Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/hnuu6du3_VEp7iwPmWPTNyCd0aE.roa
File: hnuu6du3_VEp7iwPmWPTNyCd0aE.roa (raw, json)
Hash identifier: 5FDbQDzOunwFUvX7N+/zHpr9qg08Z0OQD0cM45gnKdE=
Subject key identifier: 86:7B:AE:E9:DB:B7:FD:51:29:EE:2C:0F:99:63:D3:37:20:9D:D1:A1
Certificate issuer: /CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Certificate serial: 018FECA379FAF81D13ED95E1CE919A8E61D4
Authority key identifier: 9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/hnuu6du3_VEp7iwPmWPTNyCd0aE.roa
Signing time: Thu 06 Jun 2024 08:21:27 +0000
ROA not before: Thu 06 Jun 2024 08:21:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197674
IP address blocks: 185.72.216.0/24 maxlen: 24
185.72.217.0/24 maxlen: 24
185.72.218.0/24 maxlen: 24
185.72.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Jun 2024 08:42:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:a3:79:fa:f8:1d:13:ed:95:e1:ce:91:9a:8e:61:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e34b186271ccb89c5e58b30e70bd74109cc284a
Validity
Not Before: Jun 6 08:21:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=867baee9dbb7fd5129ee2c0f9963d337209dd1a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f1:a4:3e:b9:fe:1b:e8:2d:c4:2b:31:7d:e5:
92:af:b5:6b:11:22:2a:3e:59:2c:70:76:0e:58:f5:
3b:80:70:2f:bc:b5:7d:15:eb:1e:4d:9a:2c:24:ab:
b3:a1:ba:4f:b4:a6:50:b0:5b:3c:a4:76:91:89:20:
77:e1:92:62:0f:28:b5:3a:60:04:f2:db:75:3a:c7:
07:eb:8e:54:e1:ab:c2:98:c9:5b:d3:c6:98:db:68:
79:a4:90:67:e5:48:b7:81:3e:4f:de:81:93:7e:37:
ac:c1:94:4d:8c:a2:22:0d:3c:41:91:2e:b2:7d:19:
c0:d4:23:79:d3:e3:34:de:57:8e:df:b3:0e:5a:db:
c8:c6:f9:8e:0b:f2:40:78:77:6f:3e:bf:8b:24:75:
e2:c5:a7:aa:fb:2b:3a:66:b0:41:95:00:f6:31:8e:
36:63:03:84:0f:59:ca:14:4b:6e:d8:87:79:ba:24:
61:cd:23:86:05:c1:b0:73:88:fc:89:61:d2:c6:15:
2a:26:66:ce:cf:cc:84:ab:15:6a:dd:45:4f:d5:36:
be:cd:fd:6a:4f:87:7a:c7:87:13:5d:6b:c7:80:27:
08:aa:ce:f7:16:93:51:7e:4d:15:e3:df:01:04:86:
f9:31:81:8c:b4:99:1e:49:84:0c:04:ab:70:48:19:
77:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:7B:AE:E9:DB:B7:FD:51:29:EE:2C:0F:99:63:D3:37:20:9D:D1:A1
X509v3 Authority Key Identifier:
keyid:9E:34:B1:86:27:1C:CB:89:C5:E5:8B:30:E7:0B:D7:41:09:CC:28:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/njSxhiccy4nF5Ysw5wvXQQnMKEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/hnuu6du3_VEp7iwPmWPTNyCd0aE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/0c37c3-9990-4596-99e9-dd5ffd531571/1/njSxhiccy4nF5Ysw5wvXQQnMKEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.216.0/22
Signature Algorithm: sha256WithRSAEncryption
08:e5:6b:32:e9:61:16:7b:41:90:42:9a:fe:38:9d:68:b5:02:
c1:32:d1:61:2a:17:e2:da:53:d8:2d:f7:7a:c0:ac:86:c2:37:
fb:e9:ac:d1:f0:c5:ef:39:4d:0a:9e:e1:cd:5d:d7:a3:d0:23:
45:dd:21:bd:ab:3b:00:02:5a:b0:c3:8c:44:95:38:36:5e:3f:
43:1f:76:91:4b:43:5e:2f:54:d2:4a:f8:cc:2e:f9:e6:1c:8e:
2d:7e:16:79:50:e8:56:42:da:88:28:72:95:f4:1e:44:eb:83:
c2:a0:44:9f:b2:e3:6b:00:c3:9f:74:7a:d8:b5:d0:b2:31:dc:
91:d1:af:7a:6e:ab:7e:2a:8c:e5:6b:d2:21:62:1f:82:d7:19:
fb:d1:30:73:7c:2a:71:b2:7a:88:4f:07:d4:27:6c:b4:8a:e7:
5d:e3:a1:07:95:86:e0:59:0f:9e:90:18:ff:5f:c3:39:ac:5d:
66:a6:5b:e0:d2:ea:8c:97:8c:56:de:dd:87:be:72:c6:97:33:
1b:a0:e1:dd:96:fa:62:1c:55:4e:ca:fa:6b:cc:7a:e9:98:1d:
77:fe:67:71:64:c7:32:1b:43:63:da:ad:fb:29:f1:64:a7:8e:
2d:60:df:4a:41:ed:2b:9a:16:19:a3:82:ef:1f:d4:e6:b2:69:
a2:da:5c:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/so3n6+B0T7ZXhzpGajmHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllMzRiMTg2MjcxY2NiODljNWU1OGIzMGU3MGJkNzQxMDlj
YzI4NGEwHhcNMjQwNjA2MDgyMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjdiYWVlOWRiYjdmZDUxMjllZTJjMGY5OTYzZDMzNzIwOWRkMWExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufGkPrn+G+gtxCsxfeWSr7VrESIq
PlkscHYOWPU7gHAvvLV9FeseTZosJKuzobpPtKZQsFs8pHaRiSB34ZJiDyi1OmAE
8tt1OscH645U4avCmMlb08aY22h5pJBn5Ui3gT5P3oGTfjeswZRNjKIiDTxBkS6y
fRnA1CN50+M03leO37MOWtvIxvmOC/JAeHdvPr+LJHXixaeq+ys6ZrBBlQD2MY42
YwOED1nKFEtu2Id5uiRhzSOGBcGwc4j8iWHSxhUqJmbOz8yEqxVq3UVP1Ta+zf1q
T4d6x4cTXWvHgCcIqs73FpNRfk0V498BBIb5MYGMtJkeSYQMBKtwSBl3TQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIZ7runbt/1RKe4sD5lj0zcgndGhMB8GA1UdIwQY
MBaAFJ40sYYnHMuJxeWLMOcL10EJzChKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTkt
ZGQ1ZmZkNTMxNTcxLzEvaG51dTZkdTNfVkVwN2l3UG1XUFROeUNkMGFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8wYzM3YzMtOTk5MC00NTk2LTk5ZTktZGQ1ZmZkNTMxNTcx
LzEvbmpTeGhpY2N5NG5GNVlzdzV3dlhRUW5NS0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUjYMA0G
CSqGSIb3DQEBCwUAA4IBAQAI5Wsy6WEWe0GQQpr+OJ1otQLBMtFhKhfi2lPYLfd6
wKyGwjf76azR8MXvOU0KnuHNXdej0CNF3SG9qzsAAlqww4xElTg2Xj9DH3aRS0Ne
L1TSSvjMLvnmHI4tfhZ5UOhWQtqIKHKV9B5E64PCoESfsuNrAMOfdHrYtdCyMdyR
0a96bqt+Kozla9IhYh+C1xn70TBzfCpxsnqITwfUJ2y0iudd46EHlYbgWQ+ekBj/
X8M5rF1mplvg0uqMl4xW3t2HvnLGlzMboOHdlvpiHFVOyvprzHrpmB13/mdxZMcy
G0Nj2q37KfFkp44tYN9KQe0rmhYZo4LvH9Tmsmmi2lwz
-----END CERTIFICATE-----
Generated at Sun Jun 8 20:31:30 2025 by rpki-client