Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/HVfZ_wgTxfktRVRxaLj1HN2QNRg.roa
File: HVfZ_wgTxfktRVRxaLj1HN2QNRg.roa (raw, json)
Hash identifier: BQ2mIdZJosE8hTG82j2C0QmKSnSsERGY6xybu+tsR+w=
Subject key identifier: 1D:57:D9:FF:08:13:C5:F9:2D:45:54:71:68:B8:F5:1C:DD:90:35:18
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 019408A0208BB6ADEDB5ED7EDBC5A54BFCDA
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/HVfZ_wgTxfktRVRxaLj1HN2QNRg.roa
Signing time: Fri 27 Dec 2024 14:58:19 +0000
ROA not before: Fri 27 Dec 2024 14:58:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211194
IP address blocks: 128.0.116.0/24 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:49:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:a0:20:8b:b6:ad:ed:b5:ed:7e:db:c5:a5:4b:fc:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Dec 27 14:58:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d57d9ff0813c5f92d45547168b8f51cdd903518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:8a:e1:5a:2a:c4:bc:30:8c:cc:3e:e2:2e:b5:
8f:ac:7a:59:aa:46:04:51:1f:a2:4b:9d:62:51:3d:
d4:d5:b6:9e:23:44:15:23:9e:b0:47:62:4e:e1:6e:
86:2e:24:0d:70:b9:c8:93:13:44:2a:5a:d0:ca:f9:
1c:e5:84:2c:aa:53:ae:81:24:08:3d:bc:ee:e8:0e:
14:2a:d9:a8:80:fa:33:92:e4:a5:d9:e5:d5:d2:0d:
ca:45:96:df:9e:e0:ae:d2:35:a2:fd:ce:58:40:3e:
45:5c:c5:fe:be:aa:32:2e:26:38:e6:7c:00:c7:32:
5b:85:d3:d0:26:3f:8f:32:66:5e:97:3d:8d:4c:c2:
cf:4f:ec:e6:7c:d8:c5:c9:63:41:84:79:cf:3a:02:
95:19:de:c3:ac:a3:e0:a8:48:bb:f9:74:3f:39:3a:
e0:2e:86:90:e1:ba:2e:fa:03:48:9c:25:a6:00:70:
5b:39:86:e5:03:87:eb:f9:b9:31:25:20:85:c5:5f:
70:91:4d:4c:05:62:db:71:28:24:a4:f8:2e:3d:19:
b0:7a:7c:77:75:97:72:d8:39:79:0f:9f:fe:1a:66:
c3:c6:71:88:fc:3a:a2:e9:94:0b:27:77:a3:86:2e:
de:90:ba:47:c8:92:ab:50:fb:87:f7:1a:87:a6:c1:
e5:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:57:D9:FF:08:13:C5:F9:2D:45:54:71:68:B8:F5:1C:DD:90:35:18
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/HVfZ_wgTxfktRVRxaLj1HN2QNRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.0.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:61:0a:82:da:e4:ea:18:aa:5f:4a:39:cb:c9:f1:60:7e:89:
44:c0:f8:27:f7:f5:04:06:c6:ff:37:53:58:82:d0:8b:ef:a7:
a4:dd:53:cb:54:a2:a0:9e:42:d4:ad:d5:e6:b4:1b:d4:ee:b8:
0e:2a:95:11:c3:af:1c:58:18:9a:00:c9:af:18:81:b9:24:f5:
14:38:8c:a9:ba:48:9c:0b:37:b7:d3:a1:b5:ce:ed:c4:a0:0c:
32:b0:32:88:08:c7:64:52:51:d6:7d:4c:0f:c6:ff:5d:63:ba:
99:b8:4e:7f:aa:24:5c:c4:5f:bc:22:7f:7f:d5:23:8d:6c:6e:
44:04:1d:ce:d9:ae:8e:43:f4:69:5e:d0:71:e4:8b:87:44:ac:
c4:ed:2b:25:72:cc:ec:47:a9:b8:b6:c5:2f:b4:e6:16:35:5f:
18:c7:26:db:16:f3:4b:6f:c0:99:11:8c:73:dd:8f:89:f2:c6:
ad:5b:7e:f7:74:8b:e9:e3:0a:91:69:5d:51:d5:1b:4c:87:c7:
92:9d:e3:a6:43:d6:bd:ed:20:6a:43:b5:9c:20:a3:88:2c:f5:
45:67:c5:ec:08:1b:b4:49:c4:24:b0:db:dc:f3:35:60:7b:23:
8c:be:9a:f8:11:2c:47:77:f1:f9:a7:1f:c7:9b:35:33:e2:a1:
56:6e:ab:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQIoCCLtq3tte1+28WlS/zaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQxMjI3MTQ1ODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDU3ZDlmZjA4MTNjNWY5MmQ0NTU0NzE2OGI4ZjUxY2RkOTAzNTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5orhWirEvDCMzD7iLrWPrHpZqkYE
UR+iS51iUT3U1baeI0QVI56wR2JO4W6GLiQNcLnIkxNEKlrQyvkc5YQsqlOugSQI
Pbzu6A4UKtmogPozkuSl2eXV0g3KRZbfnuCu0jWi/c5YQD5FXMX+vqoyLiY45nwA
xzJbhdPQJj+PMmZelz2NTMLPT+zmfNjFyWNBhHnPOgKVGd7DrKPgqEi7+XQ/OTrg
LoaQ4bou+gNInCWmAHBbOYblA4fr+bkxJSCFxV9wkU1MBWLbcSgkpPguPRmwenx3
dZdy2Dl5D5/+GmbDxnGI/Dqi6ZQLJ3ejhi7ekLpHyJKrUPuH9xqHpsHlUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB1X2f8IE8X5LUVUcWi49RzdkDUYMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvSFZmWl93Z1R4Zmt0UlZSeGFMajFITjJRTlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAgAB0MA0G
CSqGSIb3DQEBCwUAA4IBAQCLYQqC2uTqGKpfSjnLyfFgfolEwPgn9/UEBsb/N1NY
gtCL76ek3VPLVKKgnkLUrdXmtBvU7rgOKpURw68cWBiaAMmvGIG5JPUUOIypukic
Cze306G1zu3EoAwysDKICMdkUlHWfUwPxv9dY7qZuE5/qiRcxF+8In9/1SONbG5E
BB3O2a6OQ/RpXtBx5IuHRKzE7SslcszsR6m4tsUvtOYWNV8YxybbFvNLb8CZEYxz
3Y+J8satW373dIvp4wqRaV1R1RtMh8eSneOmQ9a97SBqQ7WcIKOILPVFZ8XsCBu0
ScQksNvc8zVgeyOMvpr4ESxHd/H5px/HmzUz4qFWbqu5
-----END CERTIFICATE-----
Generated at Thu Apr 10 06:59:36 2025 by rpki-client