Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-HzcOlZYHywi14fDPbDX6exNCeU.roa
File: 1-HzcOlZYHywi14fDPbDX6exNCeU.roa (raw, json)
Hash identifier: ELnvsKzxWGNae7K6jdqt03ktBDs9zdidvLja2xmdHHE=
Subject key identifier: F8:7C:DC:3A:56:58:1F:2C:22:D7:87:C3:3D:B0:D7:E9:EC:4D:09:E5
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0195FCE2631BBEFE50573EF819E5F2585537
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-HzcOlZYHywi14fDPbDX6exNCeU.roa
Signing time: Thu 03 Apr 2025 18:20:49 +0000
ROA not before: Thu 03 Apr 2025 18:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 85.239.145.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Apr 2025 05:03:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fc:e2:63:1b:be:fe:50:57:3e:f8:19:e5:f2:58:55:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Apr 3 18:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f87cdc3a56581f2c22d787c33db0d7e9ec4d09e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d0:a2:60:4d:81:20:a4:af:52:55:a0:93:ce:
e9:9e:56:df:6d:2d:01:3c:9b:83:a6:83:4b:b6:a9:
40:7b:da:68:2c:0c:61:07:f9:cf:c8:e9:43:81:d1:
25:b5:a8:9b:34:d1:2d:66:39:77:4a:0d:61:13:bc:
b4:4a:63:c2:f7:e1:cf:33:40:98:18:18:19:16:92:
ac:21:39:f3:21:44:c5:e0:27:7e:4a:62:0f:43:95:
11:9a:fb:cf:64:24:43:be:b4:75:fa:62:d4:cf:9a:
11:70:74:2a:aa:93:34:ea:e5:0d:27:4f:88:c6:fc:
c3:24:de:42:39:96:24:23:36:44:f1:49:fc:02:fe:
77:f9:2e:4f:68:11:84:21:48:fc:a3:8e:8f:d5:42:
52:c2:38:ad:c5:9f:7e:85:43:0e:5e:4f:96:46:0b:
56:3e:f8:99:54:b0:ae:dc:16:06:27:7f:d1:f9:57:
c1:87:bc:23:2a:bb:6a:10:7a:ac:32:f7:57:58:9b:
60:eb:3a:26:91:8a:4d:a3:bb:d5:ff:0a:58:f9:13:
68:4d:e3:65:49:b3:4b:77:b0:21:b8:4c:11:ab:33:
3d:f9:da:f6:e8:2a:72:a1:51:f7:84:10:fd:e7:65:
6f:57:89:25:b0:f1:33:bd:11:4e:95:3d:f8:04:48:
79:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:7C:DC:3A:56:58:1F:2C:22:D7:87:C3:3D:B0:D7:E9:EC:4D:09:E5
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/1-HzcOlZYHywi14fDPbDX6exNCeU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.145.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:35:5e:73:20:20:a6:09:c1:9a:a1:6e:a7:e2:4a:3c:44:36:
3f:40:68:9e:f5:10:27:c9:70:73:17:6d:64:71:f7:34:ed:2a:
ef:21:b0:33:c2:b1:b8:b6:fb:73:64:ee:2d:b5:96:c2:43:a7:
c4:19:aa:91:80:aa:8e:e6:91:11:dc:bd:ee:a9:38:a3:76:69:
76:1e:d0:6e:a4:de:e7:4d:3d:a2:81:a1:f5:9b:0f:f2:25:93:
45:aa:1f:48:b2:0e:7a:1d:81:3e:6e:11:73:48:84:88:b4:0d:
7e:8d:14:9d:be:3f:8e:f3:93:58:42:1d:1e:56:5d:59:c4:fd:
8c:8a:c9:6b:26:cb:25:55:ff:6d:85:99:c4:c4:36:f5:be:2e:
19:83:a0:c3:83:23:ec:be:20:38:dc:27:1b:8b:64:00:fe:e0:
df:24:c3:20:5c:12:06:c2:2f:b9:e7:4e:5a:a5:ba:9f:88:2c:
2c:b5:7f:47:90:0a:b3:6e:e2:b0:5f:69:e4:cd:15:ff:02:38:
96:97:de:dc:80:76:30:8d:0c:65:a2:6f:8c:fd:2c:a6:21:c2:
da:94:d7:24:80:92:00:dd:ee:d7:ed:1a:92:58:ff:bb:89:fe:
04:0a:8a:b4:df:07:f8:d0:cc:eb:94:ed:a5:40:74:2b:c5:19:
ca:af:c5:98
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZX84mMbvv5QVz74GeXyWFU3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNDAzMTgyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODdjZGMzYTU2NTgxZjJjMjJkNzg3YzMzZGIwZDdlOWVjNGQwOWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdCiYE2BIKSvUlWgk87pnlbfbS0B
PJuDpoNLtqlAe9poLAxhB/nPyOlDgdEltaibNNEtZjl3Sg1hE7y0SmPC9+HPM0CY
GBgZFpKsITnzIUTF4Cd+SmIPQ5URmvvPZCRDvrR1+mLUz5oRcHQqqpM06uUNJ0+I
xvzDJN5COZYkIzZE8Un8Av53+S5PaBGEIUj8o46P1UJSwjitxZ9+hUMOXk+WRgtW
PviZVLCu3BYGJ3/R+VfBh7wjKrtqEHqsMvdXWJtg6zomkYpNo7vV/wpY+RNoTeNl
SbNLd7AhuEwRqzM9+dr26CpyoVH3hBD952VvV4klsPEzvRFOlT34BEh5QQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPh83DpWWB8sIteHwz2w1+nsTQnlMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvMS1IemNPbFpZSHl3aTE0ZkRQYkRYNmV4TkNlVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDcvZTVlYTk4LTk2MDEtNGFkZC1hN2Y4LTRmNTdkOWNmNWNh
YS8xL0tkTGFfeHhidGhvS3lMUEs2dFM0b2Zvb1RROC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFXvkTAN
BgkqhkiG9w0BAQsFAAOCAQEAtTVecyAgpgnBmqFup+JKPEQ2P0BonvUQJ8lwcxdt
ZHH3NO0q7yGwM8KxuLb7c2TuLbWWwkOnxBmqkYCqjuaREdy97qk4o3Zpdh7QbqTe
5009ooGh9ZsP8iWTRaofSLIOeh2BPm4Rc0iEiLQNfo0Unb4/jvOTWEIdHlZdWcT9
jIrJaybLJVX/bYWZxMQ29b4uGYOgw4Mj7L4gONwnG4tkAP7g3yTDIFwSBsIvuedO
WqW6n4gsLLV/R5AKs27isF9p5M0V/wI4lpfe3IB2MI0MZaJvjP0spiHC2pTXJICS
AN3u1+0aklj/u4n+BAqKtN8H+NDM65TtpUB0K8UZyq/FmA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:03:11 2025 by rpki-client