Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0cfe3e-729f-4418-9cf4-863daecfc2e8/1/H2paATiszQ51HsFZ8nzYi9QuFcU.roa
File: H2paATiszQ51HsFZ8nzYi9QuFcU.roa (raw, json)
Hash identifier: 61yUI7T27tjfliVKB1IGoyY3kjD5L5NLhTHjY8oBRSw=
Subject key identifier: 1F:6A:5A:01:38:AC:CD:0E:75:1E:C1:59:F2:7C:D8:8B:D4:2E:15:C5
Certificate issuer: /CN=b4fa4d081b36887f3e5ca6537f7469eee21d71ae
Certificate serial: 018CCA2A47E28E572D16B7AB1533A2D55786
Authority key identifier: B4:FA:4D:08:1B:36:88:7F:3E:5C:A6:53:7F:74:69:EE:E2:1D:71:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPpNCBs2iH8-XKZTf3Rp7uIdca4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0cfe3e-729f-4418-9cf4-863daecfc2e8/1/H2paATiszQ51HsFZ8nzYi9QuFcU.roa
Signing time: Tue 02 Jan 2024 12:33:37 +0000
ROA not before: Tue 02 Jan 2024 12:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51094
IP address blocks: 91.216.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:47:e2:8e:57:2d:16:b7:ab:15:33:a2:d5:57:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4fa4d081b36887f3e5ca6537f7469eee21d71ae
Validity
Not Before: Jan 2 12:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f6a5a0138accd0e751ec159f27cd88bd42e15c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:78:c2:e7:e9:a4:86:92:cb:3f:81:cf:b7:1e:
c4:78:fd:88:2b:5f:3c:46:e6:3e:e7:c9:d6:41:a9:
e9:d3:6e:79:5d:3a:e1:8b:f7:43:56:7d:d3:74:b5:
b0:46:aa:a3:8a:3c:ae:22:21:47:7f:e2:d3:ad:a6:
f7:94:ab:ef:d7:75:bc:cb:13:8a:92:b2:af:b8:d9:
6e:09:12:bc:22:88:02:27:3c:95:d9:26:2d:5f:0f:
26:0c:48:51:18:25:01:6a:f8:2a:83:f9:08:91:5b:
55:75:1a:99:57:68:9b:65:39:a5:b2:b5:d3:5b:4e:
6b:90:9a:55:f3:85:fd:8e:2d:06:3d:21:7e:42:94:
4b:e6:34:3a:b9:6e:30:50:15:64:49:ee:6f:fa:c7:
99:4c:7f:87:8e:b4:8a:cd:90:3c:b4:bc:a5:41:72:
fd:38:b6:b1:a8:f5:07:6c:db:5b:8f:00:62:14:61:
fe:c1:f2:e3:28:0b:3f:34:5f:b0:63:41:ff:c6:2a:
8c:42:23:59:99:56:2a:41:dd:d0:31:ad:63:28:eb:
bf:7d:73:14:f3:7e:98:08:a3:ee:73:fd:32:1a:a6:
38:be:42:c6:89:8a:42:75:5b:fa:3d:10:d1:a6:09:
63:02:14:64:ad:ad:c5:d4:e4:14:11:c8:75:37:5b:
7e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:6A:5A:01:38:AC:CD:0E:75:1E:C1:59:F2:7C:D8:8B:D4:2E:15:C5
X509v3 Authority Key Identifier:
keyid:B4:FA:4D:08:1B:36:88:7F:3E:5C:A6:53:7F:74:69:EE:E2:1D:71:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPpNCBs2iH8-XKZTf3Rp7uIdca4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0cfe3e-729f-4418-9cf4-863daecfc2e8/1/H2paATiszQ51HsFZ8nzYi9QuFcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0cfe3e-729f-4418-9cf4-863daecfc2e8/1/tPpNCBs2iH8-XKZTf3Rp7uIdca4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.144.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:e2:74:31:f1:31:2b:15:0d:fc:ba:cf:58:5f:6e:58:06:1e:
9e:91:97:d5:2c:d6:b2:e7:5d:78:fa:4b:8e:95:26:cb:e2:e8:
11:f8:3a:48:01:f6:b9:6d:50:7e:47:ba:73:b2:1b:34:a3:72:
f8:ff:8a:86:f1:4d:fc:6e:3e:0b:07:55:8d:75:4c:71:5b:7a:
a2:4f:6c:09:8e:9b:96:16:bc:bb:d1:86:f8:dd:aa:d7:bb:a6:
06:f9:ec:89:22:6c:f6:ac:8c:6b:ef:35:2c:6c:7f:ae:01:3d:
12:ed:73:e1:f7:da:b1:6c:53:77:56:a7:58:2c:e2:08:64:8c:
39:31:90:3a:f3:04:57:36:7e:88:8d:37:e0:99:db:05:6e:10:
39:b8:c0:51:e4:8e:0b:e3:9e:13:a8:b8:7a:70:06:8b:5d:90:
aa:6e:4f:4b:a5:90:26:83:7c:10:63:58:82:23:5e:18:2e:6f:
b9:e1:6b:3b:af:42:e2:32:2b:d5:51:4b:8c:9d:bc:b6:16:d8:
89:f2:29:32:79:ac:5d:81:b0:db:9a:50:78:9f:2f:5b:29:f8:
b7:da:a1:e2:5f:8b:c1:13:d2:29:cd:14:c0:e4:ab:75:41:32:
35:74:d3:8c:31:b0:85:69:f4:a1:d7:3e:7f:1c:f5:55:6e:d1:
0c:93:36:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKkfijlctFrerFTOi1VeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZmE0ZDA4MWIzNjg4N2YzZTVjYTY1MzdmNzQ2OWVlZTIx
ZDcxYWUwHhcNMjQwMTAyMTIzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjZhNWEwMTM4YWNjZDBlNzUxZWMxNTlmMjdjZDg4YmQ0MmUxNWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlHjC5+mkhpLLP4HPtx7EeP2IK188
RuY+58nWQanp0255XTrhi/dDVn3TdLWwRqqjijyuIiFHf+LTrab3lKvv13W8yxOK
krKvuNluCRK8IogCJzyV2SYtXw8mDEhRGCUBavgqg/kIkVtVdRqZV2ibZTmlsrXT
W05rkJpV84X9ji0GPSF+QpRL5jQ6uW4wUBVkSe5v+seZTH+HjrSKzZA8tLylQXL9
OLaxqPUHbNtbjwBiFGH+wfLjKAs/NF+wY0H/xiqMQiNZmVYqQd3QMa1jKOu/fXMU
836YCKPuc/0yGqY4vkLGiYpCdVv6PRDRpgljAhRkra3F1OQUEch1N1t+EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB9qWgE4rM0OdR7BWfJ82IvULhXFMB8GA1UdIwQY
MBaAFLT6TQgbNoh/PlymU390ae7iHXGuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBwTkNCczJpSDgtWEtaVGYzUnA3dUlkY2E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wY2ZlM2UtNzI5Zi00NDE4LTljZjQt
ODYzZGFlY2ZjMmU4LzEvSDJwYUFUaXN6UTUxSHNGWjhuellpOVF1RmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wY2ZlM2UtNzI5Zi00NDE4LTljZjQtODYzZGFlY2ZjMmU4
LzEvdFBwTkNCczJpSDgtWEtaVGYzUnA3dUlkY2E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9iQMA0G
CSqGSIb3DQEBCwUAA4IBAQA+4nQx8TErFQ38us9YX25YBh6ekZfVLNay5114+kuO
lSbL4ugR+DpIAfa5bVB+R7pzshs0o3L4/4qG8U38bj4LB1WNdUxxW3qiT2wJjpuW
Fry70Yb43arXu6YG+eyJImz2rIxr7zUsbH+uAT0S7XPh99qxbFN3VqdYLOIIZIw5
MZA68wRXNn6IjTfgmdsFbhA5uMBR5I4L454TqLh6cAaLXZCqbk9LpZAmg3wQY1iC
I14YLm+54Ws7r0LiMivVUUuMnby2FtiJ8ikyeaxdgbDbmlB4ny9bKfi32qHiX4vB
E9IpzRTA5Kt1QTI1dNOMMbCFafSh1z5/HPVVbtEMkza1
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:04:34 2025 by rpki-client