Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/htcwSWw3lA8rMwKw3x8s0s40ozE.roa
File: htcwSWw3lA8rMwKw3x8s0s40ozE.roa (raw, json)
Hash identifier: oszUKro6D3z51gB0Bnzxv+aLpIt3VRXunJ+WnFjx9u0=
Subject key identifier: 86:D7:30:49:6C:37:94:0F:2B:33:02:B0:DF:1F:2C:D2:CE:34:A3:31
Certificate issuer: /CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Certificate serial: 018CC6B859E2CB8F3C6802DD68A201B86440
Authority key identifier: E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/htcwSWw3lA8rMwKw3x8s0s40ozE.roa
Signing time: Mon 01 Jan 2024 20:30:19 +0000
ROA not before: Mon 01 Jan 2024 20:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204082
IP address blocks: 185.109.243.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:59:e2:cb:8f:3c:68:02:dd:68:a2:01:b8:64:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e47521e7b6b38abfb88bf71e9bc5a02b2eccd3b3
Validity
Not Before: Jan 1 20:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86d730496c37940f2b3302b0df1f2cd2ce34a331
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:69:51:3d:d2:23:3d:93:64:ad:9d:f0:00:08:
37:7d:ec:47:c4:ae:e3:e3:39:2e:fb:7e:c7:03:28:
3d:af:68:27:3a:36:57:e8:75:e3:a8:74:85:2a:6f:
ef:94:7f:86:30:16:16:92:64:81:c5:12:29:2d:25:
b3:c7:f0:fa:91:ba:08:b0:d0:a4:b2:64:f7:03:00:
55:25:62:5d:c0:4f:69:ec:c3:aa:55:44:a8:62:5d:
a1:c5:8d:0e:42:4d:5b:c1:d6:4d:04:0a:53:2f:52:
f6:80:28:4c:8f:03:ed:75:be:44:d8:87:35:8b:c5:
0a:bd:2a:8e:b3:82:13:21:c8:3f:55:de:fa:21:0a:
a8:56:c3:81:2b:4b:42:20:91:76:ed:27:56:7c:01:
b8:38:9c:25:36:c8:1c:e6:1b:33:b0:4a:b8:03:b0:
a5:a8:f7:fb:97:37:20:df:44:e3:10:a5:7b:88:33:
4b:cf:8a:e2:af:49:1d:da:33:76:eb:30:17:1e:b3:
a5:1a:35:8d:a0:11:3f:e1:26:b3:48:0a:ef:7e:1c:
10:90:3d:e5:b0:b9:4e:35:de:38:d7:d2:bf:67:8e:
b0:96:96:e7:dc:dd:6a:49:15:d9:11:5b:30:82:04:
d3:78:10:d8:36:c1:06:0f:f0:82:b4:a2:11:ff:f9:
3c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D7:30:49:6C:37:94:0F:2B:33:02:B0:DF:1F:2C:D2:CE:34:A3:31
X509v3 Authority Key Identifier:
keyid:E4:75:21:E7:B6:B3:8A:BF:B8:8B:F7:1E:9B:C5:A0:2B:2E:CC:D3:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5HUh57azir-4i_cem8WgKy7M07M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/htcwSWw3lA8rMwKw3x8s0s40ozE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/19136e-429f-43ad-94ef-8361a8303522/1/5HUh57azir-4i_cem8WgKy7M07M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.109.243.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:7e:5c:a5:0b:0e:e6:6e:3e:16:c0:e3:c9:3f:b2:0c:65:07:
0d:7c:21:ca:49:e8:3e:a2:b7:c8:96:c6:58:c8:cb:fc:df:b4:
43:0d:a0:8c:3c:43:70:8f:10:03:03:17:5c:05:6e:10:05:7a:
3f:2f:e3:95:d4:f9:fa:e1:c4:01:74:4f:9b:c9:b1:c1:fb:8e:
67:f0:69:91:90:59:c6:0a:cf:36:1b:6c:78:10:4b:b9:fb:91:
98:0f:47:33:83:1f:36:61:fa:f0:92:4d:e9:30:74:b0:d1:81:
51:c0:d5:4f:ba:7c:61:d4:61:89:ff:a0:e4:2d:45:25:1b:43:
13:6d:e1:6b:16:3d:cc:65:e7:a1:ee:cf:90:5b:82:c4:18:b9:
df:c2:56:03:6b:31:ce:c0:5d:fb:7f:2b:ed:2a:ff:d4:70:e2:
ab:e2:86:4b:70:b1:33:f3:fc:c2:53:bb:db:a4:b3:ef:1c:05:
a7:d6:58:8c:0b:de:9a:fa:18:8b:89:63:2c:86:ad:29:38:3f:
9a:87:57:0b:3f:61:40:5f:51:a5:13:c4:a3:6f:ee:0e:ff:80:
19:0a:36:f5:9d:cf:05:71:8f:c8:90:3c:4a:79:4a:3a:7f:37:
f9:76:7f:04:0d:ae:55:6f:29:41:89:62:83:f6:fb:39:d8:31:
97:fb:a6:27
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuFniy488aALdaKIBuGRAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0NzUyMWU3YjZiMzhhYmZiODhiZjcxZTliYzVhMDJiMmVj
Y2QzYjMwHhcNMjQwMTAxMjAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQ3MzA0OTZjMzc5NDBmMmIzMzAyYjBkZjFmMmNkMmNlMzRhMzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomlRPdIjPZNkrZ3wAAg3fexHxK7j
4zku+37HAyg9r2gnOjZX6HXjqHSFKm/vlH+GMBYWkmSBxRIpLSWzx/D6kboIsNCk
smT3AwBVJWJdwE9p7MOqVUSoYl2hxY0OQk1bwdZNBApTL1L2gChMjwPtdb5E2Ic1
i8UKvSqOs4ITIcg/Vd76IQqoVsOBK0tCIJF27SdWfAG4OJwlNsgc5hszsEq4A7Cl
qPf7lzcg30TjEKV7iDNLz4rir0kd2jN26zAXHrOlGjWNoBE/4SazSArvfhwQkD3l
sLlONd4419K/Z46wlpbn3N1qSRXZEVswggTTeBDYNsEGD/CCtKIR//k89QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbXMElsN5QPKzMCsN8fLNLONKMxMB8GA1UdIwQY
MBaAFOR1Iee2s4q/uIv3HpvFoCsuzNOzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYt
ODM2MWE4MzAzNTIyLzEvaHRjd1NXdzNsQThyTXdLdzN4OHMwczQwb3pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8xOTEzNmUtNDI5Zi00M2FkLTk0ZWYtODM2MWE4MzAzNTIy
LzEvNUhVaDU3YXppci00aV9jZW04V2dLeTdNMDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuW3zMA0G
CSqGSIb3DQEBCwUAA4IBAQC2flylCw7mbj4WwOPJP7IMZQcNfCHKSeg+orfIlsZY
yMv837RDDaCMPENwjxADAxdcBW4QBXo/L+OV1Pn64cQBdE+bybHB+45n8GmRkFnG
Cs82G2x4EEu5+5GYD0czgx82Yfrwkk3pMHSw0YFRwNVPunxh1GGJ/6DkLUUlG0MT
beFrFj3MZeeh7s+QW4LEGLnfwlYDazHOwF37fyvtKv/UcOKr4oZLcLEz8/zCU7vb
pLPvHAWn1liMC96a+hiLiWMshq0pOD+ah1cLP2FAX1GlE8Sjb+4O/4AZCjb1nc8F
cY/IkDxKeUo6fzf5dn8EDa5VbylBiWKD9vs52DGX+6Yn
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:11:49 2025 by rpki-client