Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HRA6RBzFMe4qvpLZXFCk-ljwk5s.roa
File: HRA6RBzFMe4qvpLZXFCk-ljwk5s.roa (raw, json)
Hash identifier: axJjpi7oHUTqIeJp65ESoggFCDNqklN24z14cFWqNgA=
Subject key identifier: 1D:10:3A:44:1C:C5:31:EE:2A:BE:92:D9:5C:50:A4:FA:58:F0:93:9B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01943F7413D7DAE89DA1DF16B107AC5AB509
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HRA6RBzFMe4qvpLZXFCk-ljwk5s.roa
Signing time: Tue 07 Jan 2025 06:29:19 +0000
ROA not before: Tue 07 Jan 2025 06:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214417
IP address blocks: 176.125.254.0/24 maxlen: 24
194.48.250.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Jan 2025 08:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:3f:74:13:d7:da:e8:9d:a1:df:16:b1:07:ac:5a:b5:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 7 06:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d103a441cc531ee2abe92d95c50a4fa58f0939b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:b9:71:94:d4:5f:61:0e:05:82:36:dc:f1:85:
c5:ff:f8:68:30:c0:72:04:7c:2d:86:7e:3a:49:f6:
a5:de:42:03:e6:1b:a3:10:67:b6:61:b5:ac:9f:c5:
79:58:c2:d5:58:05:29:f9:d8:00:06:a0:31:31:38:
4c:90:a3:5d:40:21:86:21:fd:4e:97:65:fd:e5:55:
04:ed:84:cf:33:e5:ed:9f:f2:68:fe:0d:af:3c:2f:
65:61:9a:a5:60:4a:8c:4a:1a:45:e2:9e:18:f6:6e:
43:62:60:f6:0a:46:d2:34:ab:6b:79:8f:28:0f:62:
48:ba:10:f5:c0:49:4a:24:a7:75:1f:a3:69:c4:6d:
c8:1c:ca:f6:87:a9:46:98:9d:0b:8f:c1:73:17:b0:
41:eb:2d:88:14:9d:4b:a2:af:aa:28:cc:7c:1d:5b:
96:40:99:f9:31:e8:9e:79:a1:48:db:c6:a3:8e:fd:
0c:4d:dc:c3:4d:e8:81:3e:69:cd:f5:2f:98:13:9e:
77:3e:97:86:46:08:e5:ea:37:c2:8d:1c:c4:2e:07:
37:1e:18:85:f4:bc:c9:1b:a0:45:92:02:81:15:13:
a4:36:43:de:ef:85:cb:d9:10:75:e3:b8:2b:2e:3f:
e1:21:81:86:88:8e:73:af:75:da:e2:7d:26:b7:82:
88:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:10:3A:44:1C:C5:31:EE:2A:BE:92:D9:5C:50:A4:FA:58:F0:93:9B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/HRA6RBzFMe4qvpLZXFCk-ljwk5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.254.0/24
194.48.250.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:a9:b5:59:d4:38:4b:be:c5:ea:3f:9a:45:be:a0:bc:5b:13:
be:3d:d7:6a:a9:d3:2c:94:0e:c1:6c:f1:82:aa:f0:90:f6:60:
e6:8b:4c:98:72:43:f1:69:89:07:d1:42:c2:83:ce:18:4f:ee:
1d:60:39:06:55:67:ec:f0:53:7f:39:58:eb:9d:c6:49:4a:d9:
b8:ba:76:12:8a:47:bf:90:24:b3:61:b6:51:4a:fd:2b:0a:0c:
f4:45:d7:71:b4:37:ce:7e:5a:a5:06:71:7e:67:98:cb:78:08:
4d:62:d1:18:73:3a:05:98:03:33:f0:a8:5e:5c:14:6e:a1:54:
d9:b7:95:0f:b5:84:2e:ac:34:dd:f8:95:7d:05:5a:a5:e6:29:
d7:51:69:71:c9:f4:66:db:e4:d5:1c:0f:c3:de:ca:97:25:bb:
ac:5d:e9:a6:88:bb:fa:19:21:6d:62:b9:a7:54:b2:f7:8b:64:
74:01:9b:cf:6a:a8:9c:b7:19:87:72:ab:e1:a9:7a:5d:28:05:
d3:1c:4f:45:fe:cf:ea:cc:22:5d:66:ad:f7:95:be:a0:d2:d3:
f6:22:cb:bc:50:ce:91:e4:40:4c:d1:c6:59:3c:f5:50:54:c3:
e9:d8:39:b3:a2:97:31:4b:f5:2b:b8:e9:68:99:ad:1e:47:f2:
68:8d:ea:20
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQ/dBPX2uidod8WsQesWrUJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTA3MDYyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDEwM2E0NDFjYzUzMWVlMmFiZTkyZDk1YzUwYTRmYTU4ZjA5MzliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyblxlNRfYQ4Fgjbc8YXF//hoMMBy
BHwthn46Sfal3kID5hujEGe2YbWsn8V5WMLVWAUp+dgABqAxMThMkKNdQCGGIf1O
l2X95VUE7YTPM+Xtn/Jo/g2vPC9lYZqlYEqMShpF4p4Y9m5DYmD2CkbSNKtreY8o
D2JIuhD1wElKJKd1H6NpxG3IHMr2h6lGmJ0Lj8FzF7BB6y2IFJ1Loq+qKMx8HVuW
QJn5MeieeaFI28ajjv0MTdzDTeiBPmnN9S+YE553PpeGRgjl6jfCjRzELgc3HhiF
9LzJG6BFkgKBFROkNkPe74XL2RB147grLj/hIYGGiI5zr3Xa4n0mt4KInwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB0QOkQcxTHuKr6S2VxQpPpY8JObMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSFJBNlJCekZNZTRxdnBMWlhGQ2stbGp3azVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH3+AwQA
wjD6MA0GCSqGSIb3DQEBCwUAA4IBAQAPqbVZ1DhLvsXqP5pFvqC8WxO+PddqqdMs
lA7BbPGCqvCQ9mDmi0yYckPxaYkH0ULCg84YT+4dYDkGVWfs8FN/OVjrncZJStm4
unYSike/kCSzYbZRSv0rCgz0RddxtDfOflqlBnF+Z5jLeAhNYtEYczoFmAMz8Khe
XBRuoVTZt5UPtYQurDTd+JV9BVql5inXUWlxyfRm2+TVHA/D3sqXJbusXemmiLv6
GSFtYrmnVLL3i2R0AZvPaqictxmHcqvhqXpdKAXTHE9F/s/qzCJdZq33lb6g0tP2
Isu8UM6R5EBM0cZZPPVQVMPp2DmzopcxS/UruOloma0eR/Jojeog
-----END CERTIFICATE-----
Generated at Wed Apr 16 20:12:21 2025 by rpki-client