Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/hBiCHxJjtjVA9hQdtCYiq6DctPc.roa
File: hBiCHxJjtjVA9hQdtCYiq6DctPc.roa (raw, json)
Hash identifier: x7EZNJ9p5Qoou32bY+z6a7z0ljybvkWnyaWOVli2oE4=
Subject key identifier: 84:18:82:1F:12:63:B6:35:40:F6:14:1D:B4:26:22:AB:A0:DC:B4:F7
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 01941F8C32EED8E3203C94A3754C77EFE5A1
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/hBiCHxJjtjVA9hQdtCYiq6DctPc.roa
Signing time: Wed 01 Jan 2025 01:47:49 +0000
ROA not before: Wed 01 Jan 2025 01:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61002
IP address blocks: 80.96.107.0/24 maxlen: 24
80.97.54.0/23 maxlen: 23
81.180.36.0/23 maxlen: 23
81.180.204.0/23 maxlen: 23
85.120.44.0/23 maxlen: 23
217.156.108.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 07 Apr 2025 10:33:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:32:ee:d8:e3:20:3c:94:a3:75:4c:77:ef:e5:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jan 1 01:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8418821f1263b63540f6141db42622aba0dcb4f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:e7:44:b4:e3:69:ea:d1:40:ae:a4:13:84:c7:
5b:aa:3f:d9:d4:36:80:95:aa:ec:41:5e:cf:7b:a9:
62:69:b9:1f:e7:2a:c3:f3:f8:b2:49:21:af:66:41:
bd:83:00:10:cb:fa:80:c7:64:da:43:ef:bd:bc:50:
49:06:c6:34:c6:2e:fb:21:17:25:ca:85:69:df:34:
ea:da:92:66:47:3f:d2:64:26:1b:9f:99:79:33:e2:
a6:11:7f:55:85:23:50:7e:50:bb:9c:c0:23:97:2e:
e8:f8:9e:4c:82:0a:c9:de:dc:ee:52:9f:91:5d:72:
07:11:99:b4:e5:29:4c:99:f1:e4:bd:7d:b5:b7:37:
09:d3:b7:9e:b1:6e:b2:3e:9a:79:38:3d:53:ed:e8:
db:22:fa:26:a2:f8:f4:3f:03:4b:4e:dd:ab:87:bd:
b3:b8:11:5a:dc:d1:eb:36:2e:81:78:f1:d6:60:aa:
13:e2:c3:24:41:41:09:b6:21:e5:43:01:21:89:9a:
b8:cf:29:82:60:b9:de:4b:e6:0a:cd:ce:ba:4c:b5:
fd:c0:a0:37:41:57:22:c1:5c:e1:7a:1c:c9:b5:96:
8e:f7:3a:5b:8a:4c:65:53:5a:ea:0e:c4:4e:c9:13:
5e:9c:d2:53:8f:47:1b:66:9a:01:b5:9b:36:4f:d4:
17:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:18:82:1F:12:63:B6:35:40:F6:14:1D:B4:26:22:AB:A0:DC:B4:F7
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/hBiCHxJjtjVA9hQdtCYiq6DctPc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.107.0/24
80.97.54.0/23
81.180.36.0/23
81.180.204.0/23
85.120.44.0/23
217.156.108.0/23
Signature Algorithm: sha256WithRSAEncryption
60:b6:74:ec:21:26:e0:72:40:2a:fe:8e:98:b4:5a:da:b5:20:
2d:97:63:20:04:69:35:e5:d5:e2:b6:c3:f9:fe:06:e0:f6:e4:
90:bd:c6:3f:89:40:8b:41:af:29:03:1e:e0:52:c9:d8:19:ea:
02:88:e9:54:04:16:b3:f9:dc:8d:90:3a:b3:83:03:a9:9a:51:
1c:23:45:f6:04:59:9d:25:7d:4b:90:ce:da:2a:7d:b5:eb:d5:
48:97:6c:56:69:49:47:83:28:1c:c9:cb:32:6e:08:d8:5e:aa:
87:f5:a8:75:9d:d8:96:44:fc:5b:02:dc:97:91:af:28:35:a1:
ac:6c:92:f1:20:17:5b:45:c4:c3:cd:ab:82:4d:7c:dd:16:2e:
7c:60:f1:68:b7:f1:a4:26:e2:d7:8a:9d:21:bd:5f:4b:f8:20:
f5:d9:76:a4:13:eb:6f:46:4b:63:29:11:f5:60:cc:f5:de:97:
1a:10:f1:98:72:c6:86:28:03:58:c3:17:06:67:40:e2:7c:4b:
a8:93:06:75:f8:8b:0c:9b:02:2d:28:4f:06:c1:55:28:25:fa:
2a:a7:4c:ad:30:f5:c1:87:59:6f:60:74:08:b1:40:92:9a:a0:
6d:8b:08:de:b0:2d:42:9a:f6:a1:3a:04:42:2a:98:10:81:77:
1b:c8:28:20
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQfjDLu2OMgPJSjdUx37+WhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwMTAxMDE0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDE4ODIxZjEyNjNiNjM1NDBmNjE0MWRiNDI2MjJhYmEwZGNiNGY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6OdEtONp6tFArqQThMdbqj/Z1DaA
larsQV7Pe6liabkf5yrD8/iySSGvZkG9gwAQy/qAx2TaQ++9vFBJBsY0xi77IRcl
yoVp3zTq2pJmRz/SZCYbn5l5M+KmEX9VhSNQflC7nMAjly7o+J5MggrJ3tzuUp+R
XXIHEZm05SlMmfHkvX21tzcJ07eesW6yPpp5OD1T7ejbIvomovj0PwNLTt2rh72z
uBFa3NHrNi6BePHWYKoT4sMkQUEJtiHlQwEhiZq4zymCYLneS+YKzc66TLX9wKA3
QVciwVzhehzJtZaO9zpbikxlU1rqDsROyRNenNJTj0cbZpoBtZs2T9QX2wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFIQYgh8SY7Y1QPYUHbQmIqug3LT3MB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvaEJpQ0h4Smp0alZBOWhRZHRDWWlxNkRjdFBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUGBrAwQB
UGE2AwQBUbQkAwQBUbTMAwQBVXgsAwQB2ZxsMA0GCSqGSIb3DQEBCwUAA4IBAQBg
tnTsISbgckAq/o6YtFratSAtl2MgBGk15dXitsP5/gbg9uSQvcY/iUCLQa8pAx7g
UsnYGeoCiOlUBBaz+dyNkDqzgwOpmlEcI0X2BFmdJX1LkM7aKn2169VIl2xWaUlH
gygcycsybgjYXqqH9ah1ndiWRPxbAtyXka8oNaGsbJLxIBdbRcTDzauCTXzdFi58
YPFot/GkJuLXip0hvV9L+CD12XakE+tvRktjKRH1YMz13pcaEPGYcsaGKANYwxcG
Z0DifEuokwZ1+IsMmwItKE8GwVUoJfoqp0ytMPXBh1lvYHQIsUCSmqBtiwjesC1C
mvahOgRCKpgQgXcbyCgg
-----END CERTIFICATE-----
Generated at Wed Apr 9 20:40:40 2025 by rpki-client