Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/HNP7nj7DY988mDh464FUgrtfouc.roa
File: HNP7nj7DY988mDh464FUgrtfouc.roa (raw, json)
Hash identifier: SQrvIcFj09vUT/XqY3KFLxeBcah3YXK5d+eNcXsUbrU=
Subject key identifier: 1C:D3:FB:9E:3E:C3:63:DF:3C:98:38:78:EB:81:54:82:BB:5F:A2:E7
Certificate issuer: /CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Certificate serial: 0195D6F70DF32E2A94CCF4A5E16C5942A000
Authority key identifier: 31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/HNP7nj7DY988mDh464FUgrtfouc.roa
Signing time: Thu 27 Mar 2025 09:37:49 +0000
ROA not before: Thu 27 Mar 2025 09:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47217
IP address blocks: 5.100.233.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 31 Mar 2025 14:26:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d6:f7:0d:f3:2e:2a:94:cc:f4:a5:e1:6c:59:42:a0:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=31b0f64c69d330b66ebcd03a9bf0fdc19f3147d8
Validity
Not Before: Mar 27 09:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cd3fb9e3ec363df3c983878eb815482bb5fa2e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:da:16:ba:e4:dc:03:5e:ed:ab:83:c3:31:59:
f2:ab:33:1f:73:69:9d:4e:58:69:66:5c:54:b6:cd:
7f:10:29:8d:f2:9d:65:a1:cb:38:28:26:4c:0e:24:
43:ee:7b:b0:cb:31:8f:73:ef:da:fd:8f:c7:9a:69:
10:3f:bb:d2:8f:2e:73:a5:2c:49:6c:1d:3f:12:84:
49:fa:87:80:e0:91:63:29:99:50:d3:f7:96:8e:60:
07:0f:b3:c4:93:15:47:5f:a4:53:11:a7:45:f6:48:
2d:7a:5d:d7:f3:de:e2:13:82:b5:a6:52:93:1f:00:
4f:34:41:fd:97:e9:31:5e:bb:7d:cf:a3:c9:e9:74:
78:20:f4:e2:bb:69:61:44:e1:0f:c9:81:e6:53:0e:
e9:55:08:32:ed:c7:4f:4b:1e:d0:55:e1:45:3c:2e:
c8:c9:52:2b:4f:07:9c:3c:f1:14:2f:9e:1c:95:97:
91:3c:3a:d2:e5:15:ec:6a:73:66:cd:cc:b9:2a:57:
bb:86:69:62:8e:41:51:38:2a:d9:5b:20:3b:fd:dd:
e8:5b:98:cf:0a:c2:ce:b8:1e:0f:71:b9:6d:b5:ca:
69:d1:27:8b:88:fa:7b:c7:95:1c:f3:f2:f9:28:2f:
6b:74:d3:1a:2a:86:a2:1d:ac:41:80:7d:ac:ee:8d:
c7:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:D3:FB:9E:3E:C3:63:DF:3C:98:38:78:EB:81:54:82:BB:5F:A2:E7
X509v3 Authority Key Identifier:
keyid:31:B0:F6:4C:69:D3:30:B6:6E:BC:D0:3A:9B:F0:FD:C1:9F:31:47:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/HNP7nj7DY988mDh464FUgrtfouc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/2fb473-8e6b-4f0d-ad30-d4934493a679/1/MbD2TGnTMLZuvNA6m_D9wZ8xR9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.100.233.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:6a:a7:87:41:4f:c0:eb:7b:8e:86:1e:4a:83:4a:41:20:72:
a8:d3:75:15:a2:b1:15:6c:8c:1c:fe:dd:32:de:c8:2b:31:24:
59:f4:08:b0:2a:88:67:f0:3d:5c:8a:c5:f3:a1:d6:fd:5a:8b:
6a:df:70:39:d1:ba:6b:e0:1c:40:c8:ba:c2:9f:d2:a9:4b:b1:
60:88:d0:ce:43:1f:74:19:80:aa:a4:5b:3e:d9:58:12:a9:26:
8b:f3:07:62:cf:cf:29:83:6e:49:ac:b0:b6:f1:88:6a:ad:ba:
32:9d:b5:c4:0d:3f:60:e8:bf:8b:05:2e:bf:d9:5d:85:61:27:
90:b3:5d:b2:5d:f1:ea:7b:5b:50:81:a2:ed:e6:a0:4d:83:00:
7b:44:e6:91:79:82:0f:19:9e:78:08:2b:83:cd:fc:16:46:41:
f5:46:9b:b1:d8:2e:6c:fc:38:65:74:6b:d8:2e:d8:2d:24:df:
96:70:67:56:31:1d:6d:7d:c0:74:f8:cd:cc:1f:ce:16:ca:8a:
e2:86:bb:30:dd:ed:f8:9b:47:dc:4a:9b:0a:c4:ff:35:65:af:
5d:d4:bd:62:8d:91:a3:97:1d:8d:2d:64:3c:11:aa:c1:62:63:
e0:f7:98:e9:25:ea:95:6d:af:a1:5f:0f:8a:80:ad:39:5c:d7:
95:2f:26:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXW9w3zLiqUzPSl4WxZQqAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxYjBmNjRjNjlkMzMwYjY2ZWJjZDAzYTliZjBmZGMxOWYz
MTQ3ZDgwHhcNMjUwMzI3MDkzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2QzZmI5ZTNlYzM2M2RmM2M5ODM4NzhlYjgxNTQ4MmJiNWZhMmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdoWuuTcA17tq4PDMVnyqzMfc2md
TlhpZlxUts1/ECmN8p1locs4KCZMDiRD7nuwyzGPc+/a/Y/HmmkQP7vSjy5zpSxJ
bB0/EoRJ+oeA4JFjKZlQ0/eWjmAHD7PEkxVHX6RTEadF9kgtel3X897iE4K1plKT
HwBPNEH9l+kxXrt9z6PJ6XR4IPTiu2lhROEPyYHmUw7pVQgy7cdPSx7QVeFFPC7I
yVIrTwecPPEUL54clZeRPDrS5RXsanNmzcy5Kle7hmlijkFROCrZWyA7/d3oW5jP
CsLOuB4Pcblttcpp0SeLiPp7x5Uc8/L5KC9rdNMaKoaiHaxBgH2s7o3H8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBzT+54+w2PfPJg4eOuBVIK7X6LnMB8GA1UdIwQY
MBaAFDGw9kxp0zC2brzQOpvw/cGfMUfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAt
ZDQ5MzQ0OTNhNjc5LzEvSE5QN25qN0RZOTg4bURoNDY0RlVncnRmb3VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8yZmI0NzMtOGU2Yi00ZjBkLWFkMzAtZDQ5MzQ0OTNhNjc5
LzEvTWJEMlRHblRNTFp1dk5BNm1fRDl3Wjh4UjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABWTpMA0G
CSqGSIb3DQEBCwUAA4IBAQAbaqeHQU/A63uOhh5Kg0pBIHKo03UVorEVbIwc/t0y
3sgrMSRZ9AiwKohn8D1cisXzodb9Wotq33A50bpr4BxAyLrCn9KpS7FgiNDOQx90
GYCqpFs+2VgSqSaL8wdiz88pg25JrLC28YhqrboynbXEDT9g6L+LBS6/2V2FYSeQ
s12yXfHqe1tQgaLt5qBNgwB7ROaReYIPGZ54CCuDzfwWRkH1Rpux2C5s/DhldGvY
LtgtJN+WcGdWMR1tfcB0+M3MH84Wyorihrsw3e34m0fcSpsKxP81Za9d1L1ijZGj
lx2NLWQ8EarBYmPg95jpJeqVba+hXw+KgK05XNeVLyZD
-----END CERTIFICATE-----
Generated at Mon Apr 21 19:24:19 2025 by rpki-client