Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/H1RkQRUqSF3vRx9Gw4Q5QgnMoYM.roa
File: H1RkQRUqSF3vRx9Gw4Q5QgnMoYM.roa (raw, json)
Hash identifier: C7AAs9sicA236qzsLMD0m9wKtU1eY/bva6RueDzGkcA=
Subject key identifier: 1F:54:64:41:15:2A:48:5D:EF:47:1F:46:C3:84:39:42:09:CC:A1:83
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 0193EA6271074B0CD57DEDF5457B8C1AFAA0
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/H1RkQRUqSF3vRx9Gw4Q5QgnMoYM.roa
Signing time: Sat 21 Dec 2024 18:02:20 +0000
ROA not before: Sat 21 Dec 2024 18:02:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30738
IP address blocks: 109.248.160.0/22 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Tue 24 Dec 2024 09:39:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ea:62:71:07:4b:0c:d5:7d:ed:f5:45:7b:8c:1a:fa:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Dec 21 18:02:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1f546441152a485def471f46c384394209cca183
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:07:69:db:9f:24:3f:a8:b6:4e:5d:3d:9b:cc:
c1:94:0d:c1:9c:25:3e:fb:45:2a:e4:d0:e3:04:78:
a0:96:72:c8:d6:79:a6:8f:62:c6:18:cd:bf:4b:18:
a7:74:85:cb:e1:81:18:a1:cf:50:d5:4f:af:f8:8f:
49:e0:2b:1d:6b:b4:7b:2a:3c:b6:47:79:b2:22:51:
2a:d4:c4:fb:f7:08:52:34:5b:c9:36:30:8a:bd:39:
de:a8:35:3b:9c:84:d6:3b:c9:f0:a1:5e:e8:4d:ac:
ab:37:b9:9d:c4:78:62:98:e1:20:bf:c1:fe:2d:34:
97:0a:e9:ac:9d:0a:7e:2b:4f:2f:71:cb:03:df:f9:
61:0f:0b:fb:4d:31:ce:32:47:2d:05:34:60:23:34:
4e:ff:84:1e:3f:71:f9:7b:1f:15:ac:6b:48:ca:a6:
4f:bc:26:92:dc:2f:c4:ed:1e:a1:16:bf:5e:8c:1a:
6a:53:fd:bd:98:52:c5:8b:13:11:d2:a4:65:49:c2:
f1:62:53:79:b5:ee:b9:f1:a4:fc:81:da:c5:d7:51:
4b:91:ac:f4:f1:b2:46:18:8d:65:9c:8e:5e:26:16:
10:83:83:f3:94:4e:39:18:4a:9c:e8:b8:54:8e:45:
7a:fa:5f:18:c4:d4:24:70:73:37:d1:b1:40:2c:b9:
8d:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:54:64:41:15:2A:48:5D:EF:47:1F:46:C3:84:39:42:09:CC:A1:83
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/H1RkQRUqSF3vRx9Gw4Q5QgnMoYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.248.160.0/22
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
8c:65:72:8c:63:1e:2e:dd:22:41:06:d9:99:58:96:92:10:52:
e0:f5:3d:c4:2f:0e:89:b6:60:04:b8:d7:29:90:64:58:f0:dd:
2b:55:17:31:a9:71:0e:af:9c:0e:7f:dc:31:93:3c:a2:a6:b0:
63:ea:89:e1:58:13:5d:9e:6e:ca:f3:71:f7:2c:60:ec:d8:2c:
0d:b8:ee:5e:fc:93:90:f7:da:03:f1:e7:1d:42:a2:f3:a8:21:
d8:69:07:e0:e9:e4:07:e2:6f:17:06:eb:eb:6e:96:c7:b1:e0:
ad:bf:e0:bb:98:d2:1a:46:b3:fb:51:af:28:32:05:53:28:a0:
c9:bd:be:b1:54:27:59:16:db:75:e1:33:ad:77:c1:c5:89:fc:
a6:8c:ba:f8:6c:10:25:01:ec:a1:af:89:ca:96:a1:0c:15:54:
c6:c9:c6:dd:61:92:2d:b3:c9:5d:46:3d:ba:34:3b:3f:cd:27:
0e:b6:14:67:dc:5a:21:53:0e:28:3b:ab:8e:44:e2:36:75:3b:
cf:bd:52:f5:ef:fb:3b:8b:40:57:a5:83:36:e9:10:dd:74:f0:
1b:3a:be:be:1f:d0:0e:b0:57:80:76:3b:10:61:8f:39:ac:95:
ac:d4:f7:9a:1b:16:1b:01:8e:f4:62:88:dc:c2:16:f0:40:39:
f3:b9:4c:77
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZPqYnEHSwzVfe31RXuMGvqgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjQxMjIxMTgwMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjU0NjQ0MTE1MmE0ODVkZWY0NzFmNDZjMzg0Mzk0MjA5Y2NhMTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzAdp258kP6i2Tl09m8zBlA3BnCU+
+0Uq5NDjBHiglnLI1nmmj2LGGM2/SxindIXL4YEYoc9Q1U+v+I9J4Csda7R7Kjy2
R3myIlEq1MT79whSNFvJNjCKvTneqDU7nITWO8nwoV7oTayrN7mdxHhimOEgv8H+
LTSXCumsnQp+K08vccsD3/lhDwv7TTHOMkctBTRgIzRO/4QeP3H5ex8VrGtIyqZP
vCaS3C/E7R6hFr9ejBpqU/29mFLFixMR0qRlScLxYlN5te658aT8gdrF11FLkaz0
8bJGGI1lnI5eJhYQg4PzlE45GEqc6LhUjkV6+l8YxNQkcHM30bFALLmNSQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFB9UZEEVKkhd70cfRsOEOUIJzKGDMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvSDFSa1FSVXFTRjN2Ung5R3c0UTVRZ25Nb1lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCbfigAwQA
vIK2AwQCw9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQCMZXKM
Yx4u3SJBBtmZWJaSEFLg9T3ELw6JtmAEuNcpkGRY8N0rVRcxqXEOr5wOf9wxkzyi
prBj6onhWBNdnm7K83H3LGDs2CwNuO5e/JOQ99oD8ecdQqLzqCHYaQfg6eQH4m8X
BuvrbpbHseCtv+C7mNIaRrP7Ua8oMgVTKKDJvb6xVCdZFtt14TOtd8HFifymjLr4
bBAlAeyhr4nKlqEMFVTGycbdYZIts8ldRj26NDs/zScOthRn3FohUw4oO6uOROI2
dTvPvVL17/s7i0BXpYM26RDddPAbOr6+H9AOsFeAdjsQYY85rJWs1PeaGxYbAY70
YojcwhbwQDnzuUx3
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:09:32 2025 by rpki-client