Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/4H2_hglw4N3SedkHyzZUyrm1F68.roa
File: 4H2_hglw4N3SedkHyzZUyrm1F68.roa (raw, json)
Hash identifier: S8Ifg6jPTij0JbFMzZbs3D57l88gPFTXaow1D4C/NPM=
Subject key identifier: E0:7D:BF:86:09:70:E0:DD:D2:79:D9:07:CB:36:54:CA:B9:B5:17:AF
Certificate issuer: /CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Certificate serial: 0194252145D29DA1F8AAF26878B8B1378EF0
Authority key identifier: B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/4H2_hglw4N3SedkHyzZUyrm1F68.roa
Signing time: Thu 02 Jan 2025 03:48:45 +0000
ROA not before: Thu 02 Jan 2025 03:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31368
IP address blocks: 89.107.128.0/23 maxlen: 23
89.107.130.0/23 maxlen: 23
89.107.132.0/23 maxlen: 23
185.173.156.0/24 maxlen: 24
185.173.158.0/24 maxlen: 24
185.173.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 21 Jan 2025 08:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:45:d2:9d:a1:f8:aa:f2:68:78:b8:b1:37:8e:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3dd35ccff6c2b86a1fad8f103bc20070d09e50d
Validity
Not Before: Jan 2 03:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e07dbf860970e0ddd279d907cb3654cab9b517af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:45:bd:41:0f:62:6d:86:ed:91:9d:65:9a:62:
b5:66:ef:c7:8d:5c:5e:9e:2a:43:4e:98:84:25:38:
80:ee:e6:3f:61:05:06:d8:22:f6:29:49:54:fd:78:
a9:51:30:40:aa:1f:83:3c:38:b1:86:bf:1f:e7:58:
29:e1:0f:24:a2:4e:1c:54:95:53:33:72:76:5a:21:
04:af:89:7d:0c:e9:83:62:b6:fe:4c:9e:4e:96:53:
46:20:73:9c:0a:45:a5:3e:71:fb:96:9e:be:93:9d:
79:79:8d:c0:43:b1:50:6c:e3:98:88:f3:bb:2f:ad:
5b:d3:e9:c2:89:6f:04:3f:b5:45:da:96:34:fe:4d:
af:a2:b4:52:7d:62:ac:6a:5e:3b:b4:db:ed:d5:f0:
4c:00:90:bb:21:a6:ee:8e:17:c2:9a:c6:c1:09:c9:
93:4d:8d:e9:37:42:94:d4:aa:14:b9:d3:f3:5c:77:
5e:01:1a:8e:2a:d1:ae:20:9d:1a:72:b1:cb:ba:60:
c2:0e:e5:6b:5f:75:ee:c9:5a:2a:25:fa:7b:2d:b2:
c4:9c:9f:b4:d3:a2:52:09:56:b3:3c:78:fc:f4:6c:
76:4f:8a:52:cb:62:c3:18:72:ff:55:a9:81:ff:e6:
0e:95:7f:71:cf:ab:81:9f:85:8b:88:62:ea:57:ed:
d7:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:7D:BF:86:09:70:E0:DD:D2:79:D9:07:CB:36:54:CA:B9:B5:17:AF
X509v3 Authority Key Identifier:
keyid:B3:DD:35:CC:FF:6C:2B:86:A1:FA:D8:F1:03:BC:20:07:0D:09:E5:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s901zP9sK4ah-tjxA7wgBw0J5Q0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/4H2_hglw4N3SedkHyzZUyrm1F68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/44d4a3-7a84-4499-8b71-2b105051ba59/1/s901zP9sK4ah-tjxA7wgBw0J5Q0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.128.0-89.107.133.255
185.173.156.0/24
185.173.158.0/23
Signature Algorithm: sha256WithRSAEncryption
71:07:15:7d:ed:07:14:dd:20:57:85:f5:0c:dc:ff:93:f2:79:
69:30:62:9f:72:32:5d:bf:8a:8c:e1:95:ba:aa:9d:0a:dd:96:
2d:ac:12:5e:10:54:8c:2a:73:33:d5:fe:6c:c6:02:d2:73:da:
20:9f:f3:d0:53:9c:56:c2:d4:4f:36:0b:5e:c7:b4:3a:90:fa:
f2:31:d3:ed:76:82:d8:f2:42:44:25:7f:91:76:0d:0d:3f:46:
92:ae:50:cd:f8:cb:bf:6d:86:27:9f:70:79:c6:9a:ed:e4:9d:
39:bd:a0:06:a9:1c:75:2e:d3:14:6d:54:78:24:2c:3a:11:f6:
71:d6:c0:4a:af:62:10:8e:a9:57:a6:64:70:8c:91:c7:28:f9:
9b:58:d7:39:0a:50:6e:43:38:b4:15:96:42:00:83:69:15:ed:
4b:c4:04:79:a9:ed:09:fe:5b:99:3f:78:d8:eb:2d:0c:08:d9:
9d:89:2a:70:91:82:49:a0:9f:62:6d:73:15:65:8f:24:07:7d:
8b:d9:01:d0:af:00:b2:86:f9:cf:d0:05:cb:d5:b9:77:e1:c9:
8c:5d:75:89:13:af:45:a3:60:cd:b8:86:90:01:a6:e2:02:27:
bc:47:ab:13:7e:bd:34:80:40:e5:a1:11:b9:55:72:7c:42:3a:
eb:eb:28:6b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQlIUXSnaH4qvJoeLixN47wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZGQzNWNjZmY2YzJiODZhMWZhZDhmMTAzYmMyMDA3MGQw
OWU1MGQwHhcNMjUwMTAyMDM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDdkYmY4NjA5NzBlMGRkZDI3OWQ5MDdjYjM2NTRjYWI5YjUxN2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60W9QQ9ibYbtkZ1lmmK1Zu/HjVxe
nipDTpiEJTiA7uY/YQUG2CL2KUlU/XipUTBAqh+DPDixhr8f51gp4Q8kok4cVJVT
M3J2WiEEr4l9DOmDYrb+TJ5OllNGIHOcCkWlPnH7lp6+k515eY3AQ7FQbOOYiPO7
L61b0+nCiW8EP7VF2pY0/k2vorRSfWKsal47tNvt1fBMAJC7IabujhfCmsbBCcmT
TY3pN0KU1KoUudPzXHdeARqOKtGuIJ0acrHLumDCDuVrX3XuyVoqJfp7LbLEnJ+0
06JSCVazPHj89Gx2T4pSy2LDGHL/VamB/+YOlX9xz6uBn4WLiGLqV+3XWwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOB9v4YJcODd0nnZB8s2VMq5tRevMB8GA1UdIwQY
MBaAFLPdNcz/bCuGofrY8QO8IAcNCeUNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEt
MmIxMDUwNTFiYTU5LzEvNEgyX2hnbHc0TjNTZWRrSHl6WlV5cm0xRjY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny80NGQ0YTMtN2E4NC00NDk5LThiNzEtMmIxMDUwNTFiYTU5
LzEvczkwMXpQOXNLNGFoLXRqeEE3d2dCdzBKNVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAdZa4AD
BAFZa4QDBAC5rZwDBAG5rZ4wDQYJKoZIhvcNAQELBQADggEBAHEHFX3tBxTdIFeF
9Qzc/5PyeWkwYp9yMl2/iozhlbqqnQrdli2sEl4QVIwqczPV/mzGAtJz2iCf89BT
nFbC1E82C17HtDqQ+vIx0+12gtjyQkQlf5F2DQ0/RpKuUM34y79thiefcHnGmu3k
nTm9oAapHHUu0xRtVHgkLDoR9nHWwEqvYhCOqVemZHCMkcco+ZtY1zkKUG5DOLQV
lkIAg2kV7UvEBHmp7Qn+W5k/eNjrLQwI2Z2JKnCRgkmgn2JtcxVljyQHfYvZAdCv
ALKG+c/QBcvVuXfhyYxddYkTr0WjYM24hpABpuICJ7xHqxN+vTSAQOWhEblVcnxC
OuvrKGs=
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:05:28 2025 by rpki-client