Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/hITF___czxbfoLQQba5vREqMEEQ.roa
File: hITF___czxbfoLQQba5vREqMEEQ.roa (raw, json)
Hash identifier: EWyQb6nPc8ld8OGsusm0Q/MEqOtLOy2ohZ5haX+3SlA=
Subject key identifier: 84:84:C5:FF:FF:DC:CF:16:DF:A0:B4:10:6D:AE:6F:44:4A:8C:10:44
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 019122B183BC4897B3759E9D4A1903BDE5A2
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/hITF___czxbfoLQQba5vREqMEEQ.roa
Signing time: Mon 05 Aug 2024 13:19:04 +0000
ROA not before: Mon 05 Aug 2024 13:19:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215300
IP address blocks: 2a00:1678:5a::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 05 Aug 2024 13:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:22:b1:83:bc:48:97:b3:75:9e:9d:4a:19:03:bd:e5:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Aug 5 13:19:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8484c5ffffdccf16dfa0b4106dae6f444a8c1044
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:89:4b:2f:91:a2:4a:81:31:ac:b1:40:ae:6a:
ce:a8:41:1c:c7:d4:f6:9d:f9:da:9c:81:a9:35:1f:
fe:25:31:5c:6f:ec:5c:51:d7:c1:36:68:8b:32:74:
aa:2b:26:b5:ef:94:9d:90:07:81:2e:be:15:54:21:
97:b3:15:f6:bd:7e:54:ee:10:50:b5:00:86:14:a1:
29:53:28:7e:25:55:ac:21:02:c9:0e:0c:58:95:8a:
bf:68:92:0e:5d:9b:54:9f:03:ac:3a:e9:3c:0f:33:
ec:36:db:6c:8a:dc:3a:1e:f0:ae:01:d4:bc:86:50:
29:35:c5:99:45:f4:a3:0f:2c:44:9c:db:36:4d:95:
29:e0:5d:36:5a:32:66:8a:31:84:8c:b7:3e:aa:45:
63:87:da:d9:12:ec:18:c3:fa:08:49:d4:e1:69:1a:
d4:f5:86:3b:c6:8e:11:b4:c1:5d:6d:9f:cf:85:fd:
9a:32:87:92:88:85:c8:97:a0:4b:6a:cb:81:ed:40:
61:8c:85:59:9b:59:33:95:3f:6d:72:c6:8f:e1:28:
90:4e:89:65:b8:1d:48:a5:f5:aa:0b:e6:66:72:13:
52:b3:9f:1a:00:ee:c5:ac:4f:61:b7:e5:e6:7d:40:
9e:38:90:2c:27:f7:23:21:ad:ec:54:1d:1c:8e:21:
c9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:84:C5:FF:FF:DC:CF:16:DF:A0:B4:10:6D:AE:6F:44:4A:8C:10:44
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/hITF___czxbfoLQQba5vREqMEEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:1678:5a::/48
Signature Algorithm: sha256WithRSAEncryption
76:fa:9f:c0:bf:24:be:06:7a:16:0e:60:7b:8a:20:d4:0b:12:
66:77:6a:13:c5:56:df:fe:b4:f6:f8:ab:31:2f:93:14:48:53:
55:e7:e1:a8:a6:98:80:0e:1f:89:93:41:29:4b:be:a3:a7:9f:
8a:0a:44:5e:e7:16:69:44:75:b2:ec:c3:ef:0e:7a:2a:4d:4d:
89:dc:e9:07:b2:0a:8a:cc:88:d6:53:e0:fe:46:1b:75:ba:4f:
49:bd:ea:a8:ef:39:a7:ef:4e:5c:4d:d0:46:d8:1e:be:1e:8a:
29:00:68:a0:ed:7f:f4:9b:d5:ef:5e:bd:15:0b:a2:40:c0:91:
34:70:91:8d:35:48:8d:c0:4b:65:13:62:83:c3:00:65:38:37:
5b:0e:30:f8:18:3d:68:cf:ed:3d:92:d3:4e:2f:ee:a7:cd:04:
39:1a:7d:01:b8:cc:5c:96:dd:4a:62:f8:c2:9c:8c:22:f9:d2:
51:68:fc:e6:7f:db:d4:b3:77:61:26:dc:50:0e:bf:cf:15:76:
d2:48:bc:52:21:fd:0e:4e:2e:94:1b:a4:1a:53:2e:c3:fc:c7:
1f:14:bc:3d:ee:77:f5:5c:75:b9:eb:29:95:37:9a:49:49:c3:
e8:2a:fa:3c:aa:03:9c:c4:9f:c5:18:97:a2:db:f0:11:3f:d3:
68:dc:83:39
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZEisYO8SJezdZ6dShkDveWiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjQwODA1MTMxOTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDg0YzVmZmZmZGNjZjE2ZGZhMGI0MTA2ZGFlNmY0NDRhOGMxMDQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjYlLL5GiSoExrLFArmrOqEEcx9T2
nfnanIGpNR/+JTFcb+xcUdfBNmiLMnSqKya175SdkAeBLr4VVCGXsxX2vX5U7hBQ
tQCGFKEpUyh+JVWsIQLJDgxYlYq/aJIOXZtUnwOsOuk8DzPsNttsitw6HvCuAdS8
hlApNcWZRfSjDyxEnNs2TZUp4F02WjJmijGEjLc+qkVjh9rZEuwYw/oISdThaRrU
9YY7xo4RtMFdbZ/Phf2aMoeSiIXIl6BLasuB7UBhjIVZm1kzlT9tcsaP4SiQToll
uB1IpfWqC+ZmchNSs58aAO7FrE9ht+XmfUCeOJAsJ/cjIa3sVB0cjiHJIQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFISExf//3M8W36C0EG2ub0RKjBBEMB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvaElURl9fX2N6eGJmb0xRUWJhNXZSRXFNRUVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgAWeABa
MA0GCSqGSIb3DQEBCwUAA4IBAQB2+p/AvyS+BnoWDmB7iiDUCxJmd2oTxVbf/rT2
+KsxL5MUSFNV5+GoppiADh+Jk0EpS76jp5+KCkRe5xZpRHWy7MPvDnoqTU2J3OkH
sgqKzIjWU+D+Rht1uk9Jveqo7zmn705cTdBG2B6+HoopAGig7X/0m9XvXr0VC6JA
wJE0cJGNNUiNwEtlE2KDwwBlODdbDjD4GD1oz+09ktNOL+6nzQQ5Gn0BuMxclt1K
YvjCnIwi+dJRaPzmf9vUs3dhJtxQDr/PFXbSSLxSIf0OTi6UG6QaUy7D/McfFLw9
7nf1XHW56ymVN5pJScPoKvo8qgOcxJ/FGJei2/ARP9No3IM5
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:25:46 2025 by rpki-client