Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/Hq9JfaA7VFUqjjZgk70IIboVVGU.roa
File: Hq9JfaA7VFUqjjZgk70IIboVVGU.roa (raw, json)
Hash identifier: ah6Q+tpk7EBvFEbifxS9jeS2ckpvlUS/LwE2hF1jNeM=
Subject key identifier: 1E:AF:49:7D:A0:3B:54:55:2A:8E:36:60:93:BD:08:21:BA:15:54:65
Certificate issuer: /CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Certificate serial: 01939C116218CE54A4F1735E00DD11E8CE68
Authority key identifier: 91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/Hq9JfaA7VFUqjjZgk70IIboVVGU.roa
Signing time: Fri 06 Dec 2024 13:03:25 +0000
ROA not before: Fri 06 Dec 2024 13:03:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30823
IP address blocks: 87.237.52.0/22 maxlen: 24
87.237.52.0/24 maxlen: 24
87.237.53.0/24 maxlen: 24
87.237.54.0/24 maxlen: 24
87.237.55.0/24 maxlen: 24
195.62.33.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 05:47:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9c:11:62:18:ce:54:a4:f1:73:5e:00:dd:11:e8:ce:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d0c78c309a3e99dc9ab74f2cdc0484859e7530
Validity
Not Before: Dec 6 13:03:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1eaf497da03b54552a8e366093bd0821ba155465
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:8f:54:72:0b:3d:2d:f8:23:27:aa:ac:47:bc:
14:b4:39:44:b4:49:3f:41:58:41:db:f3:e5:7a:0e:
6e:35:e4:60:12:45:db:a4:13:ec:fe:3b:36:4f:8d:
78:62:b4:eb:52:cf:57:6a:ce:7c:46:e5:80:f1:80:
d6:5c:a4:90:57:30:05:56:95:8d:4d:43:da:8d:54:
1b:35:8c:a7:bf:5a:74:72:e2:c2:6e:14:65:d8:15:
b0:dd:10:22:bd:bf:77:88:ff:06:7b:0d:7a:92:56:
9b:93:2a:06:18:35:d9:87:c0:4b:d1:cb:1d:26:ff:
ad:f8:a9:f8:de:f7:fa:e2:e9:0b:12:03:5a:4c:3b:
17:c2:fb:dc:c1:ac:94:bb:20:ab:9f:67:23:ff:28:
c7:ed:2c:c3:ea:95:46:1a:4d:ff:98:82:34:6f:0b:
d0:e4:86:48:b8:cb:d6:08:d9:14:ba:ce:ff:84:33:
ed:4a:a6:85:a2:84:ad:5f:b9:00:47:41:14:30:31:
6a:44:94:c2:6e:42:d6:13:74:31:3a:0c:26:3c:92:
2b:0f:b2:a5:b5:23:a6:7e:27:34:68:b6:1c:8b:93:
e1:81:33:61:77:64:ed:c6:b3:0a:2f:53:bf:32:c8:
69:40:88:dd:df:88:21:ed:40:87:de:40:f5:0d:b8:
c1:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:AF:49:7D:A0:3B:54:55:2A:8E:36:60:93:BD:08:21:BA:15:54:65
X509v3 Authority Key Identifier:
keyid:91:D0:C7:8C:30:9A:3E:99:DC:9A:B7:4F:2C:DC:04:84:85:9E:75:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdDHjDCaPpncmrdPLNwEhIWedTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/Hq9JfaA7VFUqjjZgk70IIboVVGU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/293a2f-3997-497f-9ef1-4852c8ff8af2/1/kdDHjDCaPpncmrdPLNwEhIWedTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.237.52.0/22
195.62.33.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:d9:aa:16:b5:c8:c7:fd:ec:73:58:81:77:a1:b5:ac:2a:09:
5e:58:bc:16:98:e0:b0:f0:08:5f:a5:9c:e0:ad:51:e5:05:4b:
ac:0a:85:08:1d:2e:2f:44:1c:ba:de:aa:62:fe:95:d5:c4:27:
06:53:93:4e:d3:7f:f2:3d:8c:95:00:2f:2f:49:9c:a0:a4:7a:
3a:37:83:07:82:ea:63:3a:fa:b4:af:37:b9:61:c0:48:f7:94:
eb:1e:12:97:c8:d5:3e:fc:88:65:0d:8c:86:4c:60:07:86:e7:
1a:26:53:7b:79:f0:44:18:4e:cf:11:77:b9:34:76:63:d6:da:
f3:3e:15:70:5c:d0:ad:e7:cf:6a:66:43:14:68:8b:a6:b2:1b:
c4:91:3f:51:f2:8b:1f:f6:2c:c2:5a:eb:b1:aa:53:e3:d1:88:
ad:7f:9b:87:55:c8:a9:8d:fa:b6:86:5d:21:e1:16:00:d0:bb:
70:3b:cf:bd:ff:eb:90:a5:b3:33:8e:99:0a:e7:e7:9b:93:06:
9c:ae:ec:77:5f:af:77:98:c0:e5:d5:7e:d3:79:b7:f7:12:f1:
ad:ae:91:a6:da:c9:c3:93:d3:04:e7:39:0c:cd:3b:ba:22:5b:
bb:f8:d1:2f:0e:24:42:22:51:bd:d2:70:27:4d:ce:f3:9e:39:
ec:4e:d2:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOcEWIYzlSk8XNeAN0R6M5oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDBjNzhjMzA5YTNlOTlkYzlhYjc0ZjJjZGMwNDg0ODU5
ZTc1MzAwHhcNMjQxMjA2MTMwMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWFmNDk3ZGEwM2I1NDU1MmE4ZTM2NjA5M2JkMDgyMWJhMTU1NDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApY9Ucgs9LfgjJ6qsR7wUtDlEtEk/
QVhB2/Pleg5uNeRgEkXbpBPs/js2T414YrTrUs9Xas58RuWA8YDWXKSQVzAFVpWN
TUPajVQbNYynv1p0cuLCbhRl2BWw3RAivb93iP8Gew16klabkyoGGDXZh8BL0csd
Jv+t+Kn43vf64ukLEgNaTDsXwvvcwayUuyCrn2cj/yjH7SzD6pVGGk3/mII0bwvQ
5IZIuMvWCNkUus7/hDPtSqaFooStX7kAR0EUMDFqRJTCbkLWE3QxOgwmPJIrD7Kl
tSOmfic0aLYci5PhgTNhd2TtxrMKL1O/MshpQIjd34gh7UCH3kD1DbjBVwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB6vSX2gO1RVKo42YJO9CCG6FVRlMB8GA1UdIwQY
MBaAFJHQx4wwmj6Z3Jq3TyzcBISFnnUwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEt
NDg1MmM4ZmY4YWYyLzEvSHE5SmZhQTdWRlVxampaZ2s3MElJYm9WVkdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS8yOTNhMmYtMzk5Ny00OTdmLTllZjEtNDg1MmM4ZmY4YWYy
LzEva2RESGpEQ2FQcG5jbXJkUExOd0VoSVdlZFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCV+00AwQA
wz4hMA0GCSqGSIb3DQEBCwUAA4IBAQCs2aoWtcjH/exzWIF3obWsKgleWLwWmOCw
8AhfpZzgrVHlBUusCoUIHS4vRBy63qpi/pXVxCcGU5NO03/yPYyVAC8vSZygpHo6
N4MHgupjOvq0rze5YcBI95TrHhKXyNU+/IhlDYyGTGAHhucaJlN7efBEGE7PEXe5
NHZj1trzPhVwXNCt589qZkMUaIumshvEkT9R8osf9izCWuuxqlPj0Yitf5uHVcip
jfq2hl0h4RYA0LtwO8+9/+uQpbMzjpkK5+ebkwacrux3X693mMDl1X7Tebf3EvGt
rpGm2snDk9ME5zkMzTu6Ilu7+NEvDiRCIlG90nAnTc7znjnsTtKC
-----END CERTIFICATE-----
Generated at Fri Apr 18 04:46:49 2025 by rpki-client