Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HPdWGxpR_hkmiuc1gyX4O4t2ezw.roa
File: HPdWGxpR_hkmiuc1gyX4O4t2ezw.roa (raw, json)
Hash identifier: TPkWB8EKZZzSEbBM48fSzfY1nm4MnOttVBTYPD+HLL4=
Subject key identifier: 1C:F7:56:1B:1A:51:FE:19:26:8A:E7:35:83:25:F8:3B:8B:76:7B:3C
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0196BAA495C5A9B4244DED5727B50CB49A42
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HPdWGxpR_hkmiuc1gyX4O4t2ezw.roa
Signing time: Sat 10 May 2025 14:41:10 +0000
ROA not before: Sat 10 May 2025 14:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 109.236.49.0/24 maxlen: 24
109.236.51.0/24 maxlen: 24
185.254.28.0/24 maxlen: 24
185.254.29.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
193.35.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 30 May 2025 11:34:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ba:a4:95:c5:a9:b4:24:4d:ed:57:27:b5:0c:b4:9a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: May 10 14:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cf7561b1a51fe19268ae7358325f83b8b767b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:78:f3:60:c6:6e:32:c3:97:83:00:f5:b2:7a:
23:d2:db:0c:58:fa:5b:90:54:7f:58:7b:8c:d9:2e:
30:ba:37:19:cb:14:92:26:ad:53:4d:da:af:fa:9b:
6c:63:5c:54:99:61:46:4c:16:11:91:12:fa:03:ee:
b1:d2:a8:b9:5f:88:c4:66:66:c2:02:70:2b:b8:8d:
b2:47:b0:c6:79:80:b6:2d:16:01:68:b4:03:b5:fd:
ee:4b:3d:36:c8:b9:33:d8:21:7f:d3:41:c6:70:20:
89:1d:75:d5:1b:7f:d0:09:50:8c:62:df:7b:2d:30:
f9:65:df:41:3d:7b:c0:27:c6:93:0d:d0:92:d4:74:
42:80:33:db:1c:5e:ad:61:d1:a7:7b:2d:40:5f:ee:
df:be:bd:4e:55:b2:08:ee:4d:31:bf:29:9b:05:27:
23:33:f0:98:33:97:94:fd:f9:8b:c6:d3:56:77:ba:
c2:70:60:a7:31:e6:ca:10:09:61:b2:89:7e:f4:e7:
85:78:3d:af:63:04:36:bd:23:06:76:8e:e0:14:15:
8b:26:8d:dc:39:e8:a2:de:48:c2:68:57:1c:12:ec:
e9:e0:76:c0:e6:e9:05:14:c3:06:8d:56:72:d4:49:
10:82:12:4f:a9:cd:0f:09:78:a5:ae:4e:4d:3e:65:
26:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:F7:56:1B:1A:51:FE:19:26:8A:E7:35:83:25:F8:3B:8B:76:7B:3C
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/HPdWGxpR_hkmiuc1gyX4O4t2ezw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.49.0/24
109.236.51.0/24
185.254.28.0/23
193.35.152.0/23
Signature Algorithm: sha256WithRSAEncryption
95:e9:2b:e5:3b:85:03:80:92:0b:3f:d2:1d:0c:c1:2f:d8:1c:
e1:a1:18:ce:f9:9b:47:5a:d5:f8:3b:1a:4e:75:78:e2:c3:9c:
bf:17:23:2b:e3:47:b4:a5:e5:b9:95:dd:10:6f:8a:45:de:d3:
be:f0:96:ba:f7:b8:91:ae:4e:7f:23:a7:80:00:b3:a2:88:15:
22:c4:6e:19:91:14:11:dc:87:e4:80:d0:f9:8b:fe:69:7d:1c:
3f:99:fb:01:ff:13:03:e0:2b:dc:38:1b:2f:5c:cd:d9:d9:dd:
19:11:6e:78:bb:f4:43:51:95:8b:d7:82:a0:e9:e9:8a:c3:2f:
47:ff:f1:db:f3:ea:cf:3e:80:8e:14:52:88:ba:c7:32:5b:d0:
89:8c:ac:ce:d7:10:55:e3:c3:1c:e9:0c:9f:ec:27:3e:df:38:
06:23:dc:1b:97:77:af:62:ab:20:37:dc:a1:bd:70:e3:d3:56:
22:1c:a5:11:0a:ba:80:36:be:19:d0:db:a9:8d:e1:28:a2:51:
2c:c0:85:27:b4:13:ac:b9:5a:e9:03:70:a5:87:ca:34:64:07:
71:31:0e:f2:85:fb:61:e2:ca:2c:9d:c3:b0:87:18:22:a3:54:
b6:cd:64:55:76:9c:47:e8:69:6c:54:03:ea:cc:0a:cb:3f:2f:
43:7c:46:36
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZa6pJXFqbQkTe1XJ7UMtJpCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwNTEwMTQ0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2Y3NTYxYjFhNTFmZTE5MjY4YWU3MzU4MzI1ZjgzYjhiNzY3YjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHjzYMZuMsOXgwD1snoj0tsMWPpb
kFR/WHuM2S4wujcZyxSSJq1TTdqv+ptsY1xUmWFGTBYRkRL6A+6x0qi5X4jEZmbC
AnAruI2yR7DGeYC2LRYBaLQDtf3uSz02yLkz2CF/00HGcCCJHXXVG3/QCVCMYt97
LTD5Zd9BPXvAJ8aTDdCS1HRCgDPbHF6tYdGney1AX+7fvr1OVbII7k0xvymbBScj
M/CYM5eU/fmLxtNWd7rCcGCnMebKEAlhsol+9OeFeD2vYwQ2vSMGdo7gFBWLJo3c
Oeii3kjCaFccEuzp4HbA5ukFFMMGjVZy1EkQghJPqc0PCXilrk5NPmUmUQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBz3VhsaUf4ZJornNYMl+DuLdns8MB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvSFBkV0d4cFJfaGttaXVjMWd5WDRPNHQyZXp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbewxAwQA
bewzAwQBuf4cAwQBwSOYMA0GCSqGSIb3DQEBCwUAA4IBAQCV6SvlO4UDgJILP9Id
DMEv2BzhoRjO+ZtHWtX4OxpOdXjiw5y/FyMr40e0peW5ld0Qb4pF3tO+8Ja697iR
rk5/I6eAALOiiBUixG4ZkRQR3IfkgND5i/5pfRw/mfsB/xMD4CvcOBsvXM3Z2d0Z
EW54u/RDUZWL14Kg6emKwy9H//Hb8+rPPoCOFFKIuscyW9CJjKzO1xBV48Mc6Qyf
7Cc+3zgGI9wbl3evYqsgN9yhvXDj01YiHKURCrqANr4Z0NupjeEoolEswIUntBOs
uVrpA3Clh8o0ZAdxMQ7yhfth4sosncOwhxgio1S2zWRVdpxH6GlsVAPqzArLPy9D
fEY2
-----END CERTIFICATE-----
Generated at Sun Jun 8 12:47:17 2025 by rpki-client