Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HtUOJhO9T1c_e8-K9QOUP5isHFk.roa
File: HtUOJhO9T1c_e8-K9QOUP5isHFk.roa (raw, json)
Hash identifier: CJvMuhEe6ETXWCSNNN5xkwL0JwMaZ9xb5II2ok7VfXE=
Subject key identifier: 1E:D5:0E:26:13:BD:4F:57:3F:7B:CF:8A:F5:03:94:3F:98:AC:1C:59
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01942748885BDE8EBA83017E77B5FFEBBA0A
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HtUOJhO9T1c_e8-K9QOUP5isHFk.roa
Signing time: Thu 02 Jan 2025 13:50:52 +0000
ROA not before: Thu 02 Jan 2025 13:50:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396982
IP address blocks: 192.121.90.0/24 maxlen: 24
2a01:280:200::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 30 Jan 2025 13:41:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:88:5b:de:8e:ba:83:01:7e:77:b5:ff:eb:ba:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ed50e2613bd4f573f7bcf8af503943f98ac1c59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:45:fc:64:28:7f:04:81:10:84:3b:86:d3:f8:
3f:3b:06:80:5b:e3:ab:9a:eb:83:ac:37:6c:51:f2:
b1:57:b1:2b:13:b3:35:56:09:0d:96:92:47:c4:0f:
71:95:8e:9f:2f:ef:c4:40:5a:2d:94:bf:10:d2:ad:
17:db:00:89:58:db:c4:04:71:54:a4:1e:e5:92:8e:
86:4a:0d:f7:78:30:ad:81:26:c5:2d:ed:a1:ce:1e:
4b:ab:41:9b:65:cc:43:03:c4:73:03:b5:7b:92:ac:
34:14:64:07:a1:8c:a0:7d:fa:7b:fc:ca:4d:4e:c4:
de:34:05:f9:03:27:01:24:d0:1c:4a:44:08:73:c7:
d0:1f:60:1d:cb:24:b3:f2:a8:09:fc:fa:51:3a:b7:
89:18:ed:90:db:3c:5f:5f:c6:53:81:31:bc:ff:77:
09:cd:ca:45:f3:7a:0f:47:83:d3:4a:e5:2e:05:39:
82:a4:b4:aa:76:9d:b8:ab:7d:ec:66:41:39:90:2c:
69:58:5b:fc:bd:38:c0:8b:51:6e:8b:35:2b:5a:a4:
30:53:77:fd:3d:ba:c3:fb:de:7a:4d:b5:9c:8d:a1:
39:2e:f2:87:b3:f8:b8:a4:cf:6b:82:57:64:59:b3:
8b:8b:f8:fc:41:47:9a:9b:6f:fa:14:bb:1f:17:ce:
0a:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D5:0E:26:13:BD:4F:57:3F:7B:CF:8A:F5:03:94:3F:98:AC:1C:59
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/HtUOJhO9T1c_e8-K9QOUP5isHFk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.121.90.0/24
IPv6:
2a01:280:200::/40
Signature Algorithm: sha256WithRSAEncryption
74:d1:12:af:00:07:a6:3a:6c:37:62:23:fc:07:9c:22:07:96:
38:ef:a6:81:f4:ec:40:7e:79:3e:43:5a:d6:0a:fa:d2:6f:da:
60:a2:23:c7:22:45:37:d1:4b:ce:a8:89:7d:4c:4e:ac:42:71:
42:a7:99:f9:16:09:4b:f6:04:85:9e:f3:85:96:4e:11:43:44:
a5:86:d5:8e:15:7b:63:ba:2b:41:8a:2e:97:65:99:02:c3:3d:
03:6c:46:d4:62:de:d4:a1:56:13:8b:65:fc:df:55:b2:2d:96:
a5:20:dc:03:c7:fd:42:cb:b4:26:f7:24:ce:72:50:80:58:95:
b6:ed:63:97:10:51:e8:34:9f:98:a8:3e:55:be:c4:bc:b9:69:
ae:3a:74:51:02:c9:f5:d5:a6:9d:ca:11:00:a9:96:b7:31:24:
34:01:ad:1f:6c:f9:8f:e0:df:ef:65:2f:cf:26:75:4b:8c:00:
f1:4d:9a:3b:e6:e3:af:a2:df:4e:e0:c8:ea:1b:2a:44:3b:17:
84:8c:cc:d3:5a:ce:42:a2:a9:ac:1f:58:59:44:19:35:c5:c0:
f1:56:ec:64:78:c8:9d:c3:58:83:4a:b5:0f:33:5e:cc:5d:ea:
f4:02:19:f7:36:8d:a5:ff:b4:62:6d:69:17:1f:05:d1:df:9d:
b3:72:37:12
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZQnSIhb3o66gwF+d7X/67oKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQ1MGUyNjEzYmQ0ZjU3M2Y3YmNmOGFmNTAzOTQzZjk4YWMxYzU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUX8ZCh/BIEQhDuG0/g/OwaAW+Or
muuDrDdsUfKxV7ErE7M1VgkNlpJHxA9xlY6fL+/EQFotlL8Q0q0X2wCJWNvEBHFU
pB7lko6GSg33eDCtgSbFLe2hzh5Lq0GbZcxDA8RzA7V7kqw0FGQHoYygffp7/MpN
TsTeNAX5AycBJNAcSkQIc8fQH2AdyySz8qgJ/PpROreJGO2Q2zxfX8ZTgTG8/3cJ
zcpF83oPR4PTSuUuBTmCpLSqdp24q33sZkE5kCxpWFv8vTjAi1FuizUrWqQwU3f9
PbrD+956TbWcjaE5LvKHs/i4pM9rgldkWbOLi/j8QUeam2/6FLsfF84K8wIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFB7VDiYTvU9XP3vPivUDlD+YrBxZMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvSHRVT0poTzlUMWNfZTgtSzlRT1VQNWlzSEZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAwHlaMA4E
AgACMAgDBgAqAQKAAjANBgkqhkiG9w0BAQsFAAOCAQEAdNESrwAHpjpsN2Ij/Aec
IgeWOO+mgfTsQH55PkNa1gr60m/aYKIjxyJFN9FLzqiJfUxOrEJxQqeZ+RYJS/YE
hZ7zhZZOEUNEpYbVjhV7Y7orQYoul2WZAsM9A2xG1GLe1KFWE4tl/N9Vsi2WpSDc
A8f9Qsu0JvckznJQgFiVtu1jlxBR6DSfmKg+Vb7EvLlprjp0UQLJ9dWmncoRAKmW
tzEkNAGtH2z5j+Df72UvzyZ1S4wA8U2aO+bjr6LfTuDI6hsqRDsXhIzM01rOQqKp
rB9YWUQZNcXA8VbsZHjIncNYg0q1DzNezF3q9AIZ9zaNpf+0Ym1pFx8F0d+ds3I3
Eg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:12 2025 by rpki-client