Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/FHI2tg6uVbz6jow0oldj6J9AO5U.roa
File: FHI2tg6uVbz6jow0oldj6J9AO5U.roa (raw, json)
Hash identifier: jEKLgTCL5O+XnkJus6Z+NrqD50j+x/MC6kxgeP6eit4=
Subject key identifier: 14:72:36:B6:0E:AE:55:BC:FA:8E:8C:34:A2:57:63:E8:9F:40:3B:95
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018E0DCE33DA24E4E7F8F55792FCB2DC26CB
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/FHI2tg6uVbz6jow0oldj6J9AO5U.roa
Signing time: Tue 05 Mar 2024 08:50:01 +0000
ROA not before: Tue 05 Mar 2024 08:50:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21378
IP address blocks: 84.42.0.0/19 maxlen: 19
84.42.0.0/21 maxlen: 21
84.42.8.0/21 maxlen: 21
84.42.16.0/21 maxlen: 21
84.42.24.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 10 Apr 2024 12:21:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0d:ce:33:da:24:e4:e7:f8:f5:57:92:fc:b2:dc:26:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 5 08:50:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=147236b60eae55bcfa8e8c34a25763e89f403b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0d:8d:e9:3a:e6:b7:a5:7e:04:ab:5e:65:ba:
ba:29:20:ce:bf:26:32:f6:f7:14:2e:9f:99:83:77:
a3:40:2f:5a:13:53:41:3a:49:e6:de:4a:ba:a8:d3:
e0:ee:76:1a:ac:77:fb:50:52:af:6e:ed:b1:81:91:
c7:ba:fc:76:ff:e8:7a:8a:9c:2f:78:8d:61:f9:f1:
69:60:19:16:08:03:cd:3e:91:29:bf:5d:c1:66:81:
d6:43:74:2d:e6:ac:40:a5:7c:fc:69:30:40:bd:b7:
c1:ba:e4:51:cc:5e:0d:7a:06:25:f0:9b:12:93:db:
d9:4f:6f:b5:15:df:99:dc:d9:1b:ab:12:f9:e0:f3:
86:e4:09:30:45:40:c2:17:f8:a4:b2:16:61:da:67:
76:e5:c7:05:84:a8:d4:3b:dd:24:93:7a:61:06:db:
98:3d:e0:e2:66:52:aa:91:d4:c8:c2:96:f0:9c:d5:
eb:ad:7c:fb:2c:b9:24:13:ff:cf:e4:44:cd:5a:1a:
82:1b:87:72:14:f6:27:bb:20:9a:c3:e0:e1:fb:97:
e4:1c:fb:9a:b2:1a:0a:90:3f:88:23:90:7e:61:63:
38:2c:29:b3:95:94:39:8f:7d:9b:5f:d6:2b:90:74:
62:9f:65:fd:36:79:7e:7e:ae:13:fa:31:26:c9:6c:
1f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:72:36:B6:0E:AE:55:BC:FA:8E:8C:34:A2:57:63:E8:9F:40:3B:95
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/FHI2tg6uVbz6jow0oldj6J9AO5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.42.0.0/19
Signature Algorithm: sha256WithRSAEncryption
65:01:0c:80:62:52:a5:b3:00:75:e9:5e:6a:4a:94:6f:73:36:
e1:f6:54:5e:ba:6e:09:81:f2:04:18:45:f7:84:bf:d9:c6:8f:
01:08:9a:4a:b6:bd:3f:1c:bb:c8:1c:d5:cb:fe:72:45:48:08:
fe:46:92:b2:65:d5:d7:2f:77:e3:4f:8e:14:bb:26:29:41:9f:
2c:50:7f:c9:a7:e4:04:30:0d:cd:f2:6a:4d:a6:83:41:9c:50:
b8:21:3a:df:c4:77:a0:5e:ba:a8:58:6b:d2:a4:85:6e:13:f4:
d4:08:cd:0f:93:b5:17:ec:43:a1:48:3f:16:e5:56:18:a8:87:
1f:53:a5:bf:61:14:9a:b9:3d:21:ff:ff:22:4e:e0:70:c1:69:
01:84:0d:54:25:21:d0:01:2e:6d:6b:2f:00:1b:1e:f8:d4:a7:
59:11:e6:02:23:97:4a:7e:40:ce:02:e7:33:e2:bf:31:63:7f:
52:8b:9b:d4:e6:71:38:55:08:fe:5a:5e:51:93:3d:3c:f0:44:
5b:94:b0:ff:cc:ba:ac:af:61:67:a4:1e:fc:d8:6e:99:d5:6d:
25:b9:7c:6e:a5:63:f5:1b:40:1d:f6:e5:92:7e:c4:38:9f:54:
55:8c:c1:a6:04:44:01:0a:e7:db:5a:ed:49:4d:e7:c6:f6:fe:
4b:d4:18:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4NzjPaJOTn+PVXkvyy3CbLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwMzA1MDg1MDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNDcyMzZiNjBlYWU1NWJjZmE4ZThjMzRhMjU3NjNlODlmNDAzYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAog2N6Trmt6V+BKteZbq6KSDOvyYy
9vcULp+Zg3ejQC9aE1NBOknm3kq6qNPg7nYarHf7UFKvbu2xgZHHuvx2/+h6ipwv
eI1h+fFpYBkWCAPNPpEpv13BZoHWQ3Qt5qxApXz8aTBAvbfBuuRRzF4NegYl8JsS
k9vZT2+1Fd+Z3NkbqxL54POG5AkwRUDCF/ikshZh2md25ccFhKjUO90kk3phBtuY
PeDiZlKqkdTIwpbwnNXrrXz7LLkkE//P5ETNWhqCG4dyFPYnuyCaw+Dh+5fkHPua
shoKkD+II5B+YWM4LCmzlZQ5j32bX9YrkHRin2X9Nnl+fq4T+jEmyWwfiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBRyNrYOrlW8+o6MNKJXY+ifQDuVMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvRkhJMnRnNnVWYno2am93MG9sZGo2SjlBTzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFVCoAMA0G
CSqGSIb3DQEBCwUAA4IBAQBlAQyAYlKlswB16V5qSpRvczbh9lReum4JgfIEGEX3
hL/Zxo8BCJpKtr0/HLvIHNXL/nJFSAj+RpKyZdXXL3fjT44UuyYpQZ8sUH/Jp+QE
MA3N8mpNpoNBnFC4ITrfxHegXrqoWGvSpIVuE/TUCM0Pk7UX7EOhSD8W5VYYqIcf
U6W/YRSauT0h//8iTuBwwWkBhA1UJSHQAS5tay8AGx741KdZEeYCI5dKfkDOAucz
4r8xY39Si5vU5nE4VQj+Wl5Rkz088ERblLD/zLqsr2FnpB782G6Z1W0luXxupWP1
G0Ad9uWSfsQ4n1RVjMGmBEQBCufbWu1JTefG9v5L1BiX
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:48:17 2025 by rpki-client