Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HShGnYsXEH2jiFUScN_SCZAbqLA.roa
File: HShGnYsXEH2jiFUScN_SCZAbqLA.roa (raw, json)
Hash identifier: o7nFSs1p7Q4khJZQGz1ECEMGzNiSq6tkplPOlwhYFjA=
Subject key identifier: 1D:28:46:9D:8B:17:10:7D:A3:88:55:12:70:DF:D2:09:90:1B:A8:B0
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01955B68F586D52AF2C8260D9E3BE41AFC45
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HShGnYsXEH2jiFUScN_SCZAbqLA.roa
Signing time: Mon 03 Mar 2025 09:49:19 +0000
ROA not before: Mon 03 Mar 2025 09:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 89.36.35.0/24 maxlen: 24
185.121.132.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a14:6781::/32 maxlen: 48
Validation: Failed, certificate revoked on Fri 07 Mar 2025 13:23:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5b:68:f5:86:d5:2a:f2:c8:26:0d:9e:3b:e4:1a:fc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Mar 3 09:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d28469d8b17107da388551270dfd209901ba8b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:85:bb:19:90:ea:5e:ef:16:41:5c:b6:29:c0:
13:4d:15:62:3b:40:52:14:01:55:03:ba:56:4b:12:
b6:7a:69:0e:61:c9:e3:77:2c:11:9d:93:53:47:5e:
8c:ec:17:2d:9f:8d:8d:dd:91:fe:05:70:33:df:f0:
7a:85:91:e7:a5:49:97:06:90:23:2b:a4:52:fd:2b:
34:34:8c:05:99:db:bb:df:4e:29:99:02:2d:7d:3f:
a8:5a:19:e5:5b:2c:c0:b0:95:b1:54:af:7c:7e:5a:
28:a2:58:6e:ad:73:6c:c8:8a:82:83:e1:f2:fc:d0:
27:07:32:b7:b8:37:cc:9b:95:d8:4e:56:04:9b:8d:
b0:b4:79:1b:da:da:87:17:24:69:bf:74:f7:49:fb:
43:a5:1d:92:72:8a:d8:45:0f:13:d3:72:e2:4c:2d:
85:53:9b:f8:a1:a8:e0:10:6d:3e:0c:98:1b:73:e0:
11:05:92:84:12:64:27:0f:ed:3b:6f:13:bf:74:2e:
38:62:10:15:e6:87:37:b5:7f:42:f1:c1:9d:23:36:
79:62:86:d6:66:33:0e:d6:cb:6d:0c:dd:0f:0d:05:
10:ee:6c:29:b5:0f:db:36:57:92:98:ae:03:32:cf:
f4:e2:21:0c:53:f3:c4:82:c3:53:99:c8:3c:ef:3f:
49:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:28:46:9D:8B:17:10:7D:A3:88:55:12:70:DF:D2:09:90:1B:A8:B0
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HShGnYsXEH2jiFUScN_SCZAbqLA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.35.0/24
185.121.132.0/24
212.232.18.0/24
IPv6:
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
94:6a:f3:92:9e:5f:c7:a0:4a:e0:4f:4f:fd:7f:8d:b7:87:b0:
7a:21:ea:86:1d:0d:ea:10:0c:eb:a8:c6:0a:20:48:d8:e5:33:
db:84:0a:8b:6c:8d:e9:37:2d:32:aa:ce:48:a9:7d:91:70:d3:
a6:80:46:c5:05:e9:b0:92:ab:cf:18:ab:17:c4:ac:90:47:a5:
d9:d4:1f:f3:01:ef:62:49:71:d3:ea:d8:93:31:c0:7c:55:bc:
ca:12:fa:dd:01:57:fc:3d:5e:e2:d1:72:6e:cf:15:db:59:59:
eb:01:62:61:d0:84:8c:8c:6a:2e:cc:ba:6c:94:60:2a:1a:4e:
c7:05:93:44:d9:52:18:74:19:68:2b:50:6e:b2:74:01:b3:f0:
53:e1:6d:fd:2e:0a:33:d0:32:ba:50:b9:3f:51:4c:84:28:91:
e8:0a:24:ff:96:0e:c1:28:79:29:da:91:8b:3e:c3:db:3b:c2:
8e:6a:70:07:62:7f:a1:5d:0c:ab:7b:fd:5e:3f:23:71:30:07:
b3:ba:8a:1d:3e:11:0a:11:1b:dc:4e:92:f5:59:b7:aa:36:ed:
d5:b7:90:8c:98:8c:a6:51:c2:29:77:07:ed:64:8d:8d:ca:e1:
39:4e:51:59:b8:cb:0d:c6:57:f5:e4:a9:82:12:ae:f2:43:7b:
32:50:34:36
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZVbaPWG1SryyCYNnjvkGvxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwMzAzMDk0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDI4NDY5ZDhiMTcxMDdkYTM4ODU1MTI3MGRmZDIwOTkwMWJhOGIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IW7GZDqXu8WQVy2KcATTRViO0BS
FAFVA7pWSxK2emkOYcnjdywRnZNTR16M7Bctn42N3ZH+BXAz3/B6hZHnpUmXBpAj
K6RS/Ss0NIwFmdu7304pmQItfT+oWhnlWyzAsJWxVK98flooolhurXNsyIqCg+Hy
/NAnBzK3uDfMm5XYTlYEm42wtHkb2tqHFyRpv3T3SftDpR2ScorYRQ8T03LiTC2F
U5v4oajgEG0+DJgbc+ARBZKEEmQnD+07bxO/dC44YhAV5oc3tX9C8cGdIzZ5YobW
ZjMO1sttDN0PDQUQ7mwptQ/bNleSmK4DMs/04iEMU/PEgsNTmcg87z9J1QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB0oRp2LFxB9o4hVEnDf0gmQG6iwMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvSFNoR25Zc1hFSDJqaUZVU2NOX1NDWkFicUxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAWSQjAwQA
uXmEAwQA1OgSMA0EAgACMAcDBQAqFGeBMA0GCSqGSIb3DQEBCwUAA4IBAQCUavOS
nl/HoErgT0/9f423h7B6IeqGHQ3qEAzrqMYKIEjY5TPbhAqLbI3pNy0yqs5IqX2R
cNOmgEbFBemwkqvPGKsXxKyQR6XZ1B/zAe9iSXHT6tiTMcB8VbzKEvrdAVf8PV7i
0XJuzxXbWVnrAWJh0ISMjGouzLpslGAqGk7HBZNE2VIYdBloK1BusnQBs/BT4W39
Lgoz0DK6ULk/UUyEKJHoCiT/lg7BKHkp2pGLPsPbO8KOanAHYn+hXQyre/1ePyNx
MAezuoodPhEKERvcTpL1WbeqNu3Vt5CMmIymUcIpdwftZI2NyuE5TlFZuMsNxlf1
5KmCEq7yQ3syUDQ2
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:35:04 2025 by rpki-client