Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/hAg5Q_M1Lf4BXNy40iZk44Khy7I.roa
File: hAg5Q_M1Lf4BXNy40iZk44Khy7I.roa (raw, json)
Hash identifier: Ghsw74GXha4KvSJi2apgXe2xzpSE0C/TD1Hg5c8LkjU=
Subject key identifier: 84:08:39:43:F3:35:2D:FE:01:5C:DC:B8:D2:26:64:E3:82:A1:CB:B2
Certificate issuer: /CN=7741d13a15a987dd60019c0265d2ecec4840944a
Certificate serial: 019425FC97F0DEFDF728BB69B4137A84DF71
Authority key identifier: 77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/hAg5Q_M1Lf4BXNy40iZk44Khy7I.roa
Signing time: Thu 02 Jan 2025 07:48:18 +0000
ROA not before: Thu 02 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 81.161.62.0/24 maxlen: 24
91.227.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 Jan 2025 13:16:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:97:f0:de:fd:f7:28:bb:69:b4:13:7a:84:df:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7741d13a15a987dd60019c0265d2ecec4840944a
Validity
Not Before: Jan 2 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84083943f3352dfe015cdcb8d22664e382a1cbb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:55:e9:a0:f0:36:72:e8:f7:4f:06:a2:d3:de:
b0:30:d8:77:28:10:2f:11:c0:a2:b1:6f:a3:4c:34:
4d:e9:b0:2b:11:1f:95:10:e9:b9:71:b7:88:a3:ca:
57:10:41:3e:d8:45:b6:a5:8d:56:6d:21:60:f6:fc:
01:be:0a:1d:29:fa:20:bf:a5:6a:7a:c8:61:d3:9e:
d2:a9:0a:db:22:b3:3c:47:ce:f9:47:79:58:ff:06:
1d:1b:18:24:92:79:a7:f4:69:f7:aa:3a:b3:82:aa:
6a:8c:11:0a:cd:a6:30:d6:57:0f:1e:74:52:8a:b6:
7a:7f:ef:2b:b2:55:5c:d3:fe:f2:41:d5:58:59:cd:
6f:8b:1a:3e:eb:db:f6:6c:95:3b:45:eb:2b:fd:b0:
43:6e:eb:dd:46:ff:2b:dc:eb:f7:7b:9a:6d:3e:cc:
f3:8c:37:68:a6:a0:f2:f2:7c:7f:3a:7f:4a:34:8b:
c0:45:70:2e:26:d8:6b:e3:02:f6:30:08:da:6b:79:
1a:a7:1f:fe:2b:e0:06:11:3b:ac:39:bf:14:22:67:
83:a3:3b:ad:cd:19:5a:c9:bb:d2:56:04:8d:11:88:
a6:62:5a:31:99:82:25:47:bb:3b:2c:d3:51:8d:9c:
9a:5c:78:ae:fb:db:b2:2a:04:35:c1:4a:62:08:ff:
cf:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:08:39:43:F3:35:2D:FE:01:5C:DC:B8:D2:26:64:E3:82:A1:CB:B2
X509v3 Authority Key Identifier:
keyid:77:41:D1:3A:15:A9:87:DD:60:01:9C:02:65:D2:EC:EC:48:40:94:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0HROhWph91gAZwCZdLs7EhAlEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/hAg5Q_M1Lf4BXNy40iZk44Khy7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/0be9d0-999a-449a-8519-3523e3030be4/1/d0HROhWph91gAZwCZdLs7EhAlEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.161.62.0/24
91.227.193.0/24
Signature Algorithm: sha256WithRSAEncryption
00:81:ed:3f:46:0a:96:76:74:70:2c:17:2e:c3:96:7d:2c:b5:
98:62:08:69:93:8e:7d:6f:89:fc:23:44:ba:f1:53:f8:ab:4a:
1b:51:de:8f:86:dd:ce:52:26:fa:6e:68:de:9b:60:dc:c0:67:
e6:8f:f2:8d:5d:09:5e:90:6f:03:73:9c:50:f2:e7:dc:ee:12:
9b:46:a1:f2:e6:08:4d:38:13:04:90:14:2b:34:b2:24:73:2b:
20:8c:36:b4:0a:16:2f:3f:7f:75:b9:38:62:04:aa:28:f6:21:
1c:16:02:c9:19:59:0c:5f:ef:28:f1:fd:0d:c1:e8:5e:24:28:
c0:f5:41:87:b6:5b:7d:2d:b4:da:40:c1:56:0b:01:34:79:44:
14:79:0c:f1:01:8f:ca:8f:a4:ea:ef:3c:55:5b:68:a2:70:5c:
0b:d8:43:6f:65:e0:dd:a2:84:44:d5:01:9d:f7:4c:61:a5:4e:
f9:fb:0d:a6:0a:28:85:ad:55:9a:28:74:b2:c5:7d:5e:6f:92:
9d:1a:65:89:62:fc:67:7a:61:26:e3:75:50:68:58:79:37:66:
0c:cb:e3:29:65:04:09:77:9c:b9:d8:d2:72:39:ed:55:f1:dd:
0f:9d:ef:75:6b:dd:98:e4:c0:e1:46:4f:a1:9e:86:b6:6e:b8:
bc:16:29:15
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/Jfw3v33KLtptBN6hN9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NDFkMTNhMTVhOTg3ZGQ2MDAxOWMwMjY1ZDJlY2VjNDg0
MDk0NGEwHhcNMjUwMTAyMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDA4Mzk0M2YzMzUyZGZlMDE1Y2RjYjhkMjI2NjRlMzgyYTFjYmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVXpoPA2cuj3Twai096wMNh3KBAv
EcCisW+jTDRN6bArER+VEOm5cbeIo8pXEEE+2EW2pY1WbSFg9vwBvgodKfogv6Vq
eshh057SqQrbIrM8R875R3lY/wYdGxgkknmn9Gn3qjqzgqpqjBEKzaYw1lcPHnRS
irZ6f+8rslVc0/7yQdVYWc1vixo+69v2bJU7Resr/bBDbuvdRv8r3Ov3e5ptPszz
jDdopqDy8nx/On9KNIvARXAuJthr4wL2MAjaa3kapx/+K+AGETusOb8UImeDozut
zRlaybvSVgSNEYimYloxmYIlR7s7LNNRjZyaXHiu+9uyKgQ1wUpiCP/PXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIQIOUPzNS3+AVzcuNImZOOCocuyMB8GA1UdIwQY
MBaAFHdB0ToVqYfdYAGcAmXS7OxIQJRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTkt
MzUyM2UzMDMwYmU0LzEvaEFnNVFfTTFMZjRCWE55NDBpWms0NEtoeTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My8wYmU5ZDAtOTk5YS00NDlhLTg1MTktMzUyM2UzMDMwYmU0
LzEvZDBIUk9oV3BoOTFnQVp3Q1pkTHM3RWhBbEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUaE+AwQA
W+PBMA0GCSqGSIb3DQEBCwUAA4IBAQAAge0/RgqWdnRwLBcuw5Z9LLWYYghpk459
b4n8I0S68VP4q0obUd6Pht3OUib6bmjem2DcwGfmj/KNXQlekG8Dc5xQ8ufc7hKb
RqHy5ghNOBMEkBQrNLIkcysgjDa0ChYvP391uThiBKoo9iEcFgLJGVkMX+8o8f0N
weheJCjA9UGHtlt9LbTaQMFWCwE0eUQUeQzxAY/Kj6Tq7zxVW2iicFwL2ENvZeDd
ooRE1QGd90xhpU75+w2mCiiFrVWaKHSyxX1eb5KdGmWJYvxnemEm43VQaFh5N2YM
y+MpZQQJd5y52NJyOe1V8d0Pne91a92Y5MDhRk+hnoa2bri8FikV
-----END CERTIFICATE-----
Generated at Fri May 2 14:24:58 2025 by rpki-client