Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/rHf4M559vof016PCF8LcI6ehTTM.roa
File: rHf4M559vof016PCF8LcI6ehTTM.roa (raw, json)
Hash identifier: n6i9PDAjDUPLFInYwDQZ4eXvkGQlWnG1IJysuRvqcXk=
Subject key identifier: AC:77:F8:33:9E:7D:BE:87:F4:D7:A3:C2:17:C2:DC:23:A7:A1:4D:33
Certificate issuer: /CN=22373571c90249bf2aa948e78bed13e08528b87e
Certificate serial: 0194126D9C2E80454F01088BF0C45243DF47
Authority key identifier: 22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/rHf4M559vof016PCF8LcI6ehTTM.roa
Signing time: Sun 29 Dec 2024 12:39:20 +0000
ROA not before: Sun 29 Dec 2024 12:39:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213775
IP address blocks: 5.160.199.0/24 maxlen: 24
46.209.224.0/24 maxlen: 24
46.209.225.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:12:6d:9c:2e:80:45:4f:01:08:8b:f0:c4:52:43:df:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22373571c90249bf2aa948e78bed13e08528b87e
Validity
Not Before: Dec 29 12:39:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac77f8339e7dbe87f4d7a3c217c2dc23a7a14d33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:21:e0:ef:e5:f1:ac:56:18:d5:05:73:66:26:
9f:4e:80:ec:ce:2f:f5:66:78:98:c6:8a:6d:48:0d:
9e:08:ed:3e:c6:7b:12:a5:bf:45:29:3c:30:79:7c:
9a:cd:0b:4a:1e:01:fe:d1:7e:5c:b8:b7:bd:fe:65:
82:3e:3d:0e:66:32:cd:d4:7b:ff:b6:b8:d6:76:84:
58:55:0e:5f:a7:e9:d0:ac:a3:4f:1b:35:03:b3:1d:
e2:fe:9c:85:6b:f6:5a:eb:af:0f:a8:48:ed:53:bb:
0f:c4:bb:3f:57:1d:3a:8e:f6:c1:f3:db:38:bd:ff:
ae:5f:fd:48:e5:de:57:de:2e:76:f3:03:a9:68:23:
e8:f9:a4:18:c7:ee:32:a2:18:90:47:44:c6:0c:77:
de:91:c2:45:50:8b:6a:10:53:35:8e:cf:17:c2:da:
4a:8f:ca:72:7f:df:1e:ca:97:c4:82:d3:d5:89:6b:
63:82:ae:a0:cf:dc:de:d8:82:7a:20:82:d7:e4:84:
38:05:33:e4:6c:88:fe:33:d9:b0:c4:da:5c:94:97:
e2:02:9d:4a:8f:9a:94:33:e4:07:81:76:15:37:c0:
f2:35:35:1e:89:37:0d:29:7d:77:89:31:ac:fb:f7:
c4:f1:8a:4d:fd:85:8b:2e:ee:04:29:14:10:2c:8e:
3e:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:77:F8:33:9E:7D:BE:87:F4:D7:A3:C2:17:C2:DC:23:A7:A1:4D:33
X509v3 Authority Key Identifier:
keyid:22:37:35:71:C9:02:49:BF:2A:A9:48:E7:8B:ED:13:E0:85:28:B8:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ijc1cckCSb8qqUjni-0T4IUouH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/rHf4M559vof016PCF8LcI6ehTTM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/866e5e-831e-4cb1-bd51-b4540c74c94b/1/Ijc1cckCSb8qqUjni-0T4IUouH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.199.0/24
46.209.224.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:69:9e:93:18:c6:15:58:48:29:bb:11:c7:3a:ba:96:82:52:
c6:97:a7:8d:70:c4:9d:9d:aa:8a:2b:ae:40:bd:5c:b1:31:59:
2a:bd:66:de:b2:3c:65:70:49:03:bc:34:0e:05:14:e2:8c:2f:
97:d6:d9:59:3b:72:9b:5d:10:75:eb:4a:45:c9:22:14:12:68:
bb:b6:b2:d7:4c:d3:b7:31:22:66:43:36:14:e0:e1:dc:3e:8e:
2a:21:00:80:92:5a:d3:9f:29:c1:53:92:ca:17:d4:8e:d7:b2:
75:17:1e:25:84:7b:22:3c:17:c7:c1:51:60:8b:40:5e:fc:9f:
65:88:d5:59:6b:cf:72:81:b3:4c:86:38:ec:0d:59:e3:2a:d1:
3c:2a:f7:3b:11:e5:d6:44:9b:07:f1:e3:74:66:a1:73:48:72:
83:ff:24:a7:dc:bf:01:76:80:80:f0:a7:8b:d4:05:75:5f:bc:
9d:e2:50:78:27:93:dd:d4:23:5b:c8:cf:af:0f:c0:24:af:d5:
a1:61:c9:a6:a6:cf:ee:e8:3a:4d:4c:53:ba:86:05:d4:93:4f:
ea:96:8b:7e:b7:59:19:14:ad:8a:7e:ae:5b:46:e9:20:a7:80:
a4:e7:ec:95:4d:9b:52:13:93:4e:cb:d9:d4:a5:a9:5c:bc:47:
28:bf:6d:29
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQSbZwugEVPAQiL8MRSQ99HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzczNTcxYzkwMjQ5YmYyYWE5NDhlNzhiZWQxM2UwODUy
OGI4N2UwHhcNMjQxMjI5MTIzOTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzc3ZjgzMzllN2RiZTg3ZjRkN2EzYzIxN2MyZGMyM2E3YTE0ZDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1SHg7+XxrFYY1QVzZiafToDszi/1
ZniYxoptSA2eCO0+xnsSpb9FKTwweXyazQtKHgH+0X5cuLe9/mWCPj0OZjLN1Hv/
trjWdoRYVQ5fp+nQrKNPGzUDsx3i/pyFa/Za668PqEjtU7sPxLs/Vx06jvbB89s4
vf+uX/1I5d5X3i528wOpaCPo+aQYx+4yohiQR0TGDHfekcJFUItqEFM1js8XwtpK
j8pyf98eypfEgtPViWtjgq6gz9ze2IJ6IILX5IQ4BTPkbIj+M9mwxNpclJfiAp1K
j5qUM+QHgXYVN8DyNTUeiTcNKX13iTGs+/fE8YpN/YWLLu4EKRQQLI4+9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKx3+DOefb6H9NejwhfC3COnoU0zMB8GA1UdIwQY
MBaAFCI3NXHJAkm/KqlI54vtE+CFKLh+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEt
YjQ1NDBjNzRjOTRiLzEvckhmNE01NTl2b2YwMTZQQ0Y4TGNJNmVoVFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84NjZlNWUtODMxZS00Y2IxLWJkNTEtYjQ1NDBjNzRjOTRi
LzEvSWpjMWNja0NTYjhxcVVqbmktMFQ0SVVvdUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABaDHAwQB
LtHgMA0GCSqGSIb3DQEBCwUAA4IBAQB/aZ6TGMYVWEgpuxHHOrqWglLGl6eNcMSd
naqKK65AvVyxMVkqvWbesjxlcEkDvDQOBRTijC+X1tlZO3KbXRB160pFySIUEmi7
trLXTNO3MSJmQzYU4OHcPo4qIQCAklrTnynBU5LKF9SO17J1Fx4lhHsiPBfHwVFg
i0Be/J9liNVZa89ygbNMhjjsDVnjKtE8Kvc7EeXWRJsH8eN0ZqFzSHKD/ySn3L8B
doCA8KeL1AV1X7yd4lB4J5Pd1CNbyM+vD8Akr9WhYcmmps/u6DpNTFO6hgXUk0/q
lot+t1kZFK2Kfq5bRukgp4Ck5+yVTZtSE5NOy9nUpalcvEcov20p
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:13:38 2025 by rpki-client