Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/H4XM4l_qCfHTuD4IiPV8ymJ--tU.roa
File: H4XM4l_qCfHTuD4IiPV8ymJ--tU.roa (raw, json)
Hash identifier: VRGARaLRqj7Rns5ekYEfl7Cs1kVfR/98Q7WZgKAtdjg=
Subject key identifier: 1F:85:CC:E2:5F:EA:09:F1:D3:B8:3E:08:88:F5:7C:CA:62:7E:FA:D5
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 0194FA00797346C070700CBA58E125ACA691
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/H4XM4l_qCfHTuD4IiPV8ymJ--tU.roa
Signing time: Wed 12 Feb 2025 11:52:02 +0000
ROA not before: Wed 12 Feb 2025 11:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 4515
IP address blocks: 62.171.240.0/22 maxlen: 24
213.18.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 14 Feb 2025 14:29:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:fa:00:79:73:46:c0:70:70:0c:ba:58:e1:25:ac:a6:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Feb 12 11:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f85cce25fea09f1d3b83e0888f57cca627efad5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:64:47:fc:f6:ae:be:b6:85:34:f1:ad:21:f5:
3e:b9:0e:88:36:06:34:34:3d:02:df:64:1b:6d:a9:
7a:ff:30:eb:df:ac:4f:eb:df:ba:76:54:04:05:14:
ae:e2:ae:30:25:fa:94:a3:06:c6:77:79:b2:21:4f:
bd:86:2d:99:5b:0c:07:ce:a8:6b:66:55:c6:bb:f3:
bd:1c:cd:9f:22:1d:fe:86:30:8b:47:b6:7b:ef:63:
24:c6:1c:48:7e:87:c4:84:85:e7:72:4c:e5:86:7e:
45:a7:c0:4d:e4:09:90:e3:82:3a:6e:3e:c0:2b:b7:
d0:69:b6:05:b0:b8:2e:b3:81:78:14:92:6a:0e:8f:
68:b8:eb:59:87:7b:ae:ff:5a:ee:20:d1:bc:a5:e0:
74:aa:db:ec:f9:0a:1f:40:f3:79:59:42:75:f1:20:
f9:a2:a0:90:72:d0:6e:7d:f5:51:6c:66:82:59:f8:
ab:93:7c:7d:8e:fc:21:b6:0c:52:46:ce:97:3d:6a:
65:ee:5e:a4:7f:81:a3:5f:2c:84:89:3e:b7:a1:53:
05:dd:3d:b8:b5:68:fe:c2:05:51:d4:f8:5e:b8:78:
57:a7:45:2d:27:55:68:61:9a:17:b6:ba:c3:cd:25:
74:2f:16:62:42:1a:96:04:03:a9:1e:73:c9:71:7a:
f1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:85:CC:E2:5F:EA:09:F1:D3:B8:3E:08:88:F5:7C:CA:62:7E:FA:D5
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/H4XM4l_qCfHTuD4IiPV8ymJ--tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.240.0/22
213.18.196.0/22
Signature Algorithm: sha256WithRSAEncryption
6c:50:62:80:0d:48:12:b6:b8:c9:7d:3d:2b:e0:6a:57:67:46:
b7:ed:a4:fa:54:d8:6f:ee:b0:54:06:d0:54:af:59:c7:1c:97:
81:d9:8e:b6:30:a1:37:ae:4f:b2:4a:e3:99:2b:7f:09:b7:65:
19:f5:37:51:d2:f1:78:9a:6d:c4:58:f5:6f:b9:b7:d5:01:5d:
b2:6d:48:84:80:ae:55:f1:ad:57:6c:8d:bc:9a:ea:69:f5:ff:
64:a2:4a:41:34:6a:c4:87:ca:10:43:85:1a:90:80:7d:f2:b8:
3a:f3:74:1d:35:37:02:c3:82:04:05:1b:ae:c9:45:85:c1:bd:
7f:5a:b0:c9:6e:7b:b0:60:d0:57:00:7c:ca:09:91:0e:84:a6:
2d:e3:69:18:27:47:0f:81:29:50:83:6a:7f:c0:86:7e:26:e6:
7d:45:c1:6a:cb:7a:47:3f:25:b7:89:15:04:71:53:15:ce:aa:
1e:ba:6d:3e:3f:0a:0c:97:41:e6:33:48:9d:e8:bf:70:57:a0:
3d:07:8c:9b:98:a0:3d:a5:1a:97:92:67:ec:68:fd:80:e5:71:
05:15:ff:b2:97:2c:f6:ca:92:b9:fd:28:a1:1c:92:dc:a2:55:
25:52:ab:95:00:2b:4d:44:e9:e8:e3:bb:85:39:cf:85:0b:f7:
8f:b9:15:c3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZT6AHlzRsBwcAy6WOElrKaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwMjEyMTE1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg1Y2NlMjVmZWEwOWYxZDNiODNlMDg4OGY1N2NjYTYyN2VmYWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWRH/PauvraFNPGtIfU+uQ6INgY0
ND0C32Qbbal6/zDr36xP69+6dlQEBRSu4q4wJfqUowbGd3myIU+9hi2ZWwwHzqhr
ZlXGu/O9HM2fIh3+hjCLR7Z772MkxhxIfofEhIXnckzlhn5Fp8BN5AmQ44I6bj7A
K7fQabYFsLgus4F4FJJqDo9ouOtZh3uu/1ruING8peB0qtvs+QofQPN5WUJ18SD5
oqCQctBuffVRbGaCWfirk3x9jvwhtgxSRs6XPWpl7l6kf4GjXyyEiT63oVMF3T24
tWj+wgVR1PheuHhXp0UtJ1VoYZoXtrrDzSV0LxZiQhqWBAOpHnPJcXrxQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB+FzOJf6gnx07g+CIj1fMpifvrVMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvSDRYTTRsX3FDZkhUdUQ0SWlQVjh5bUotLXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCPqvwAwQC
1RLEMA0GCSqGSIb3DQEBCwUAA4IBAQBsUGKADUgStrjJfT0r4GpXZ0a37aT6VNhv
7rBUBtBUr1nHHJeB2Y62MKE3rk+ySuOZK38Jt2UZ9TdR0vF4mm3EWPVvubfVAV2y
bUiEgK5V8a1XbI28mupp9f9kokpBNGrEh8oQQ4UakIB98rg683QdNTcCw4IEBRuu
yUWFwb1/WrDJbnuwYNBXAHzKCZEOhKYt42kYJ0cPgSlQg2p/wIZ+JuZ9RcFqy3pH
PyW3iRUEcVMVzqoeum0+PwoMl0HmM0id6L9wV6A9B4ybmKA9pRqXkmfsaP2A5XEF
Ff+ylyz2ypK5/SihHJLcolUlUquVACtNROno47uFOc+FC/ePuRXD
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:49:57 2025 by rpki-client