Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/hQ3tW3NFIlK2NwBB9-mz4xV81_c.roa
File: hQ3tW3NFIlK2NwBB9-mz4xV81_c.roa (raw, json)
Hash identifier: VSg+BMeMXKwI4gGAmxHnfag7A3IoTPQFB4OQDLbkTps=
Subject key identifier: 85:0D:ED:5B:73:45:22:52:B6:37:00:41:F7:E9:B3:E3:15:7C:D7:F7
Certificate issuer: /CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Certificate serial: 01936D36FD0076DCB6B62500B698A8544A12
Authority key identifier: 8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/hQ3tW3NFIlK2NwBB9-mz4xV81_c.roa
Signing time: Wed 27 Nov 2024 10:42:20 +0000
ROA not before: Wed 27 Nov 2024 10:42:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 91.208.28.0/24 maxlen: 24
193.105.47.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:36:fd:00:76:dc:b6:b6:25:00:b6:98:a8:54:4a:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ab3e965c8747e2fa5ddd12857673f06042efa43
Validity
Not Before: Nov 27 10:42:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=850ded5b73452252b6370041f7e9b3e3157cd7f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:a3:20:c0:4a:b1:69:1b:4f:cb:e9:a2:8d:00:
b2:1d:2d:5d:f4:9d:5a:60:39:e6:51:09:fe:0a:76:
d7:65:21:7c:12:85:2d:c3:f2:bc:1a:90:4d:fb:ac:
a0:8d:9a:3e:b2:06:b1:9f:8f:43:f6:cb:59:04:11:
af:b3:31:94:6a:18:cd:fa:9c:d9:e0:64:76:1d:c9:
fb:50:ac:90:3f:ef:37:2f:ae:88:d3:6e:1a:ea:c7:
7c:87:a3:02:a1:d0:01:56:8b:a2:f6:56:74:c6:e9:
0b:dc:0b:80:64:3d:41:4d:5f:32:76:30:5b:35:e2:
69:44:39:47:b5:46:99:0a:83:56:e5:9b:68:e8:e6:
91:e1:76:b1:c9:ab:4f:33:20:80:d3:e6:d0:c1:1c:
f7:ec:4a:52:26:34:09:f1:f6:4c:26:57:a8:0d:97:
01:3c:19:83:82:f1:af:53:92:cc:54:b6:eb:01:aa:
63:e7:7f:a8:e2:96:5e:84:8b:cc:4a:b8:a3:f3:bf:
1b:68:f7:4f:fc:ce:ef:02:50:85:f7:d8:43:2f:82:
92:86:fc:75:ea:39:e5:2e:24:7e:35:cd:83:e7:e7:
23:fc:70:df:1f:ef:ce:73:d2:9c:66:a5:d0:90:b6:
f5:c4:32:e6:77:85:1c:9e:09:d4:8c:b5:4f:0c:44:
01:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:0D:ED:5B:73:45:22:52:B6:37:00:41:F7:E9:B3:E3:15:7C:D7:F7
X509v3 Authority Key Identifier:
keyid:8A:B3:E9:65:C8:74:7E:2F:A5:DD:D1:28:57:67:3F:06:04:2E:FA:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/irPpZch0fi-l3dEoV2c_BgQu-kM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/hQ3tW3NFIlK2NwBB9-mz4xV81_c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/251360-c5c5-4a40-af72-04427a99f1c5/1/irPpZch0fi-l3dEoV2c_BgQu-kM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.28.0/24
193.105.47.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:7e:4a:6e:a4:26:55:d6:26:0f:d1:3b:73:b9:9e:fa:95:aa:
9c:b5:a6:c7:61:59:99:67:f8:01:08:0c:b4:4b:ab:5a:15:c1:
03:d3:4c:fa:e3:19:ea:4b:1b:97:17:1f:75:51:4c:9a:5f:ac:
89:34:9c:b8:2a:a3:06:87:c1:0d:15:47:dd:18:5f:25:fd:1b:
69:ba:16:27:ce:d1:65:dd:37:c7:7c:de:94:38:8e:be:f2:83:
ce:85:82:e0:1d:30:29:ce:d4:6a:dc:ee:21:57:ba:76:8b:41:
df:fa:f2:7c:2a:1d:33:33:83:04:ff:7a:2e:f8:a7:3d:5f:72:
67:9a:99:21:7e:94:02:0b:a6:8d:ad:e2:ed:4b:6a:dc:5c:54:
cc:9a:86:91:e7:d4:55:a8:a7:67:54:4b:e0:75:7c:21:4e:05:
5f:b5:3e:ad:64:19:02:34:93:fa:df:ab:92:b3:a7:ad:bc:4a:
1a:51:04:20:d6:ef:78:33:b1:8f:33:b8:c0:4f:cd:55:55:53:
6e:56:22:30:e8:a3:93:78:c8:51:ae:da:ff:26:23:91:fc:47:
c3:61:94:e7:b2:90:96:e8:ab:91:53:c6:08:68:e4:1f:9d:b3:
39:57:5f:bd:9a:ba:a2:70:f7:f6:41:16:96:99:11:f1:00:de:
f7:96:10:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZNtNv0Adty2tiUAtpioVEoSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYjNlOTY1Yzg3NDdlMmZhNWRkZDEyODU3NjczZjA2MDQy
ZWZhNDMwHhcNMjQxMTI3MTA0MjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTBkZWQ1YjczNDUyMjUyYjYzNzAwNDFmN2U5YjNlMzE1N2NkN2Y3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4KMgwEqxaRtPy+mijQCyHS1d9J1a
YDnmUQn+CnbXZSF8EoUtw/K8GpBN+6ygjZo+sgaxn49D9stZBBGvszGUahjN+pzZ
4GR2Hcn7UKyQP+83L66I024a6sd8h6MCodABVoui9lZ0xukL3AuAZD1BTV8ydjBb
NeJpRDlHtUaZCoNW5Zto6OaR4XaxyatPMyCA0+bQwRz37EpSJjQJ8fZMJleoDZcB
PBmDgvGvU5LMVLbrAapj53+o4pZehIvMSrij878baPdP/M7vAlCF99hDL4KShvx1
6jnlLiR+Nc2D5+cj/HDfH+/Oc9KcZqXQkLb1xDLmd4UcngnUjLVPDEQBDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIUN7VtzRSJStjcAQffps+MVfNf3MB8GA1UdIwQY
MBaAFIqz6WXIdH4vpd3RKFdnPwYELvpDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzIt
MDQ0MjdhOTlmMWM1LzEvaFEzdFczTkZJbEsyTndCQjktbXo0eFY4MV9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy8yNTEzNjAtYzVjNS00YTQwLWFmNzItMDQ0MjdhOTlmMWM1
LzEvaXJQcFpjaDBmaS1sM2RFb1YyY19CZ1F1LWtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9AcAwQA
wWkvMA0GCSqGSIb3DQEBCwUAA4IBAQDOfkpupCZV1iYP0TtzuZ76laqctabHYVmZ
Z/gBCAy0S6taFcED00z64xnqSxuXFx91UUyaX6yJNJy4KqMGh8ENFUfdGF8l/Rtp
uhYnztFl3TfHfN6UOI6+8oPOhYLgHTApztRq3O4hV7p2i0Hf+vJ8Kh0zM4ME/3ou
+Kc9X3JnmpkhfpQCC6aNreLtS2rcXFTMmoaR59RVqKdnVEvgdXwhTgVftT6tZBkC
NJP636uSs6etvEoaUQQg1u94M7GPM7jAT81VVVNuViIw6KOTeMhRrtr/JiOR/EfD
YZTnspCW6KuRU8YIaOQfnbM5V1+9mrqicPf2QRaWmRHxAN73lhCb
-----END CERTIFICATE-----
Generated at Sat Apr 12 12:59:15 2025 by rpki-client