Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HddKxi6v_Ivd9uojS2Ak4RD-sPg.roa
File: HddKxi6v_Ivd9uojS2Ak4RD-sPg.roa (raw, json)
Hash identifier: hs17IJOEtJw33ePTye4IPtsS2D+A8KYG3QJy50upqNI=
Subject key identifier: 1D:D7:4A:C6:2E:AF:FC:8B:DD:F6:EA:23:4B:60:24:E1:10:FE:B0:F8
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0194F0A1C4F0B4F38BB22E787D625E275B60
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HddKxi6v_Ivd9uojS2Ak4RD-sPg.roa
Signing time: Mon 10 Feb 2025 16:12:01 +0000
ROA not before: Mon 10 Feb 2025 16:12:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25548
IP address blocks: 93.170.36.0/22 maxlen: 24
95.47.186.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 14:35:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f0:a1:c4:f0:b4:f3:8b:b2:2e:78:7d:62:5e:27:5b:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Feb 10 16:12:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dd74ac62eaffc8bddf6ea234b6024e110feb0f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:29:ba:57:4a:f3:0f:0e:eb:64:a6:98:9b:9d:
98:b9:22:a0:7e:b5:d8:60:ce:54:ed:ed:35:94:c4:
4e:20:89:99:b0:ec:67:a8:f4:be:32:32:b8:85:19:
29:ae:01:5b:10:0b:4d:35:f8:ec:ad:2c:58:b2:22:
bb:21:6a:85:4a:d3:98:5c:52:30:b9:a8:50:9c:e8:
13:ff:39:63:c7:f4:62:e2:67:3e:ae:25:6e:34:0b:
07:b9:a2:de:27:14:b2:40:93:e7:80:8c:db:16:a1:
0f:3a:47:66:63:a9:36:ad:b8:37:59:38:cd:24:83:
4c:ce:56:92:a0:67:e1:83:8c:9e:b3:41:6b:4e:67:
70:04:cd:25:63:0c:c7:2a:cf:fd:5a:3c:21:4b:e5:
28:64:cd:6d:84:39:a6:0e:f0:01:82:c1:61:27:d4:
4c:66:3c:31:c4:7d:1b:92:7d:b5:78:99:aa:f3:49:
78:d9:8e:f2:47:2d:21:df:24:56:33:f4:7f:1c:32:
ee:71:ce:9b:49:5e:66:70:26:f8:6a:d3:ed:8f:e8:
83:a3:ab:81:db:8e:36:fd:9a:8e:38:dc:70:6c:e8:
23:ef:36:06:fb:70:62:1a:f0:5b:78:12:1d:4d:de:
0c:17:01:21:fd:6d:2b:a7:2b:0b:8e:24:2b:89:b4:
e0:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:D7:4A:C6:2E:AF:FC:8B:DD:F6:EA:23:4B:60:24:E1:10:FE:B0:F8
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/HddKxi6v_Ivd9uojS2Ak4RD-sPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.36.0/22
95.47.186.0/23
Signature Algorithm: sha256WithRSAEncryption
af:ce:2d:f0:50:60:32:cc:ac:44:46:93:cd:d6:ed:a0:7c:f2:
92:3f:b5:91:9d:5f:8f:17:b9:2e:7c:5d:82:10:f3:63:d3:f5:
c0:b3:e9:4d:ba:6f:d0:cf:bf:cf:e4:a2:71:e8:40:65:13:b2:
b8:74:a4:2e:b2:58:9e:cf:f6:72:53:82:3f:ff:a5:97:c0:9b:
86:5e:ac:f5:2a:58:29:f6:0f:e7:dd:fe:85:7e:98:e6:c9:37:
8c:1b:3a:c9:cb:9c:04:6e:29:6a:99:1c:aa:b7:1b:58:4f:d5:
71:ca:8b:3c:b4:a9:a1:eb:fa:3f:f5:75:09:f0:71:8b:18:2e:
c9:f8:74:c6:0f:b8:59:ad:41:f6:d0:b5:71:56:13:dc:54:cc:
35:01:da:93:a1:7d:9c:d8:a3:3f:33:b4:53:75:dd:65:14:2f:
a1:21:fc:4d:fb:0e:74:5e:3b:95:6e:cd:e3:fa:11:ff:24:f8:
fb:fc:4a:6b:94:54:04:fb:79:0b:ab:f9:76:f5:52:63:6c:88:
81:9d:62:a1:0b:eb:94:5c:e2:15:2b:3e:f4:cb:e4:94:5d:71:
27:9a:86:72:b7:25:3a:8b:5a:3a:a5:b7:bc:b1:ca:c0:ee:cd:
49:d3:38:5b:2b:31:9c:93:15:0a:49:6b:38:56:ab:c5:bc:f9:
a7:b8:0d:7a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTwocTwtPOLsi54fWJeJ1tgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjUwMjEwMTYxMjAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGQ3NGFjNjJlYWZmYzhiZGRmNmVhMjM0YjYwMjRlMTEwZmViMGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApSm6V0rzDw7rZKaYm52YuSKgfrXY
YM5U7e01lMROIImZsOxnqPS+MjK4hRkprgFbEAtNNfjsrSxYsiK7IWqFStOYXFIw
uahQnOgT/zljx/Ri4mc+riVuNAsHuaLeJxSyQJPngIzbFqEPOkdmY6k2rbg3WTjN
JINMzlaSoGfhg4yes0FrTmdwBM0lYwzHKs/9WjwhS+UoZM1thDmmDvABgsFhJ9RM
ZjwxxH0bkn21eJmq80l42Y7yRy0h3yRWM/R/HDLucc6bSV5mcCb4atPtj+iDo6uB
2442/ZqOONxwbOgj7zYG+3BiGvBbeBIdTd4MFwEh/W0rpysLjiQribTgXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3XSsYur/yL3fbqI0tgJOEQ/rD4MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvSGRkS3hpNnZfSXZkOXVvalMyQWs0UkQtc1BnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXaokAwQB
Xy+6MA0GCSqGSIb3DQEBCwUAA4IBAQCvzi3wUGAyzKxERpPN1u2gfPKSP7WRnV+P
F7kufF2CEPNj0/XAs+lNum/Qz7/P5KJx6EBlE7K4dKQusliez/ZyU4I//6WXwJuG
Xqz1Klgp9g/n3f6FfpjmyTeMGzrJy5wEbilqmRyqtxtYT9Vxyos8tKmh6/o/9XUJ
8HGLGC7J+HTGD7hZrUH20LVxVhPcVMw1AdqToX2c2KM/M7RTdd1lFC+hIfxN+w50
XjuVbs3j+hH/JPj7/EprlFQE+3kLq/l29VJjbIiBnWKhC+uUXOIVKz70y+SUXXEn
moZytyU6i1o6pbe8scrA7s1J0zhbKzGckxUKSWs4VqvFvPmnuA16
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:48:39 2025 by rpki-client