Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/hUMhBRBTigPokiAbQ9Yh8ZHitoQ.roa
File: hUMhBRBTigPokiAbQ9Yh8ZHitoQ.roa (raw, json)
Hash identifier: LIewSSXaHoUJWIzAB9l9ZnpfCNtpTwrYlqZCCQAJQ2g=
Subject key identifier: 85:43:21:05:10:53:8A:03:E8:92:20:1B:43:D6:21:F1:91:E2:B6:84
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 0194F97E1FECF77A4C8D628A55191558088B
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/hUMhBRBTigPokiAbQ9Yh8ZHitoQ.roa
Signing time: Wed 12 Feb 2025 09:29:40 +0000
ROA not before: Wed 12 Feb 2025 09:29:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39900
IP address blocks: 141.98.184.0/22 maxlen: 22
194.9.118.0/24 maxlen: 24
2a13:6c40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 21 Feb 2025 13:18:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f9:7e:1f:ec:f7:7a:4c:8d:62:8a:55:19:15:58:08:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Feb 12 09:29:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8543210510538a03e892201b43d621f191e2b684
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:51:51:34:49:77:0d:64:f0:46:4a:7f:d4:83:
6e:11:8b:12:21:b7:31:17:cd:0a:05:a2:a0:f4:1d:
b9:a4:5d:91:6f:de:a1:79:bb:a0:fc:b8:05:db:53:
81:f8:2b:92:c2:a8:33:ef:f8:4c:e0:60:af:00:47:
76:22:68:9d:f4:94:c4:f4:0d:ea:14:37:37:d8:74:
03:f9:84:92:06:aa:1f:18:b7:ec:2a:d5:cc:a4:09:
e7:c4:70:32:24:71:8c:44:66:cd:6e:6e:f0:aa:14:
e9:61:69:3f:7b:b8:42:c5:65:ae:5e:68:2b:6f:08:
21:c9:49:c3:0e:eb:1a:78:0b:43:f6:ac:db:1b:06:
f2:10:a9:0b:c7:66:ce:d0:41:dd:ca:fa:b5:9f:77:
4e:67:8f:09:92:49:ef:4c:a0:da:bf:4b:5e:58:60:
cb:3f:60:b5:25:c6:92:e1:60:fc:dc:2b:f1:1f:5a:
52:9e:08:5c:dc:3e:95:4e:e1:9e:72:be:62:a6:62:
e2:23:67:32:61:26:d6:f6:1f:b0:1b:23:14:6d:6c:
36:12:6e:3b:eb:a5:5d:1b:9c:f8:84:4b:2e:b8:5e:
ab:40:3e:3c:b9:67:8e:41:07:05:a7:40:8e:81:fa:
30:14:a1:be:8b:db:8b:bc:0e:bf:c2:e8:f0:e3:8f:
d9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:43:21:05:10:53:8A:03:E8:92:20:1B:43:D6:21:F1:91:E2:B6:84
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/hUMhBRBTigPokiAbQ9Yh8ZHitoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.98.184.0/22
194.9.118.0/24
IPv6:
2a13:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
11:6f:e3:dd:fd:8e:80:d0:81:dc:a1:24:33:ca:6d:8d:7d:de:
f6:47:dd:66:5c:33:b3:7e:4b:9c:82:7d:c8:19:7b:d5:ff:03:
10:6e:d3:af:80:04:57:12:7c:11:35:e4:08:f7:6a:e5:b2:6a:
39:7e:22:b2:a8:9e:f3:86:99:d4:d9:a7:bd:2c:c0:92:27:d7:
32:67:6f:cc:1a:bf:9b:3c:19:5b:c9:ad:5d:95:64:5c:20:7e:
e1:52:74:06:9f:f0:80:d9:e7:5b:a7:89:fb:14:64:74:76:7b:
86:ca:21:97:27:38:0a:d3:d7:18:b9:71:82:8c:f1:76:95:7b:
e3:52:6b:98:b9:ce:58:e0:c1:a3:00:ff:11:4b:79:28:1a:8a:
56:39:e9:e9:6d:89:58:90:6e:2e:89:6a:56:5f:b9:a7:f8:c9:
86:cd:b6:d6:91:c8:96:b7:9b:19:ab:6b:fc:1f:5a:ae:bd:2b:
e2:51:fa:89:8d:29:b6:96:26:ff:18:85:ff:3b:6f:91:71:32:
86:15:2b:a8:f1:ed:6f:e7:37:ce:f4:4e:22:74:9d:a6:98:18:
a3:8a:b6:2a:a9:72:42:1a:cf:06:a4:e3:56:a2:aa:3a:97:29:
9e:96:a8:58:a1:f3:b0:a7:56:6e:4a:2d:d7:d0:79:e5:bb:ba:
f0:05:77:a8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZT5fh/s93pMjWKKVRkVWAiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjUwMjEyMDkyOTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTQzMjEwNTEwNTM4YTAzZTg5MjIwMWI0M2Q2MjFmMTkxZTJiNjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0VFRNEl3DWTwRkp/1INuEYsSIbcx
F80KBaKg9B25pF2Rb96hebug/LgF21OB+CuSwqgz7/hM4GCvAEd2Imid9JTE9A3q
FDc32HQD+YSSBqofGLfsKtXMpAnnxHAyJHGMRGbNbm7wqhTpYWk/e7hCxWWuXmgr
bwghyUnDDusaeAtD9qzbGwbyEKkLx2bO0EHdyvq1n3dOZ48JkknvTKDav0teWGDL
P2C1JcaS4WD83CvxH1pSnghc3D6VTuGecr5ipmLiI2cyYSbW9h+wGyMUbWw2Em47
66VdG5z4hEsuuF6rQD48uWeOQQcFp0COgfowFKG+i9uLvA6/wujw44/ZQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFIVDIQUQU4oD6JIgG0PWIfGR4raEMB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvaFVNaEJSQlRpZ1Bva2lBYlE5WWg4WkhpdG9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCjWK4AwQA
wgl2MA0EAgACMAcDBQMqE2xAMA0GCSqGSIb3DQEBCwUAA4IBAQARb+Pd/Y6A0IHc
oSQzym2Nfd72R91mXDOzfkucgn3IGXvV/wMQbtOvgARXEnwRNeQI92rlsmo5fiKy
qJ7zhpnU2ae9LMCSJ9cyZ2/MGr+bPBlbya1dlWRcIH7hUnQGn/CA2edbp4n7FGR0
dnuGyiGXJzgK09cYuXGCjPF2lXvjUmuYuc5Y4MGjAP8RS3koGopWOenpbYlYkG4u
iWpWX7mn+MmGzbbWkciWt5sZq2v8H1quvSviUfqJjSm2lib/GIX/O2+RcTKGFSuo
8e1v5zfO9E4idJ2mmBijirYqqXJCGs8GpONWoqo6lymelqhYofOwp1ZuSi3X0Hnl
u7rwBXeo
-----END CERTIFICATE-----
Generated at Thu Apr 24 08:06:01 2025 by rpki-client