Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/HNO3n2nyqBoiZucWp3FNh6U-Ryo.roa
File: HNO3n2nyqBoiZucWp3FNh6U-Ryo.roa (raw, json)
Hash identifier: mGn2tFxCYPFwcs1G30ZfU9HtI8u2fxJMyilek9z4un8=
Subject key identifier: 1C:D3:B7:9F:69:F2:A8:1A:22:66:E7:16:A7:71:4D:87:A5:3E:47:2A
Certificate issuer: /CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Certificate serial: 019423D7A6054BC78AFCC57D952BC1EECF7B
Authority key identifier: 1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/HNO3n2nyqBoiZucWp3FNh6U-Ryo.roa
Signing time: Wed 01 Jan 2025 21:48:42 +0000
ROA not before: Wed 01 Jan 2025 21:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207633
IP address blocks: 2.59.181.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 08:04:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:a6:05:4b:c7:8a:fc:c5:7d:95:2b:c1:ee:cf:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a7f036e2592391fb45a3dd33caf0b07956973cf
Validity
Not Before: Jan 1 21:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cd3b79f69f2a81a2266e716a7714d87a53e472a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a8:6c:10:00:53:a2:8a:9d:69:4a:8f:ef:2c:
9e:51:3b:79:7a:58:7d:1a:2c:c2:a7:02:3e:2a:84:
25:8d:14:ad:b4:3a:df:6f:ee:19:84:5b:85:71:40:
7b:f1:e1:50:e6:60:e2:34:15:0b:3a:54:11:6d:6e:
d3:0e:ae:82:8f:0a:2f:bd:57:0f:b0:a9:55:70:c9:
70:11:c8:86:78:b3:5a:9b:cd:4e:bb:0c:25:5c:a6:
50:5b:c7:79:89:54:a7:64:2a:e9:86:44:13:fa:bf:
67:70:46:9e:a4:53:bb:f4:a5:ff:8e:f7:40:2d:aa:
03:d8:7b:e5:69:c7:6a:07:2c:7a:2e:58:2b:b8:89:
9b:d8:dc:73:05:4b:9e:ee:dd:25:49:fd:8f:75:dd:
58:7d:6d:ad:b8:0e:42:ac:36:e5:0e:de:8f:84:47:
1f:ff:c1:db:2a:eb:8f:ca:68:3f:1d:d0:3c:47:0a:
04:54:e1:8c:fd:d9:51:25:2c:5c:07:e3:6f:11:20:
d2:21:f7:49:99:d9:7f:bf:3d:e0:a4:c3:06:c6:e8:
7b:9c:6f:68:51:89:37:54:da:42:95:89:5f:8f:4c:
c2:c1:c3:19:89:b1:76:a5:d8:28:e6:63:53:01:51:
3c:0f:d0:01:93:6a:40:46:3e:28:e2:c9:8e:a1:33:
1d:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D3:B7:9F:69:F2:A8:1A:22:66:E7:16:A7:71:4D:87:A5:3E:47:2A
X509v3 Authority Key Identifier:
keyid:1A:7F:03:6E:25:92:39:1F:B4:5A:3D:D3:3C:AF:0B:07:95:69:73:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/HNO3n2nyqBoiZucWp3FNh6U-Ryo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/24be1a-16da-481c-8bcb-340d625c6dba/1/Gn8DbiWSOR-0Wj3TPK8LB5Vpc88.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.181.0/24
Signature Algorithm: sha256WithRSAEncryption
11:dc:32:9b:16:ff:1c:d5:39:8c:54:5c:75:e3:32:fe:70:b6:
6f:d5:d8:06:08:50:e4:c5:41:f9:e5:30:cd:ec:e5:b6:55:62:
09:72:8f:dc:41:33:8f:76:84:92:7a:f9:0d:cb:22:e4:4c:80:
f7:af:a8:81:98:9a:d5:d8:70:92:a5:96:27:0d:cd:49:37:05:
fe:e1:95:07:c4:55:10:35:fa:ae:2e:b0:f5:e6:5f:89:02:a0:
e9:7d:4f:5b:f6:4c:8d:1c:f0:02:02:33:da:4a:fc:a3:8b:87:
7b:f0:63:f4:cd:9a:5f:90:d4:f3:a0:7b:68:09:32:df:cb:16:
40:67:a7:1c:57:f2:21:36:ba:48:c6:44:6d:65:43:d9:aa:79:
8e:41:d8:24:02:e1:6d:97:eb:c8:d2:c4:3e:b3:35:8e:b8:80:
66:f8:5e:21:61:c5:ba:fa:09:6d:6b:d4:dc:50:42:58:36:fe:
0e:27:12:e8:04:5e:e1:2d:56:fa:64:57:f9:fb:d2:8e:76:b2:
39:8c:8d:60:cc:cb:46:d9:f4:f4:98:3e:9b:f7:83:54:4f:c2:
89:14:c9:36:07:b1:dc:9c:77:6f:52:7d:a8:76:23:1c:66:61:
7f:f3:18:0a:7f:86:f1:cb:ba:87:0b:38:bc:39:ab:c4:09:40:
c9:43:40:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj16YFS8eK/MV9lSvB7s97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhN2YwMzZlMjU5MjM5MWZiNDVhM2RkMzNjYWYwYjA3OTU2
OTczY2YwHhcNMjUwMTAxMjE0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2QzYjc5ZjY5ZjJhODFhMjI2NmU3MTZhNzcxNGQ4N2E1M2U0NzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqhsEABTooqdaUqP7yyeUTt5elh9
GizCpwI+KoQljRSttDrfb+4ZhFuFcUB78eFQ5mDiNBULOlQRbW7TDq6CjwovvVcP
sKlVcMlwEciGeLNam81OuwwlXKZQW8d5iVSnZCrphkQT+r9ncEaepFO79KX/jvdA
LaoD2HvlacdqByx6LlgruImb2NxzBUue7t0lSf2Pdd1YfW2tuA5CrDblDt6PhEcf
/8HbKuuPymg/HdA8RwoEVOGM/dlRJSxcB+NvESDSIfdJmdl/vz3gpMMGxuh7nG9o
UYk3VNpClYlfj0zCwcMZibF2pdgo5mNTAVE8D9ABk2pARj4o4smOoTMdawIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzTt59p8qgaImbnFqdxTYelPkcqMB8GA1UdIwQY
MBaAFBp/A24lkjkftFo90zyvCweVaXPPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2It
MzQwZDYyNWM2ZGJhLzEvSE5PM24ybnlxQm9pWnVjV3AzRk5oNlUtUnlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8yNGJlMWEtMTZkYS00ODFjLThiY2ItMzQwZDYyNWM2ZGJh
LzEvR244RGJpV1NPUi0wV2ozVFBLOExCNVZwYzg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAAju1MA0G
CSqGSIb3DQEBCwUAA4IBAQAR3DKbFv8c1TmMVFx14zL+cLZv1dgGCFDkxUH55TDN
7OW2VWIJco/cQTOPdoSSevkNyyLkTID3r6iBmJrV2HCSpZYnDc1JNwX+4ZUHxFUQ
NfquLrD15l+JAqDpfU9b9kyNHPACAjPaSvyji4d78GP0zZpfkNTzoHtoCTLfyxZA
Z6ccV/IhNrpIxkRtZUPZqnmOQdgkAuFtl+vI0sQ+szWOuIBm+F4hYcW6+glta9Tc
UEJYNv4OJxLoBF7hLVb6ZFf5+9KOdrI5jI1gzMtG2fT0mD6b94NUT8KJFMk2B7Hc
nHdvUn2odiMcZmF/8xgKf4bxy7qHCzi8OavECUDJQ0Af
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:26:59 2025 by rpki-client