Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/HbJK0pPzlPZfHFFAPkrqNsHwF4g.roa
File: HbJK0pPzlPZfHFFAPkrqNsHwF4g.roa (raw, json)
Hash identifier: OREQE8aFRYv3dkEMcIvo6b0aw/hTq70xMzudQUFdoOo=
Subject key identifier: 1D:B2:4A:D2:93:F3:94:F6:5F:1C:51:40:3E:4A:EA:36:C1:F0:17:88
Certificate issuer: /CN=07594568618898a9fb720ae09bed0ed1be4f857e
Certificate serial: 018CCA2A2A5E9D3732D39A587D744C10778C
Authority key identifier: 07:59:45:68:61:88:98:A9:FB:72:0A:E0:9B:ED:0E:D1:BE:4F:85:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1lFaGGImKn7cgrgm-0O0b5PhX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/HbJK0pPzlPZfHFFAPkrqNsHwF4g.roa
Signing time: Tue 02 Jan 2024 12:33:30 +0000
ROA not before: Tue 02 Jan 2024 12:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57167
IP address blocks: 46.254.107.0/24 maxlen: 24
195.14.122.0/24 maxlen: 24
2a11:b100:b100::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:2a:5e:9d:37:32:d3:9a:58:7d:74:4c:10:77:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07594568618898a9fb720ae09bed0ed1be4f857e
Validity
Not Before: Jan 2 12:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1db24ad293f394f65f1c51403e4aea36c1f01788
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:be:63:5b:b3:87:1e:54:9d:60:e5:89:79:
20:a6:58:41:0e:52:2b:ab:41:3e:11:5e:ae:2e:f1:
d5:d1:67:36:27:cc:cc:df:43:18:3f:38:e2:e9:07:
cf:7b:62:56:4c:c0:bd:1f:7e:61:20:df:6d:20:fe:
39:4d:c2:b6:53:38:23:2f:c9:80:59:2b:47:4b:33:
e2:2f:46:bc:92:b6:45:53:2d:c6:5e:58:7d:11:20:
48:98:5f:7e:cd:da:4b:18:4e:fb:07:65:1d:cc:09:
48:9a:51:7a:53:a7:eb:74:64:9b:09:89:56:f8:ad:
44:f3:12:ef:98:19:51:d1:ad:e2:e0:c2:1b:f9:f6:
dd:71:95:70:dc:df:82:88:9a:27:c8:4a:3d:18:8d:
bd:ca:41:1b:d6:5c:60:59:60:c3:a1:ea:e4:ef:d5:
ec:b4:d5:7a:65:0b:3f:fb:23:51:f7:48:8c:2e:18:
8a:b4:d5:ad:cb:89:f1:b4:09:cb:4b:0e:8c:0a:e5:
c7:3b:24:43:b9:90:2a:8d:23:09:c6:14:97:cb:1d:
00:53:1f:d7:5f:59:e5:54:2c:39:f4:9b:79:ec:c8:
93:5c:c1:8a:3e:8e:47:c7:d0:1c:a6:56:84:c7:a7:
fe:6a:f5:e2:5a:ce:16:66:7b:66:66:62:59:3f:4d:
c9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:B2:4A:D2:93:F3:94:F6:5F:1C:51:40:3E:4A:EA:36:C1:F0:17:88
X509v3 Authority Key Identifier:
keyid:07:59:45:68:61:88:98:A9:FB:72:0A:E0:9B:ED:0E:D1:BE:4F:85:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1lFaGGImKn7cgrgm-0O0b5PhX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/HbJK0pPzlPZfHFFAPkrqNsHwF4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9fada1-60f9-4ef7-81d8-1eccbe67c661/1/B1lFaGGImKn7cgrgm-0O0b5PhX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.107.0/24
195.14.122.0/24
IPv6:
2a11:b100:b100::/48
Signature Algorithm: sha256WithRSAEncryption
91:cb:50:62:75:fb:c1:e3:8a:3e:37:d5:91:57:22:df:28:53:
9d:ad:ac:15:fc:5c:c3:72:39:69:0e:1b:04:f7:d9:21:60:1d:
9a:e7:56:f2:b3:8b:33:f5:67:8f:2a:91:80:56:e2:73:b6:08:
76:80:72:28:df:6c:a4:e4:b0:db:f1:13:85:8b:e0:b2:8d:6c:
57:73:f3:d9:9d:ac:86:61:ef:34:ab:a6:0c:80:58:b2:98:78:
ea:14:e9:31:25:f0:28:6b:dc:fc:96:8f:09:c3:01:8a:c0:83:
f0:48:7c:c7:c8:48:ee:cd:05:65:42:e9:3e:34:ae:34:a9:58:
c2:d4:2c:3e:22:eb:25:c4:c7:67:b6:84:42:cf:39:35:82:fe:
50:c8:2d:c4:6d:0d:cf:90:3a:82:9e:e0:d3:7b:71:d0:43:6a:
d6:9c:a3:ae:16:a7:85:0d:c2:b3:b7:b1:c8:d0:ad:51:74:bc:
7c:b8:be:ee:13:02:5b:e2:f4:bd:eb:9d:04:ac:a1:b4:e2:4c:
7d:13:2f:d0:b1:30:f0:7e:6d:6b:11:b8:8e:73:e4:95:b5:f3:
39:44:c4:63:e3:76:75:c9:c5:50:91:6a:14:62:76:d5:2e:e9:
7c:00:6f:4b:bd:95:d7:bd:d7:0e:af:b5:bc:32:2f:3b:19:37:
10:cc:16:60
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzKKipenTcy05pYfXRMEHeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTk0NTY4NjE4ODk4YTlmYjcyMGFlMDliZWQwZWQxYmU0
Zjg1N2UwHhcNMjQwMTAyMTIzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGIyNGFkMjkzZjM5NGY2NWYxYzUxNDAzZTRhZWEzNmMxZjAxNzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+S+Y1uzhx5UnWDliXkgplhBDlIr
q0E+EV6uLvHV0Wc2J8zM30MYPzji6QfPe2JWTMC9H35hIN9tIP45TcK2UzgjL8mA
WStHSzPiL0a8krZFUy3GXlh9ESBImF9+zdpLGE77B2UdzAlImlF6U6frdGSbCYlW
+K1E8xLvmBlR0a3i4MIb+fbdcZVw3N+CiJonyEo9GI29ykEb1lxgWWDDoerk79Xs
tNV6ZQs/+yNR90iMLhiKtNWty4nxtAnLSw6MCuXHOyRDuZAqjSMJxhSXyx0AUx/X
X1nlVCw59Jt57MiTXMGKPo5Hx9AcplaEx6f+avXiWs4WZntmZmJZP03JnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFB2yStKT85T2XxxRQD5K6jbB8BeIMB8GA1UdIwQY
MBaAFAdZRWhhiJip+3IK4JvtDtG+T4V+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFsRmFHR0ltS243Y2dyZ20tME8wYjVQaFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85ZmFkYTEtNjBmOS00ZWY3LTgxZDgt
MWVjY2JlNjdjNjYxLzEvSGJKSzBwUHpsUFpmSEZGQVBrcnFOc0h3RjRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85ZmFkYTEtNjBmOS00ZWY3LTgxZDgtMWVjY2JlNjdjNjYx
LzEvQjFsRmFHR0ltS243Y2dyZ20tME8wYjVQaFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQALv5rAwQA
ww56MA8EAgACMAkDBwAqEbEAsQAwDQYJKoZIhvcNAQELBQADggEBAJHLUGJ1+8Hj
ij431ZFXIt8oU52trBX8XMNyOWkOGwT32SFgHZrnVvKzizP1Z48qkYBW4nO2CHaA
cijfbKTksNvxE4WL4LKNbFdz89mdrIZh7zSrpgyAWLKYeOoU6TEl8Chr3PyWjwnD
AYrAg/BIfMfISO7NBWVC6T40rjSpWMLULD4i6yXEx2e2hELPOTWC/lDILcRtDc+Q
OoKe4NN7cdBDataco64Wp4UNwrO3scjQrVF0vHy4vu4TAlvi9L3rnQSsobTiTH0T
L9CxMPB+bWsRuI5z5JW18zlExGPjdnXJxVCRahRidtUu6XwAb0u9lde91w6vtbwy
LzsZNxDMFmA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 06:42:15 2025 by rpki-client