Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hRUicQLwFX8gaJhrSYFLRTDWbqM.roa
File: hRUicQLwFX8gaJhrSYFLRTDWbqM.roa (raw, json)
Hash identifier: SMus44MIJm65EV2rCrgnK8XY5ysvWlVihwNvvjrHlwk=
Subject key identifier: 85:15:22:71:02:F0:15:7F:20:68:98:6B:49:81:4B:45:30:D6:6E:A3
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 01977135745CD8455AA97BD7390EE8DAF3DD
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hRUicQLwFX8gaJhrSYFLRTDWbqM.roa
Signing time: Sun 15 Jun 2025 01:30:18 +0000
ROA not before: Sun 15 Jun 2025 01:30:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.22.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.101.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.144.103.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
195.85.71.0/24 maxlen: 32
Validation: Failed, certificate revoked on Mon 16 Jun 2025 02:08:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:71:35:74:5c:d8:45:5a:a9:7b:d7:39:0e:e8:da:f3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jun 15 01:30:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8515227102f0157f2068986b49814b4530d66ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:40:dd:9f:18:f4:51:79:c8:8d:7e:d5:05:3a:
71:b9:76:6a:ef:76:af:cf:1e:fe:cc:c7:77:3d:a7:
25:78:39:09:e4:b6:9b:99:97:35:3f:d0:ed:11:9c:
5f:d1:73:35:cf:6f:ae:d3:cb:43:ad:20:0b:63:82:
07:6b:15:3f:7d:0f:f4:10:89:52:38:12:fd:24:c7:
55:21:dc:67:82:5a:b8:06:ab:33:46:a6:ac:2c:1e:
f9:2d:98:f5:af:cf:7d:83:50:3f:8e:ba:7a:52:11:
6a:df:2a:7c:73:18:df:33:7d:56:d1:41:ff:dd:e1:
3d:4d:a2:1c:5a:41:25:07:f3:3a:6d:e3:8f:b2:84:
8e:77:55:08:28:c5:77:de:a1:05:3f:21:ab:b2:67:
a5:70:e9:9e:0a:38:68:70:09:57:02:a6:36:e7:6b:
f3:bd:10:2f:a3:de:2f:66:fe:92:44:8a:db:e8:06:
da:a3:10:f0:03:92:01:c2:d7:e9:1c:78:76:a0:ca:
c0:ba:a2:52:94:ed:a8:05:24:b2:48:61:df:09:b4:
66:58:8e:89:73:68:fd:5d:f0:0b:e4:7e:ed:a2:73:
20:f1:c6:ef:d4:87:d0:6c:0f:b5:7b:0c:a9:f0:03:
42:0c:41:cf:42:bd:4f:dd:bd:29:b0:f3:21:64:77:
63:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:15:22:71:02:F0:15:7F:20:68:98:6B:49:81:4B:45:30:D6:6E:A3
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/hRUicQLwFX8gaJhrSYFLRTDWbqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.20.0/22
185.144.100.0/22
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/24
194.36.102.0/23
194.124.64.0/22
195.85.68.0/22
Signature Algorithm: sha256WithRSAEncryption
94:80:b2:f9:e2:da:71:be:15:6d:42:aa:04:38:ea:4f:40:aa:
4b:cf:b5:10:02:33:9d:a7:c0:5e:b2:45:4f:36:c5:94:3c:9a:
c2:f7:ab:28:d6:94:54:a6:49:ef:9c:4e:9c:4c:cc:4f:35:d7:
b8:63:73:6d:c4:2e:bd:8e:7f:57:90:dc:13:83:57:10:ad:24:
78:b6:d7:a4:7e:19:ec:a6:04:87:2a:ff:61:09:d7:53:e2:11:
6d:e1:f8:25:ae:7b:49:5f:4e:9e:8c:5e:82:f0:85:99:a9:ef:
95:0f:ae:33:20:c5:e9:65:e7:17:6d:0b:05:fe:93:ae:db:5b:
71:a1:4a:25:4e:99:f6:7a:e1:97:11:5f:69:78:9d:1e:fa:b3:
ac:61:5e:93:7b:9e:c0:ea:96:d5:8c:18:aa:5a:5d:1d:56:b7:
4d:0c:24:aa:23:58:9d:f1:4b:76:03:2a:a3:21:13:9e:4f:a1:
a5:af:25:43:dd:14:ce:42:3e:f9:cf:cc:0f:de:bc:48:96:4c:
0b:f0:a4:0b:8f:ef:60:1e:3c:ee:b6:ac:bc:8d:c7:3b:91:d3:
3c:f2:4a:ff:83:90:f4:3f:10:14:13:b2:79:20:f0:b7:cc:aa:
c3:30:26:48:fc:ae:5f:21:ba:79:7b:2d:cf:8f:1a:cc:bc:a7:
08:b4:9c:6c
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZdxNXRc2EVaqXvXOQ7o2vPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNjE1MDEzMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTE1MjI3MTAyZjAxNTdmMjA2ODk4NmI0OTgxNGI0NTMwZDY2ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA00Ddnxj0UXnIjX7VBTpxuXZq73av
zx7+zMd3PacleDkJ5LabmZc1P9DtEZxf0XM1z2+u08tDrSALY4IHaxU/fQ/0EIlS
OBL9JMdVIdxnglq4BqszRqasLB75LZj1r899g1A/jrp6UhFq3yp8cxjfM31W0UH/
3eE9TaIcWkElB/M6beOPsoSOd1UIKMV33qEFPyGrsmelcOmeCjhocAlXAqY252vz
vRAvo94vZv6SRIrb6AbaoxDwA5IBwtfpHHh2oMrAuqJSlO2oBSSySGHfCbRmWI6J
c2j9XfAL5H7tonMg8cbv1IfQbA+1ewyp8ANCDEHPQr1P3b0psPMhZHdjjQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFIUVInEC8BV/IGiYa0mBS0Uw1m6jMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvaFJVaWNRTHdGWDhnYUpoclNZRkxSVERXYnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQALYgAAwQB
LYgCAwQAgAB3AwQCuXUUAwQCuZBkMAwDBAS50zADBAC50zIDBAK54/ADBALBydAD
BADCJGQDBAHCJGYDBALCfEADBALDVUQwDQYJKoZIhvcNAQELBQADggEBAJSAsvni
2nG+FW1CqgQ46k9AqkvPtRACM52nwF6yRU82xZQ8msL3qyjWlFSmSe+cTpxMzE81
17hjc23ELr2Of1eQ3BODVxCtJHi216R+GeymBIcq/2EJ11PiEW3h+CWue0lfTp6M
XoLwhZmp75UPrjMgxell5xdtCwX+k67bW3GhSiVOmfZ64ZcRX2l4nR76s6xhXpN7
nsDqltWMGKpaXR1Wt00MJKojWJ3xS3YDKqMhE55PoaWvJUPdFM5CPvnPzA/evEiW
TAvwpAuP72AePO62rLyNxzuR0zzySv+DkPQ/EBQTsnkg8LfMqsMwJkj8rl8hunl7
Lc+PGsy8pwi0nGw=
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:33:42 2025 by rpki-client