Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/HtP3EXVBIY_4ZfiLnv3lWmD0h5A.roa
File: HtP3EXVBIY_4ZfiLnv3lWmD0h5A.roa (raw, json)
Hash identifier: w3GsjkOmo8g4jEvFoDSHp+Fpgmk4MAAIgZs1a6e2kF8=
Subject key identifier: 1E:D3:F7:11:75:41:21:8F:F8:65:F8:8B:9E:FD:E5:5A:60:F4:87:90
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0194CCCC4583E217737A87003E3F3FA0D27B
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/HtP3EXVBIY_4ZfiLnv3lWmD0h5A.roa
Signing time: Mon 03 Feb 2025 17:12:06 +0000
ROA not before: Mon 03 Feb 2025 17:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205570
IP address blocks: 188.132.190.0/24 maxlen: 24
188.132.206.0/24 maxlen: 24
188.132.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 17 Feb 2025 10:53:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cc:cc:45:83:e2:17:73:7a:87:00:3e:3f:3f:a0:d2:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Feb 3 17:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1ed3f7117541218ff865f88b9efde55a60f48790
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:71:80:1b:bb:8a:b3:43:91:01:41:b9:77:53:
d0:be:c3:b2:1c:d7:3a:9e:09:e4:cf:67:2f:30:42:
a6:d5:a8:96:8d:78:fb:43:d6:ac:a2:0a:f6:50:26:
9e:3b:7a:63:50:3a:a5:0c:73:66:76:c7:ff:53:08:
93:0c:97:6f:c2:af:51:04:ad:90:aa:9d:72:ca:e4:
8a:d0:1e:b8:8b:a1:5c:b4:04:5d:40:a5:2c:6d:02:
10:b9:ad:d1:da:83:e5:41:dc:24:04:e0:2c:6c:c5:
84:9c:a5:48:c3:8b:f6:cb:c6:3a:1e:ad:a2:8e:8a:
a6:d8:43:09:db:25:75:9e:00:51:ac:af:2a:88:6f:
97:42:e7:37:07:87:87:e6:ab:c7:2d:df:14:25:5c:
cd:17:dd:46:e2:8e:45:51:a1:19:0b:e1:d2:0f:4e:
68:1f:e9:51:00:1b:de:59:bb:c0:c1:89:99:19:0c:
58:43:0b:ef:d0:cf:81:83:11:d1:bc:18:ca:f8:f3:
10:48:fa:a0:23:76:cd:62:0c:aa:7c:a8:2b:cf:42:
74:19:01:96:5a:83:c9:ab:38:45:4e:50:d6:8f:c2:
ea:af:08:a5:d7:cd:7d:c1:11:c6:74:86:ba:24:88:
5f:25:55:68:94:98:e6:cd:e4:fa:bd:93:9b:2a:dd:
e3:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:D3:F7:11:75:41:21:8F:F8:65:F8:8B:9E:FD:E5:5A:60:F4:87:90
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/HtP3EXVBIY_4ZfiLnv3lWmD0h5A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.190.0/24
188.132.206.0/23
Signature Algorithm: sha256WithRSAEncryption
40:03:5a:03:71:cd:2a:73:f1:1a:c8:f2:e5:f6:2d:cf:cf:34:
0e:2d:c9:55:a8:51:9c:ae:f8:07:f1:84:be:0c:a3:49:e3:4f:
3e:58:58:58:f8:73:1c:61:50:2d:f6:bc:ff:cb:a2:68:07:26:
d4:8e:c2:b5:85:72:90:25:e4:98:93:13:58:15:e5:27:a5:74:
78:36:73:ed:0e:45:c7:ad:94:7b:e4:bc:75:81:30:8b:a2:bb:
b2:27:c8:06:02:3b:08:b6:21:c2:b4:5b:65:36:56:b1:fe:b5:
cc:53:8a:a7:24:a5:ba:b7:f9:a8:3f:f8:46:a4:9f:40:3f:96:
4d:a6:22:2a:a4:4f:dd:6a:86:26:cc:34:3b:fd:02:e8:33:df:
64:05:6b:2b:3d:1f:a5:78:99:e9:9e:cf:fb:78:ac:48:51:76:
44:a0:97:1a:5d:41:6f:9a:0b:65:ea:09:a2:01:64:e8:5d:48:
bd:e4:62:01:70:aa:e1:2c:03:08:cd:90:c0:b4:cd:4e:8a:09:
7e:e8:a3:be:63:2f:35:cd:98:f2:a3:a8:83:88:e3:99:e7:e8:
e7:78:58:c0:65:22:c3:ff:8e:53:f9:75:13:d9:28:11:27:dc:
51:06:60:4c:82:00:ad:6e:79:a6:ba:db:0e:3c:25:7f:d5:aa:
5e:95:80:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTMzEWD4hdzeocAPj8/oNJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMjAzMTcxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWQzZjcxMTc1NDEyMThmZjg2NWY4OGI5ZWZkZTU1YTYwZjQ4NzkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HGAG7uKs0ORAUG5d1PQvsOyHNc6
ngnkz2cvMEKm1aiWjXj7Q9asogr2UCaeO3pjUDqlDHNmdsf/UwiTDJdvwq9RBK2Q
qp1yyuSK0B64i6FctARdQKUsbQIQua3R2oPlQdwkBOAsbMWEnKVIw4v2y8Y6Hq2i
joqm2EMJ2yV1ngBRrK8qiG+XQuc3B4eH5qvHLd8UJVzNF91G4o5FUaEZC+HSD05o
H+lRABveWbvAwYmZGQxYQwvv0M+BgxHRvBjK+PMQSPqgI3bNYgyqfKgrz0J0GQGW
WoPJqzhFTlDWj8Lqrwil1819wRHGdIa6JIhfJVVolJjmzeT6vZObKt3jEwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB7T9xF1QSGP+GX4i5795Vpg9IeQMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvSHRQM0VYVkJJWV80WmZpTG52M2xXbUQwaDVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvIS+AwQB
vITOMA0GCSqGSIb3DQEBCwUAA4IBAQBAA1oDcc0qc/EayPLl9i3PzzQOLclVqFGc
rvgH8YS+DKNJ408+WFhY+HMcYVAt9rz/y6JoBybUjsK1hXKQJeSYkxNYFeUnpXR4
NnPtDkXHrZR75Lx1gTCLoruyJ8gGAjsItiHCtFtlNlax/rXMU4qnJKW6t/moP/hG
pJ9AP5ZNpiIqpE/daoYmzDQ7/QLoM99kBWsrPR+leJnpns/7eKxIUXZEoJcaXUFv
mgtl6gmiAWToXUi95GIBcKrhLAMIzZDAtM1Oigl+6KO+Yy81zZjyo6iDiOOZ5+jn
eFjAZSLD/45T+XUT2SgRJ9xRBmBMggCtbnmmutsOPCV/1apelYCB
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:09:56 2025 by rpki-client