Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1m02ht_8DM0s_kzM2_BtamNEhts.roa
File: 1m02ht_8DM0s_kzM2_BtamNEhts.roa (raw, json)
Hash identifier: Mh2TVYRMSHPJN/94uclVydXVgmJ5esIKVrcXFMSzau8=
Subject key identifier: D6:6D:36:86:DF:FC:0C:CD:2C:FE:4C:CC:DB:F0:6D:6A:63:44:86:DB
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01954CE12C224565AF88089E90E9719C3E4B
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1m02ht_8DM0s_kzM2_BtamNEhts.roa
Signing time: Fri 28 Feb 2025 14:06:19 +0000
ROA not before: Fri 28 Feb 2025 14:06:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 194.15.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 02 Mar 2025 19:51:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:e1:2c:22:45:65:af:88:08:9e:90:e9:71:9c:3e:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Feb 28 14:06:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d66d3686dffc0ccd2cfe4cccdbf06d6a634486db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:54:4d:43:d5:d5:2e:0b:de:f6:8f:0f:4e:ee:
ee:58:2b:d6:16:b3:11:e2:4c:0c:70:48:36:43:13:
9e:02:34:97:fa:72:31:5a:48:1d:47:0a:55:72:46:
f7:38:68:43:74:3c:71:5b:80:cc:e7:75:11:18:27:
2b:5d:3b:a8:b5:33:16:6e:56:a4:d5:b2:0a:8e:34:
0a:92:7b:80:ab:e6:0e:a5:fa:0d:b9:e9:65:7b:d7:
41:7d:68:1e:78:1f:f8:bc:b5:06:bb:3b:f0:c2:b2:
67:be:4b:30:9d:e3:78:75:e0:a4:96:0c:68:33:dc:
72:29:46:96:23:5b:73:73:c2:e3:b6:6b:06:d2:cb:
6a:6d:89:ed:c0:54:fa:24:c8:6a:79:3d:97:1f:7a:
e9:1d:5b:ab:cd:bc:4d:17:7f:6f:e2:21:4e:2d:bb:
26:3f:6e:ff:27:58:55:c8:99:fc:7e:7c:48:fe:77:
73:65:db:f2:74:33:92:18:d2:c0:bb:d1:f9:62:4a:
12:06:0e:80:59:47:22:bc:70:58:26:0d:35:34:65:
55:89:dd:36:28:34:97:e9:59:c2:dc:d4:b3:81:d9:
94:61:8c:ee:64:fc:68:e6:af:98:5c:c7:80:82:97:
ed:8a:9f:e9:a0:70:54:88:13:18:05:cd:37:89:12:
2c:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:6D:36:86:DF:FC:0C:CD:2C:FE:4C:CC:DB:F0:6D:6A:63:44:86:DB
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/1m02ht_8DM0s_kzM2_BtamNEhts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.96.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d0:2b:1f:76:a8:d3:8d:54:86:8e:b0:05:fb:74:c6:7f:4f:
9a:24:26:d4:87:3f:6f:8d:ab:dc:69:37:06:81:93:43:f9:1f:
a2:4c:36:f1:33:ab:cd:ea:9b:91:a4:e9:b9:17:94:60:8d:28:
db:06:2b:9a:5d:94:7a:f6:50:64:b2:55:f7:5d:cb:b1:a2:00:
31:ea:22:b2:c4:47:2c:04:39:ed:05:ed:68:da:0b:9f:4b:88:
f5:59:b9:58:a2:04:0e:93:a9:33:68:78:5c:e3:79:7c:3c:f8:
e3:fe:d8:ac:2a:c2:58:37:72:df:21:7b:3e:75:12:19:e5:ea:
37:f7:54:70:d0:36:49:16:37:5d:a7:6b:0b:9e:4a:3d:7f:57:
9a:d0:32:b2:f0:e8:76:fd:6f:cf:c3:23:3f:2a:d1:d2:77:e2:
cd:36:48:fd:5d:bf:e2:b7:e2:46:6d:da:d7:1b:66:74:1c:2d:
75:d5:bc:b9:b3:95:f6:83:31:3c:5f:b9:cd:ac:cf:9c:f6:cc:
b0:7e:9d:44:56:61:0e:c3:29:44:95:0c:e8:50:52:ac:0e:6c:
e3:2d:40:f8:0c:00:dc:66:91:eb:16:79:6b:20:5b:6a:b0:97:
3c:d7:be:7b:2a:4d:95:ef:18:97:3f:20:18:00:2f:ca:09:f8:
5c:ea:6a:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVM4SwiRWWviAiekOlxnD5LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwMjI4MTQwNjE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjZkMzY4NmRmZmMwY2NkMmNmZTRjY2NkYmYwNmQ2YTYzNDQ4NmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFRNQ9XVLgve9o8PTu7uWCvWFrMR
4kwMcEg2QxOeAjSX+nIxWkgdRwpVckb3OGhDdDxxW4DM53URGCcrXTuotTMWblak
1bIKjjQKknuAq+YOpfoNuelle9dBfWgeeB/4vLUGuzvwwrJnvkswneN4deCklgxo
M9xyKUaWI1tzc8LjtmsG0stqbYntwFT6JMhqeT2XH3rpHVurzbxNF39v4iFOLbsm
P27/J1hVyJn8fnxI/ndzZdvydDOSGNLAu9H5YkoSBg6AWUcivHBYJg01NGVVid02
KDSX6VnC3NSzgdmUYYzuZPxo5q+YXMeAgpftip/poHBUiBMYBc03iRIs7wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNZtNobf/AzNLP5MzNvwbWpjRIbbMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvMW0wMmh0XzhETTBzX2t6TTJfQnRhbU5FaHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9gMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ0CsfdqjTjVSGjrAF+3TGf0+aJCbUhz9vjavcaTcG
gZND+R+iTDbxM6vN6puRpOm5F5RgjSjbBiuaXZR69lBkslX3XcuxogAx6iKyxEcs
BDntBe1o2gufS4j1WblYogQOk6kzaHhc43l8PPjj/tisKsJYN3LfIXs+dRIZ5eo3
91Rw0DZJFjddp2sLnko9f1ea0DKy8Oh2/W/PwyM/KtHSd+LNNkj9Xb/it+JGbdrX
G2Z0HC111by5s5X2gzE8X7nNrM+c9sywfp1EVmEOwylElQzoUFKsDmzjLUD4DADc
ZpHrFnlrIFtqsJc81757Kk2V7xiXPyAYAC/KCfhc6mpI
-----END CERTIFICATE-----
Generated at Mon Apr 28 15:26:55 2025 by rpki-client