH6bFcNaa6P3xd0sMVYNp2gJZ574ow1XcPIEXDCgz4DDjaFaNjFS86T8uOWZjn
YSUdwpOdYFzknsI40JqbEd7HLW15XGdn1inu0RDcOkE13D4gZRxnS+2VHLv41plt
b1utw2b7yOLDLJbE4KVFdmtdusUhzQbwm5EvgFUprLF4lLOUD7kJXAzZsQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLqx4wZjOWMtoR66ZmL9vrusaudUMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvdXJIakJtTTVZeTJoSHJwbVl2Mi11NnhxNTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCjWK4MA0E
AgACMAcDBQMqE2xAMA0GCSqGSIb3DQEBCwUAA4IBAQBuok3Wk7NpmIX6qq2Pfoll
EHmM8qu3fuCnSUYWLosqZXZTEBnAMYARo20vNYs8A4kF/TSPWWykDayW/zrXSIKB
YvSSPqXcvskA0Zgd5Y9dbTvswHWrmXCpqBLGeNUE65SmLllWHq4DdzV0YSCJhdc8
fyYNCKM+b69aX2bIjDmxlr6deNbWuCTjHDGCuLDSw2A4xsb1iUm3Wovt8aKdqiDw
5vPMyUinWvhcR/oNJ/+2JaaL/BO/thSun1Cqv8Zb8Nf+wErxKoO6yZ7pWpgngcGZ
hbclqOXzyP8P2h7i6NT5niJCHAb6mFPIISssBoR3JzE9kk/ZSfwbZj3nQI/zkqgb
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:11 2025 by rpki-client