Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HP6RwwF1XQnajfrYCgkQMKKMMyg.roa
File: HP6RwwF1XQnajfrYCgkQMKKMMyg.roa (raw, json)
Hash identifier: utFEjDDutDx6HpX4Mo7saRZOs7stRwECBL2qP4BmNXQ=
Subject key identifier: 1C:FE:91:C3:01:75:5D:09:DA:8D:FA:D8:0A:09:10:30:A2:8C:33:28
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0193B046122329D01704D51624CE472D3222
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HP6RwwF1XQnajfrYCgkQMKKMMyg.roa
Signing time: Tue 10 Dec 2024 11:13:22 +0000
ROA not before: Tue 10 Dec 2024 11:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202759
IP address blocks: 95.156.206.0/24 maxlen: 24
185.122.185.0/24 maxlen: 24
185.193.49.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
188.214.36.0/24 maxlen: 24
188.214.37.0/24 maxlen: 24
2a03:f80:372::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:b0:46:12:23:29:d0:17:04:d5:16:24:ce:47:2d:32:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Dec 10 11:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1cfe91c301755d09da8dfad80a091030a28c3328
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:fa:ad:49:60:68:19:84:da:f2:6d:fd:5c:a5:
93:38:25:e7:d0:24:18:b7:8f:26:ee:bc:05:77:c3:
f4:7c:9b:5d:75:0e:7c:d1:62:36:1d:97:97:fb:3b:
46:5c:8d:6e:09:08:b6:b5:73:9a:0d:70:db:e9:d9:
83:6c:38:82:ac:cb:02:41:88:d1:5f:dc:85:65:46:
d9:aa:ca:aa:45:a1:fe:09:4c:5b:08:1e:0f:7a:85:
39:77:03:e0:43:12:df:9a:f2:5f:fd:56:b7:13:a1:
a5:49:9d:d7:cc:2b:c6:99:d1:ff:a1:db:26:92:12:
26:a2:66:3d:22:f3:bb:dc:07:fd:d1:d4:57:8c:23:
0c:5e:5c:c8:59:80:66:05:77:70:c4:dd:44:5c:d3:
ad:41:f3:0f:ec:74:59:35:34:e6:20:23:43:b9:98:
d0:18:dd:a2:0c:53:e1:47:95:e9:9b:4d:1c:3e:4c:
c4:ca:63:8d:cc:e0:30:41:a9:bf:e1:29:af:38:a0:
9b:0d:bc:6e:83:7b:02:a4:52:d8:df:c6:30:f1:5f:
26:9d:e1:79:39:65:82:07:1a:f0:de:8f:83:45:1b:
8a:70:ea:0a:fa:0b:dd:ea:a3:21:d3:f3:e3:01:2f:
00:a7:64:57:d8:a0:92:63:54:2a:12:cf:af:13:4f:
36:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FE:91:C3:01:75:5D:09:DA:8D:FA:D8:0A:09:10:30:A2:8C:33:28
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/HP6RwwF1XQnajfrYCgkQMKKMMyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.206.0/24
185.122.185.0/24
185.193.49.0/24
188.214.32.0/24
188.214.36.0/23
IPv6:
2a03:f80:372::/48
Signature Algorithm: sha256WithRSAEncryption
92:a8:e5:a2:88:7d:87:98:50:cd:85:e2:82:41:8c:cc:43:7f:
f4:38:fc:61:cf:af:33:6e:c9:b0:6d:01:bb:00:59:f2:98:15:
50:2f:64:46:25:6d:a8:9f:41:30:d1:93:6b:12:ad:0d:4a:a7:
29:e6:08:0b:cf:86:49:68:26:1d:71:c1:ab:f3:92:3a:fa:1e:
53:3d:0c:d1:fe:81:8f:d8:dd:6e:25:c9:66:78:31:0f:49:1e:
13:a8:0f:b2:89:f4:e6:0a:67:dc:d1:90:73:e2:35:48:e9:5d:
6b:fb:37:e0:a2:f5:08:9f:65:22:a1:1b:17:bb:44:f3:5d:2c:
0a:54:21:03:e7:ea:61:9e:49:09:5e:5f:a9:7e:61:3d:13:a1:
cf:da:ce:f7:eb:7a:6d:89:df:17:52:ad:23:4f:1e:8f:e4:a2:
f7:73:5a:35:01:85:fe:b3:76:a9:9c:d1:fa:1f:0b:e3:0b:ac:
30:4e:18:b8:9f:da:92:bb:85:29:f5:45:16:b2:42:20:1d:9d:
11:e7:28:36:c0:af:51:be:26:d7:62:28:ff:c0:47:8d:93:cf:
b1:7f:02:50:7c:bc:f5:72:c8:ed:aa:b2:04:1a:23:fa:43:97:
1b:a3:d2:5a:03:5a:e7:41:a7:23:b0:c4:25:f3:c8:2d:dd:fa:
da:35:14:75
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZOwRhIjKdAXBNUWJM5HLTIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMjEwMTExMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ZlOTFjMzAxNzU1ZDA5ZGE4ZGZhZDgwYTA5MTAzMGEyOGMzMzI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1/qtSWBoGYTa8m39XKWTOCXn0CQY
t48m7rwFd8P0fJtddQ580WI2HZeX+ztGXI1uCQi2tXOaDXDb6dmDbDiCrMsCQYjR
X9yFZUbZqsqqRaH+CUxbCB4PeoU5dwPgQxLfmvJf/Va3E6GlSZ3XzCvGmdH/odsm
khImomY9IvO73Af90dRXjCMMXlzIWYBmBXdwxN1EXNOtQfMP7HRZNTTmICNDuZjQ
GN2iDFPhR5Xpm00cPkzEymONzOAwQam/4SmvOKCbDbxug3sCpFLY38Yw8V8mneF5
OWWCBxrw3o+DRRuKcOoK+gvd6qMh0/PjAS8Ap2RX2KCSY1QqEs+vE082uwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFBz+kcMBdV0J2o362AoJEDCijDMoMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvSFA2Und3RjFYUW5hamZyWUNna1FNS0tNTXlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQAX5zOAwQA
uXq5AwQAucExAwQAvNYgAwQBvNYkMA8EAgACMAkDBwAqAw+AA3IwDQYJKoZIhvcN
AQELBQADggEBAJKo5aKIfYeYUM2F4oJBjMxDf/Q4/GHPrzNuybBtAbsAWfKYFVAv
ZEYlbaifQTDRk2sSrQ1KpynmCAvPhkloJh1xwavzkjr6HlM9DNH+gY/Y3W4lyWZ4
MQ9JHhOoD7KJ9OYKZ9zRkHPiNUjpXWv7N+Ci9QifZSKhGxe7RPNdLApUIQPn6mGe
SQleX6l+YT0Toc/azvfrem2J3xdSrSNPHo/kovdzWjUBhf6zdqmc0fofC+MLrDBO
GLif2pK7hSn1RRayQiAdnRHnKDbAr1G+JtdiKP/AR42Tz7F/AlB8vPVyyO2qsgQa
I/pDlxuj0loDWudBpyOwxCXzyC3d+to1FHU=
-----END CERTIFICATE-----
Generated at Sun Apr 13 09:43:57 2025 by rpki-client