Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/hN5B_yg3cV--ZpnFvc6zCDbAcrI.roa
File: hN5B_yg3cV--ZpnFvc6zCDbAcrI.roa (raw, json)
Hash identifier: epZxUIyoaFaWER0WkH16dzrN/RmziHYyVoBbdgPVtyg=
Subject key identifier: 84:DE:41:FF:28:37:71:5F:BE:66:99:C5:BD:CE:B3:08:36:C0:72:B2
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 019427469A61B4E3D95CE19E78766AB2AD33
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/hN5B_yg3cV--ZpnFvc6zCDbAcrI.roa
Signing time: Thu 02 Jan 2025 13:48:45 +0000
ROA not before: Thu 02 Jan 2025 13:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42083
IP address blocks: 188.132.150.0/24 maxlen: 24
212.68.38.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 07:49:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:9a:61:b4:e3:d9:5c:e1:9e:78:76:6a:b2:ad:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jan 2 13:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84de41ff2837715fbe6699c5bdceb30836c072b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:50:6d:e5:00:a3:b5:88:05:2f:65:50:1a:65:
db:f2:72:c8:08:99:72:fb:f2:7c:24:10:2a:ea:7d:
3e:4e:bb:57:a2:94:b8:44:89:0f:0f:eb:88:e0:05:
98:38:2b:35:ff:33:65:5f:7c:b1:87:03:f5:4a:fb:
95:ab:5c:cf:53:1b:62:b5:21:e0:1e:f2:ac:53:47:
24:c1:3b:84:bd:65:1a:31:49:60:52:f6:47:79:53:
bf:b5:b8:66:ea:77:63:99:c2:33:99:0b:2f:ac:0b:
0a:28:80:bf:ac:34:6e:e1:7a:43:17:b9:51:44:c1:
68:f2:ab:0b:47:4c:92:27:33:ff:bf:9d:84:0e:34:
19:0c:c9:91:f1:60:12:d3:9e:fe:a4:d1:4c:80:f5:
a0:ff:e4:be:f0:33:b0:72:8c:99:83:26:57:f5:6f:
63:2f:82:48:84:a1:97:14:42:a9:70:21:e7:01:29:
f3:8f:cd:8a:f3:96:dc:67:76:cd:58:6c:ad:89:16:
04:50:ad:09:c9:f2:16:61:35:6c:e7:2b:9c:de:4b:
f3:ef:9c:52:bc:68:61:17:ab:57:cd:ae:10:bd:c7:
d6:c5:69:50:4c:bc:56:4e:7b:be:7f:e1:78:47:52:
69:04:30:45:78:f5:ec:81:bd:18:4f:b1:8b:4c:cb:
e3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:DE:41:FF:28:37:71:5F:BE:66:99:C5:BD:CE:B3:08:36:C0:72:B2
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/hN5B_yg3cV--ZpnFvc6zCDbAcrI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.150.0/24
212.68.38.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:c6:fd:7e:1e:b5:ba:4a:59:55:d4:5a:a7:52:1a:cb:b0:f5:
ca:5b:77:51:e6:a6:45:54:07:14:80:91:71:9e:72:c8:8a:7e:
dc:74:13:75:f6:6b:51:9f:7d:f9:a6:e7:aa:b2:76:47:53:22:
be:3d:ca:76:c5:ef:13:17:67:29:c1:3c:40:5a:90:bc:30:d3:
c1:11:51:7a:82:bf:89:6b:dc:68:26:e5:eb:38:37:7e:4f:01:
cd:21:21:2c:6d:ab:ce:9f:05:28:05:1e:90:e9:af:b1:01:b9:
c1:1f:b4:69:e6:fd:6e:3f:79:be:10:a7:2c:db:f5:f1:be:01:
df:cb:b6:90:a6:35:01:85:42:73:e3:8f:34:fe:5f:d1:e3:0b:
f3:ea:bc:bb:3f:45:f0:fe:1b:41:9b:2e:ec:0d:e6:96:22:0a:
7d:d2:cd:bc:f5:87:32:84:b6:33:fe:76:4a:62:a6:94:c6:fb:
ab:4d:c3:21:ae:6b:a4:ee:05:71:ee:ff:ce:77:7f:62:0b:7e:
85:c4:9a:fc:fb:96:18:df:dc:70:cf:76:a2:be:8e:f0:31:47:
c3:f5:ea:e1:55:67:fb:32:3a:38:c7:ce:1a:81:83:a3:6c:82:
01:ba:7a:8c:b1:9e:45:93:9f:a2:80:06:71:a5:53:c4:bf:6f:
48:20:02:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnRpphtOPZXOGeeHZqsq0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwMTAyMTM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGRlNDFmZjI4Mzc3MTVmYmU2Njk5YzViZGNlYjMwODM2YzA3MmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31Bt5QCjtYgFL2VQGmXb8nLICJly
+/J8JBAq6n0+TrtXopS4RIkPD+uI4AWYOCs1/zNlX3yxhwP1SvuVq1zPUxtitSHg
HvKsU0ckwTuEvWUaMUlgUvZHeVO/tbhm6ndjmcIzmQsvrAsKKIC/rDRu4XpDF7lR
RMFo8qsLR0ySJzP/v52EDjQZDMmR8WAS057+pNFMgPWg/+S+8DOwcoyZgyZX9W9j
L4JIhKGXFEKpcCHnASnzj82K85bcZ3bNWGytiRYEUK0JyfIWYTVs5yuc3kvz75xS
vGhhF6tXza4QvcfWxWlQTLxWTnu+f+F4R1JpBDBFePXsgb0YT7GLTMvjdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFITeQf8oN3FfvmaZxb3Oswg2wHKyMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvaE41Ql95ZzNjVi0tWnBuRnZjNnpDRGJBY3JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvISWAwQA
1EQmMA0GCSqGSIb3DQEBCwUAA4IBAQAcxv1+HrW6SllV1FqnUhrLsPXKW3dR5qZF
VAcUgJFxnnLIin7cdBN19mtRn335pueqsnZHUyK+Pcp2xe8TF2cpwTxAWpC8MNPB
EVF6gr+Ja9xoJuXrODd+TwHNISEsbavOnwUoBR6Q6a+xAbnBH7Rp5v1uP3m+EKcs
2/XxvgHfy7aQpjUBhUJz4480/l/R4wvz6ry7P0Xw/htBmy7sDeaWIgp90s289Ycy
hLYz/nZKYqaUxvurTcMhrmuk7gVx7v/Od39iC36FxJr8+5YY39xwz3aivo7wMUfD
9erhVWf7Mjo4x84agYOjbIIBunqMsZ5Fk5+igAZxpVPEv29IIAK4
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:55:50 2025 by rpki-client