Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5Hcp-w89vLhPm5Xl3OHpDEyZQeg.roa
File: 5Hcp-w89vLhPm5Xl3OHpDEyZQeg.roa (raw, json)
Hash identifier: /2X3bGuQLOy7Bl5ARpeq1wrJcGLgxmLnABXxrGm1ke0=
Subject key identifier: E4:77:29:FB:0F:3D:BC:B8:4F:9B:95:E5:DC:E1:E9:0C:4C:99:41:E8
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01914701B5A15D11D642B7FB9D81CA64A0BD
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5Hcp-w89vLhPm5Xl3OHpDEyZQeg.roa
Signing time: Mon 12 Aug 2024 14:32:59 +0000
ROA not before: Mon 12 Aug 2024 14:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5483
IP address blocks: 192.71.211.0/24 maxlen: 24
194.71.130.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:47:01:b5:a1:5d:11:d6:42:b7:fb:9d:81:ca:64:a0:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Aug 12 14:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e47729fb0f3dbcb84f9b95e5dce1e90c4c9941e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:d9:59:c5:27:6d:9a:f3:37:4a:8d:b9:a2:c9:
3c:b7:64:cb:21:0a:c5:08:73:36:b7:61:a5:f0:b6:
2a:fa:61:e0:c8:51:fd:b5:e4:cc:5f:21:26:a8:ab:
75:f7:57:11:d9:91:fc:33:32:db:4e:44:b3:87:02:
85:9e:70:2a:cf:dc:aa:e1:cc:c2:aa:d5:b7:7c:12:
d5:9e:b4:ef:f3:17:e3:a4:25:b1:86:93:cd:f3:7f:
bb:45:f5:6d:06:51:52:e0:73:2a:34:1e:fa:3e:e4:
9e:18:54:40:88:12:db:dc:2e:ee:22:2c:53:14:a9:
f9:c8:44:b6:5a:f7:0e:7a:80:20:f4:fb:3c:80:12:
9e:95:a8:f8:43:30:79:87:60:07:ae:57:23:df:c0:
86:26:bc:ab:ed:01:ba:a4:f8:3c:a9:76:8b:61:65:
c5:b4:42:2c:3c:7e:28:ef:a9:94:f9:25:4e:36:45:
7e:4c:f3:16:26:d1:d7:44:dd:e8:d4:53:ba:62:39:
60:14:6d:8f:15:45:4c:3d:eb:e6:28:70:8f:7d:6e:
0a:95:7b:d2:5d:8e:2b:9f:a3:7c:66:fe:6f:54:0f:
cc:40:4c:24:11:b8:5f:91:22:ff:42:70:d5:39:a6:
1b:a2:15:21:7a:6b:81:f6:df:3b:75:fc:59:2b:cd:
93:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:77:29:FB:0F:3D:BC:B8:4F:9B:95:E5:DC:E1:E9:0C:4C:99:41:E8
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/5Hcp-w89vLhPm5Xl3OHpDEyZQeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.71.211.0/24
194.71.130.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:80:69:f3:be:1f:b3:15:81:0d:1d:35:5d:6d:ce:e8:c1:b6:
0c:91:85:73:73:bc:35:bf:f9:13:a0:99:27:ed:c3:f0:54:8f:
02:c2:54:9c:05:40:e8:d3:e5:72:4a:e4:23:7b:75:b8:63:fb:
92:77:e0:7c:94:59:ef:e4:43:17:e5:7e:6d:ad:67:23:93:ba:
b2:5f:b8:ba:39:ab:a3:f8:44:b0:e8:df:70:31:1a:c0:07:37:
72:2b:06:fc:b9:19:17:53:46:e7:a2:71:a9:d2:5a:cd:68:c1:
ef:af:25:84:ef:ac:43:75:e3:10:fe:40:3b:f3:d7:8b:f9:95:
73:46:de:e1:aa:86:0e:46:2b:d2:dd:96:e9:a5:2c:8d:6a:0b:
1b:64:29:b1:8a:4a:6c:b1:7b:04:ae:a5:d7:60:28:8e:6e:83:
ed:68:f3:46:c1:f4:5d:ec:17:2d:7a:90:c5:0e:68:66:e5:15:
da:17:4d:2e:69:0b:4e:8c:a5:fa:82:1e:d0:89:36:21:ce:c1:
42:5b:65:72:7f:3b:20:a2:9f:7e:bf:b5:9e:ec:1d:ed:cd:49:
1b:01:80:97:ae:ca:7d:27:83:8b:67:c3:bf:79:a3:85:21:66:
98:27:e8:44:da:17:5f:9a:cd:99:8e:9d:d1:bc:d5:12:a5:59:
c0:f8:18:45
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFHAbWhXRHWQrf7nYHKZKC9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwODEyMTQzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDc3MjlmYjBmM2RiY2I4NGY5Yjk1ZTVkY2UxZTkwYzRjOTk0MWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAydlZxSdtmvM3So25osk8t2TLIQrF
CHM2t2Gl8LYq+mHgyFH9teTMXyEmqKt191cR2ZH8MzLbTkSzhwKFnnAqz9yq4czC
qtW3fBLVnrTv8xfjpCWxhpPN83+7RfVtBlFS4HMqNB76PuSeGFRAiBLb3C7uIixT
FKn5yES2WvcOeoAg9Ps8gBKelaj4QzB5h2AHrlcj38CGJryr7QG6pPg8qXaLYWXF
tEIsPH4o76mU+SVONkV+TPMWJtHXRN3o1FO6YjlgFG2PFUVMPevmKHCPfW4KlXvS
XY4rn6N8Zv5vVA/MQEwkEbhfkSL/QnDVOaYbohUhemuB9t87dfxZK82T2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOR3KfsPPby4T5uV5dzh6QxMmUHoMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvNUhjcC13ODl2TGhQbTVYbDNPSHBERXlaUWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwEfTAwQA
wkeCMA0GCSqGSIb3DQEBCwUAA4IBAQDKgGnzvh+zFYENHTVdbc7owbYMkYVzc7w1
v/kToJkn7cPwVI8CwlScBUDo0+VySuQje3W4Y/uSd+B8lFnv5EMX5X5trWcjk7qy
X7i6Oauj+ESw6N9wMRrABzdyKwb8uRkXU0bnonGp0lrNaMHvryWE76xDdeMQ/kA7
89eL+ZVzRt7hqoYORivS3ZbppSyNagsbZCmxikpssXsErqXXYCiOboPtaPNGwfRd
7BctepDFDmhm5RXaF00uaQtOjKX6gh7QiTYhzsFCW2Vyfzsgop9+v7We7B3tzUkb
AYCXrsp9J4OLZ8O/eaOFIWaYJ+hE2hdfms2Zjp3RvNUSpVnA+BhF
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:17:13 2025 by rpki-client