Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/hg5R9mtZ9fEA59-ndl8c6T1QklQ.roa
File: hg5R9mtZ9fEA59-ndl8c6T1QklQ.roa (raw, json)
Hash identifier: sBES0Dv5stnDmKmqQ0VY3N1qB0zWx7VqFdftj/2dWgY=
Subject key identifier: 86:0E:51:F6:6B:59:F5:F1:00:E7:DF:A7:76:5F:1C:E9:3D:50:92:54
Certificate issuer: /CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Certificate serial: 0193679EF190C455BB824F9F0D10CD1719BD
Authority key identifier: 2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/hg5R9mtZ9fEA59-ndl8c6T1QklQ.roa
Signing time: Tue 26 Nov 2024 08:38:09 +0000
ROA not before: Tue 26 Nov 2024 08:38:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215443
IP address blocks: 91.204.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:48:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:67:9e:f1:90:c4:55:bb:82:4f:9f:0d:10:cd:17:19:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c71c96005e13a84a3f31ef1d991777f4b6e31a7
Validity
Not Before: Nov 26 08:38:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=860e51f66b59f5f100e7dfa7765f1ce93d509254
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:d4:a8:5b:e7:fd:b9:f5:6c:6f:d1:7d:79:a5:
ed:74:2f:18:59:88:d6:c2:32:4d:d5:a8:d4:23:be:
f8:f0:33:16:67:ef:f9:84:57:97:5a:05:9c:91:2f:
08:00:18:a2:82:0a:37:8a:a4:80:eb:93:2e:93:57:
68:16:b5:06:b7:c4:e3:e8:f9:f2:6e:2d:5f:f5:01:
23:63:ab:47:91:73:63:98:b3:40:2f:20:15:da:00:
50:ca:6f:85:79:23:45:58:cb:84:9c:ba:a8:ca:e5:
b9:71:e2:02:5f:ad:be:86:7e:ec:20:38:a4:b6:a9:
da:2c:c7:78:f1:0d:c6:04:fb:5e:c6:9f:38:45:eb:
ba:73:74:3f:4c:83:7c:01:2d:9d:54:95:20:e5:a9:
32:cb:64:b5:ac:04:c8:be:1c:4b:e5:58:c1:af:04:
f2:4d:25:c0:15:70:7b:e1:32:31:d4:5d:55:09:20:
a5:95:5c:66:f3:a9:9a:a3:9d:ff:cb:76:c0:a0:74:
a9:c1:00:d5:1c:af:63:4d:16:ce:dc:ba:48:ad:cf:
a3:17:a4:f5:0b:5c:65:6f:29:1f:f7:80:83:a7:f3:
5c:9a:09:90:ee:4f:02:fc:75:66:7d:03:23:1c:7c:
70:fd:53:75:cf:50:17:38:14:cd:9d:2c:fb:22:f0:
bd:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0E:51:F6:6B:59:F5:F1:00:E7:DF:A7:76:5F:1C:E9:3D:50:92:54
X509v3 Authority Key Identifier:
keyid:2C:71:C9:60:05:E1:3A:84:A3:F3:1E:F1:D9:91:77:7F:4B:6E:31:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LHHJYAXhOoSj8x7x2ZF3f0tuMac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/hg5R9mtZ9fEA59-ndl8c6T1QklQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/fa3544-1025-4e8f-a8fe-7a28af29cdc2/1/LHHJYAXhOoSj8x7x2ZF3f0tuMac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.131.0/24
Signature Algorithm: sha256WithRSAEncryption
38:19:6e:d0:b8:db:25:4d:91:8a:78:e1:45:6f:55:c1:43:44:
9b:84:3e:54:44:4c:8a:1f:1c:30:e1:89:37:9f:9f:7b:d4:90:
00:3b:9b:aa:71:8d:ef:7a:00:5a:95:1d:5d:2e:55:69:66:41:
9c:8d:c1:23:c2:01:e0:81:ed:80:c7:b8:3a:47:93:15:4a:94:
7e:c2:3a:1d:83:4f:e9:99:52:af:95:c3:cc:77:6a:58:92:ef:
3e:f0:74:73:bb:6a:02:67:52:f8:6c:84:68:17:9f:5e:37:3c:
98:2f:b2:04:32:a7:f6:38:90:a9:f0:33:c2:bb:55:31:b5:40:
e1:74:7d:67:06:a2:96:b7:c9:d4:a8:9b:aa:05:55:d7:cf:6e:
98:d6:0e:aa:45:64:74:9f:20:56:56:10:9a:60:19:a2:0f:00:
a3:da:d8:8b:fc:a8:ac:d4:0d:40:52:16:94:54:17:82:86:b9:
18:eb:96:a7:22:75:59:02:4a:7e:01:22:a9:60:a6:70:30:5c:
0c:12:03:d8:5b:b7:ce:fd:f3:c0:54:14:a3:e9:83:3c:4d:65:
21:2b:ef:89:da:b3:ed:91:6b:1f:25:f8:ba:e4:fb:96:f8:7b:
48:fd:d6:29:30:41:2f:85:25:86:45:c9:07:6d:94:a6:ef:c7:
da:a1:f0:6d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZNnnvGQxFW7gk+fDRDNFxm9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNzFjOTYwMDVlMTNhODRhM2YzMWVmMWQ5OTE3NzdmNGI2
ZTMxYTcwHhcNMjQxMTI2MDgzODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBlNTFmNjZiNTlmNWYxMDBlN2RmYTc3NjVmMWNlOTNkNTA5MjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttSoW+f9ufVsb9F9eaXtdC8YWYjW
wjJN1ajUI7748DMWZ+/5hFeXWgWckS8IABiiggo3iqSA65Muk1doFrUGt8Tj6Pny
bi1f9QEjY6tHkXNjmLNALyAV2gBQym+FeSNFWMuEnLqoyuW5ceICX62+hn7sIDik
tqnaLMd48Q3GBPtexp84Reu6c3Q/TIN8AS2dVJUg5akyy2S1rATIvhxL5VjBrwTy
TSXAFXB74TIx1F1VCSCllVxm86mao53/y3bAoHSpwQDVHK9jTRbO3LpIrc+jF6T1
C1xlbykf94CDp/NcmgmQ7k8C/HVmfQMjHHxw/VN1z1AXOBTNnSz7IvC9qwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYOUfZrWfXxAOffp3ZfHOk9UJJUMB8GA1UdIwQY
MBaAFCxxyWAF4TqEo/Me8dmRd39LbjGnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUt
N2EyOGFmMjljZGMyLzEvaGc1UjltdFo5ZkVBNTktbmRsOGM2VDFRa2xRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mYTM1NDQtMTAyNS00ZThmLWE4ZmUtN2EyOGFmMjljZGMy
LzEvTEhISllBWGhPb1NqOHg3eDJaRjNmMHR1TWFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8yDMA0G
CSqGSIb3DQEBCwUAA4IBAQA4GW7QuNslTZGKeOFFb1XBQ0SbhD5UREyKHxww4Yk3
n5971JAAO5uqcY3vegBalR1dLlVpZkGcjcEjwgHgge2Ax7g6R5MVSpR+wjodg0/p
mVKvlcPMd2pYku8+8HRzu2oCZ1L4bIRoF59eNzyYL7IEMqf2OJCp8DPCu1UxtUDh
dH1nBqKWt8nUqJuqBVXXz26Y1g6qRWR0nyBWVhCaYBmiDwCj2tiL/Kis1A1AUhaU
VBeChrkY65anInVZAkp+ASKpYKZwMFwMEgPYW7fO/fPAVBSj6YM8TWUhK++J2rPt
kWsfJfi65PuW+HtI/dYpMEEvhSWGRckHbZSm78faofBt
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:00:27 2025 by rpki-client