Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/AHYF2x0lr3_u2JOB9YUeOfp4fd4.roa
File: AHYF2x0lr3_u2JOB9YUeOfp4fd4.roa (raw, json)
Hash identifier: Kj4+k9VuqJqM/G1JF5LTbVIduHdc2sFrtVmFPYIkEA4=
Subject key identifier: 00:76:05:DB:1D:25:AF:7F:EE:D8:93:81:F5:85:1E:39:FA:78:7D:DE
Certificate issuer: /CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Certificate serial: 019427B675676A5C625C69C2B11CB2949C71
Authority key identifier: E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/AHYF2x0lr3_u2JOB9YUeOfp4fd4.roa
Signing time: Thu 02 Jan 2025 15:50:56 +0000
ROA not before: Thu 02 Jan 2025 15:50:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39591
IP address blocks: 185.117.226.0/24 maxlen: 24
185.133.88.0/22 maxlen: 22
185.133.88.0/24 maxlen: 24
188.116.45.0/24 maxlen: 24
212.11.88.0/22 maxlen: 22
2a10:7180::/29 maxlen: 29
Validation: Failed, certificate revoked on Sat 11 Jan 2025 14:52:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:75:67:6a:5c:62:5c:69:c2:b1:1c:b2:94:9c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5c340ee5b9daf1a6818f0df407fa5975886b10f
Validity
Not Before: Jan 2 15:50:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=007605db1d25af7feed89381f5851e39fa787dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:0b:2d:91:c5:62:51:9f:66:4d:05:f9:44:f9:
45:26:cc:32:77:c8:15:bb:51:57:28:8f:3e:6e:a8:
62:a3:2a:39:7d:ab:53:6e:89:6c:d3:93:81:a4:54:
b6:c9:69:02:d6:15:64:fb:b5:46:52:5a:c0:9e:5f:
0c:96:21:27:70:b5:84:e9:47:87:e2:02:bf:c2:9d:
19:45:d9:d1:5b:2d:52:28:ca:15:2c:1b:b1:71:5d:
8f:15:1a:bf:34:0a:78:5b:4d:ad:1c:4b:6e:80:c3:
f4:4b:cc:00:9b:d4:44:93:04:65:32:a9:eb:68:da:
dd:90:b3:78:27:4f:70:ec:76:3f:33:1d:42:00:eb:
e9:f6:6c:e1:55:1c:74:88:f4:7e:77:1b:3f:e7:df:
6b:d2:25:be:12:da:d3:b9:6f:ee:41:fc:58:18:2e:
53:bd:78:c3:c5:a4:8d:e2:34:c8:19:34:1d:0e:4e:
23:a2:ea:01:83:a8:ff:47:35:94:88:35:c5:2b:3c:
a4:bd:a7:97:cd:3d:2f:b1:2e:f7:e3:03:7d:6d:ee:
9c:38:22:bc:b8:1c:15:78:44:1a:88:f8:50:61:51:
ab:6e:f7:c6:ca:44:db:29:34:fa:e5:a7:ed:99:82:
c8:7d:e3:0d:12:60:fb:37:87:45:a9:6f:40:c6:8b:
0a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:76:05:DB:1D:25:AF:7F:EE:D8:93:81:F5:85:1E:39:FA:78:7D:DE
X509v3 Authority Key Identifier:
keyid:E5:C3:40:EE:5B:9D:AF:1A:68:18:F0:DF:40:7F:A5:97:58:86:B1:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5cNA7ludrxpoGPDfQH-ll1iGsQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/AHYF2x0lr3_u2JOB9YUeOfp4fd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/d5104c-f64a-44ca-a37b-6e1f2f6851cf/1/5cNA7ludrxpoGPDfQH-ll1iGsQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.117.226.0/24
185.133.88.0/22
188.116.45.0/24
212.11.88.0/22
IPv6:
2a10:7180::/29
Signature Algorithm: sha256WithRSAEncryption
4a:98:bf:38:20:6e:47:89:af:fa:13:70:7e:e0:b3:c6:42:b4:
c1:6f:18:7c:e2:75:fe:ab:1b:c7:50:6e:c0:e5:71:63:6f:60:
68:e7:18:ab:21:ee:ec:23:c0:20:4a:c1:0b:7c:8a:94:1e:57:
d3:58:8b:77:a6:7a:f6:e9:31:aa:59:94:a0:0e:6a:2a:ff:90:
d4:0d:ae:26:f9:5f:a4:ce:39:5d:4c:f5:2a:72:d3:eb:8b:da:
c8:e2:86:ae:ed:55:d5:61:8d:44:56:e4:99:2e:d2:09:72:66:
ad:34:ec:cf:41:bf:4e:a8:ec:bb:8e:e0:52:00:b8:75:d1:57:
75:ea:3c:2b:ac:bb:40:ab:f5:47:ee:0e:b9:c6:e8:a1:bf:e2:
94:1f:5f:3e:bd:17:b4:4e:e0:a3:6b:20:4a:9e:ec:4a:10:bb:
75:59:f2:e3:e7:f9:89:73:c8:08:b8:a3:94:c3:f1:e7:04:79:
2c:91:1e:83:85:e5:93:e8:ec:3f:46:82:df:3e:af:e2:cc:eb:
45:62:00:f3:92:0c:af:e6:a8:85:69:1f:78:65:80:20:f9:82:
69:97:eb:32:e7:7e:6d:09:8c:7e:b4:4a:93:8e:7e:8c:7b:79:
2d:2a:38:e5:39:48:3e:d8:2c:a8:d1:6a:19:78:6f:58:2e:9e:
b8:d5:8a:7a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQntnVnalxiXGnCsRyylJxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YzM0MGVlNWI5ZGFmMWE2ODE4ZjBkZjQwN2ZhNTk3NTg4
NmIxMGYwHhcNMjUwMTAyMTU1MDU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDc2MDVkYjFkMjVhZjdmZWVkODkzODFmNTg1MWUzOWZhNzg3ZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAstkcViUZ9mTQX5RPlFJswyd8gV
u1FXKI8+bqhioyo5fatTbols05OBpFS2yWkC1hVk+7VGUlrAnl8MliEncLWE6UeH
4gK/wp0ZRdnRWy1SKMoVLBuxcV2PFRq/NAp4W02tHEtugMP0S8wAm9REkwRlMqnr
aNrdkLN4J09w7HY/Mx1CAOvp9mzhVRx0iPR+dxs/599r0iW+EtrTuW/uQfxYGC5T
vXjDxaSN4jTIGTQdDk4jouoBg6j/RzWUiDXFKzykvaeXzT0vsS734wN9be6cOCK8
uBwVeEQaiPhQYVGrbvfGykTbKTT65aftmYLIfeMNEmD7N4dFqW9AxosKcQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAB2BdsdJa9/7tiTgfWFHjn6eH3eMB8GA1UdIwQY
MBaAFOXDQO5bna8aaBjw30B/pZdYhrEPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2It
NmUxZjJmNjg1MWNmLzEvQUhZRjJ4MGxyM191MkpPQjlZVWVPZnA0ZmQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9kNTEwNGMtZjY0YS00NGNhLWEzN2ItNmUxZjJmNjg1MWNm
LzEvNWNOQTdsdWRyeHBvR1BEZlFILWxsMWlHc1E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAuXXiAwQC
uYVYAwQAvHQtAwQC1AtYMA0EAgACMAcDBQMqEHGAMA0GCSqGSIb3DQEBCwUAA4IB
AQBKmL84IG5Hia/6E3B+4LPGQrTBbxh84nX+qxvHUG7A5XFjb2Bo5xirIe7sI8Ag
SsELfIqUHlfTWIt3pnr26TGqWZSgDmoq/5DUDa4m+V+kzjldTPUqctPri9rI4oau
7VXVYY1EVuSZLtIJcmatNOzPQb9OqOy7juBSALh10Vd16jwrrLtAq/VH7g65xuih
v+KUH18+vRe0TuCjayBKnuxKELt1WfLj5/mJc8gIuKOUw/HnBHkskR6DheWT6Ow/
RoLfPq/izOtFYgDzkgyv5qiFaR94ZYAg+YJpl+sy535tCYx+tEqTjn6Me3ktKjjl
OUg+2Cyo0WoZeG9YLp641Yp6
-----END CERTIFICATE-----
Generated at Sun Apr 13 02:49:07 2025 by rpki-client