Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/HMihoDutBFBL6YJbUSJQoAjCKOk.roa
File: HMihoDutBFBL6YJbUSJQoAjCKOk.roa (raw, json)
Hash identifier: Od10UB5JnTBkI0IzGTz3rCebs2GiorKaB8uHefSJ9aM=
Subject key identifier: 1C:C8:A1:A0:3B:AD:04:50:4B:E9:82:5B:51:22:50:A0:08:C2:28:E9
Certificate issuer: /CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Certificate serial: 019426D98BE05EA38AB3320B13B018DB860A
Authority key identifier: F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/HMihoDutBFBL6YJbUSJQoAjCKOk.roa
Signing time: Thu 02 Jan 2025 11:49:38 +0000
ROA not before: Thu 02 Jan 2025 11:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49332
IP address blocks: 5.57.64.0/21 maxlen: 22
80.243.144.0/20 maxlen: 21
86.111.64.0/20 maxlen: 21
86.111.84.0/23 maxlen: 24
91.212.203.0/24 maxlen: 24
176.32.0.0/21 maxlen: 22
176.39.64.0/20 maxlen: 21
188.190.32.0/19 maxlen: 20
Validation: Failed, certificate revoked on Fri 17 Jan 2025 08:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:8b:e0:5e:a3:8a:b3:32:0b:13:b0:18:db:86:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f84128146b7bec8bd1185bbe0c3b9340aaf5b714
Validity
Not Before: Jan 2 11:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cc8a1a03bad04504be9825b512250a008c228e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:98:3f:8c:ea:a4:fc:a0:56:22:fc:4a:0f:
83:eb:02:ad:a9:0c:3c:15:72:fe:c2:f2:2d:1b:dc:
cc:41:ee:e3:7a:78:65:89:37:36:e6:45:ff:bd:6d:
6a:ef:bb:27:8b:38:ef:1e:98:9f:37:a3:14:ec:96:
a5:a6:d2:d2:df:79:da:40:c5:7e:fd:4d:12:7b:01:
8e:4b:65:d9:e4:25:fd:2c:63:c0:87:db:d5:14:4f:
df:07:c4:ce:7a:99:b5:2a:75:1c:5a:d6:dc:6c:ad:
7f:da:1a:0c:11:4d:d4:06:68:1d:e9:6c:8a:60:7b:
6e:9e:71:69:cb:e8:94:d4:6c:28:17:10:6b:4d:73:
a5:47:9b:4b:b1:2b:eb:b4:ab:d1:35:da:02:d4:cb:
e2:62:55:5e:e7:b2:9c:2c:be:4e:8d:bb:76:2b:5c:
7b:d8:9e:ef:77:31:8b:35:61:53:1d:97:c5:83:19:
55:77:3e:1a:e9:23:92:66:d5:8f:fe:41:a5:3c:30:
f5:c8:06:c7:de:87:36:ff:22:1e:be:d2:66:2e:04:
13:b5:85:53:f6:d8:8d:f3:81:33:d1:8c:27:22:9d:
65:91:00:5e:c9:21:ec:c5:d9:8d:de:93:e2:66:96:
2f:1c:31:2d:0b:21:63:30:6f:51:95:b9:18:85:33:
77:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:C8:A1:A0:3B:AD:04:50:4B:E9:82:5B:51:22:50:A0:08:C2:28:E9
X509v3 Authority Key Identifier:
keyid:F8:41:28:14:6B:7B:EC:8B:D1:18:5B:BE:0C:3B:93:40:AA:F5:B7:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-EEoFGt77IvRGFu-DDuTQKr1txQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/HMihoDutBFBL6YJbUSJQoAjCKOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/fb2411-485b-4143-9241-13839640a604/1/1-EEoFGt77IvRGFu-DDuTQKr1txQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.64.0/21
80.243.144.0/20
86.111.64.0/20
86.111.84.0/23
91.212.203.0/24
176.32.0.0/21
176.39.64.0/20
188.190.32.0/19
Signature Algorithm: sha256WithRSAEncryption
a4:2d:73:f6:1d:32:78:b3:2a:e5:fe:73:d5:1e:ef:d3:c3:0e:
9f:84:2d:c6:14:89:48:2a:dd:e7:9b:a1:82:f4:97:1c:48:13:
50:b1:5a:6d:a8:e9:99:3d:82:f4:2f:e7:76:a8:22:3b:38:d7:
69:3a:6c:6d:39:f1:12:c4:81:b7:3b:73:7e:03:14:96:d0:29:
7d:ec:90:5a:bf:49:42:f5:70:c6:8b:3a:d4:20:d6:f2:42:7b:
9f:36:43:46:31:1b:49:9b:84:61:92:6d:27:bf:08:6a:d8:8a:
a4:6e:df:6f:75:63:02:89:89:c4:64:0b:1f:be:fb:d9:64:f4:
10:bf:67:71:cf:b9:3f:3e:85:62:39:15:80:7e:29:e1:0c:1d:
29:3a:fc:22:dc:ee:da:17:36:6c:ac:2c:c7:82:3e:45:03:5b:
4e:f2:00:8d:25:85:7c:95:2b:0e:48:ad:49:40:e7:66:da:6c:
e0:b0:e7:83:a1:d6:3b:eb:5a:93:7f:53:4f:1f:b3:2a:c3:27:
15:54:9f:e0:22:33:d8:c8:d0:09:12:f1:f6:2d:6e:ce:28:08:
3f:ae:29:be:26:c7:ea:1c:4a:c1:2a:55:ac:0f:6f:f5:af:3b:
0b:6c:76:70:32:b2:92:7e:ed:7b:3c:f8:3e:7b:e2:2f:fb:b1:
fe:88:1d:21
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQm2YvgXqOKszILE7AY24YKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4NDEyODE0NmI3YmVjOGJkMTE4NWJiZTBjM2I5MzQwYWFm
NWI3MTQwHhcNMjUwMTAyMTE0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2M4YTFhMDNiYWQwNDUwNGJlOTgyNWI1MTIyNTBhMDA4YzIyOGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRaYP4zqpPygViL8Sg+D6wKtqQw8
FXL+wvItG9zMQe7jenhliTc25kX/vW1q77snizjvHpifN6MU7JalptLS33naQMV+
/U0SewGOS2XZ5CX9LGPAh9vVFE/fB8TOepm1KnUcWtbcbK1/2hoMEU3UBmgd6WyK
YHtunnFpy+iU1GwoFxBrTXOlR5tLsSvrtKvRNdoC1MviYlVe57KcLL5Ojbt2K1x7
2J7vdzGLNWFTHZfFgxlVdz4a6SOSZtWP/kGlPDD1yAbH3oc2/yIevtJmLgQTtYVT
9tiN84Ez0YwnIp1lkQBeySHsxdmN3pPiZpYvHDEtCyFjMG9RlbkYhTN3GQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFBzIoaA7rQRQS+mCW1EiUKAIwijpMB8GA1UdIwQY
MBaAFPhBKBRre+yL0Rhbvgw7k0Cq9bcUMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1FRW9GR3Q3N0l2UkdGdS1ERHVUUUtyMXR4US5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQx
LTEzODM5NjQwYTYwNC8xL0hNaWhvRHV0QkZCTDZZSmJVU0pRb0FqQ0tPay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjIvZmIyNDExLTQ4NWItNDE0My05MjQxLTEzODM5NjQwYTYw
NC8xLzEtRUVvRkd0NzdJdlJHRnUtRER1VFFLcjF0eFEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwSQYIKwYBBQUHAQcBAf8EOjA4MDYEAgABMDADBAMFOUAD
BARQ85ADBARWb0ADBAFWb1QDBABb1MsDBAOwIAADBASwJ0ADBAW8viAwDQYJKoZI
hvcNAQELBQADggEBAKQtc/YdMnizKuX+c9Ue79PDDp+ELcYUiUgq3eeboYL0lxxI
E1CxWm2o6Zk9gvQv53aoIjs412k6bG058RLEgbc7c34DFJbQKX3skFq/SUL1cMaL
OtQg1vJCe582Q0YxG0mbhGGSbSe/CGrYiqRu3291YwKJicRkCx+++9lk9BC/Z3HP
uT8+hWI5FYB+KeEMHSk6/CLc7toXNmysLMeCPkUDW07yAI0lhXyVKw5IrUlA52ba
bOCw54Oh1jvrWpN/U08fsyrDJxVUn+AiM9jI0AkS8fYtbs4oCD+uKb4mx+ocSsEq
VawPb/WvOwtsdnAyspJ+7Xs8+D574i/7sf6IHSE=
-----END CERTIFICATE-----
Generated at Thu Apr 17 00:36:19 2025 by rpki-client