Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/hgJTDBTvTUG95uUdiJMxhfStm0Y.roa
File: hgJTDBTvTUG95uUdiJMxhfStm0Y.roa (raw, json)
Hash identifier: yVj4BGR5AXza+kTpte/JPKRZSB2rGnWVzD0UsOV+6Rg=
Subject key identifier: 86:02:53:0C:14:EF:4D:41:BD:E6:E5:1D:88:93:31:85:F4:AD:9B:46
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01942745CF4F5430CE10406E47868C4B6CF8
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/hgJTDBTvTUG95uUdiJMxhfStm0Y.roa
Signing time: Thu 02 Jan 2025 13:47:53 +0000
ROA not before: Thu 02 Jan 2025 13:47:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134094
IP address blocks: 89.252.132.0/24 maxlen: 24
89.252.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 Jan 2025 12:13:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:cf:4f:54:30:ce:10:40:6e:47:86:8c:4b:6c:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 2 13:47:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8602530c14ef4d41bde6e51d88933185f4ad9b46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:34:24:b8:99:1b:34:c1:da:3b:1b:fd:88:f4:
59:ca:4c:1e:aa:84:e9:cd:af:f9:08:a4:64:a6:c5:
4c:3b:39:89:e2:fa:71:db:d9:ec:7c:bc:8d:62:b8:
21:01:fa:3e:67:cf:4c:c7:a2:95:34:a0:fd:b7:97:
04:c2:51:17:3b:25:3d:22:95:2e:08:a2:5f:11:11:
cf:fe:88:94:11:9f:97:72:7c:77:c3:0e:ef:de:c4:
f9:68:72:eb:51:08:91:9a:60:87:c2:dd:8a:e5:20:
29:e1:d0:74:d6:60:30:94:65:21:57:53:79:38:a1:
17:cc:c1:b7:b1:01:43:71:39:53:74:b1:53:ef:e5:
c0:81:57:7e:4b:e6:c1:d5:cb:e9:85:80:3e:c8:ff:
70:b2:bf:87:a8:a9:72:c1:2e:5e:97:91:8a:f7:0a:
15:5e:3c:28:1b:9b:46:f1:2a:40:1f:6b:87:91:6e:
5f:d9:83:a6:1f:d3:94:d4:2d:46:9e:92:2e:02:bd:
a5:82:e2:0b:82:db:7d:34:45:03:37:d6:c4:76:36:
fd:fc:bb:f4:3f:f0:c1:39:36:30:0c:7c:b5:ef:dd:
89:7f:77:66:f8:bf:9c:01:20:df:60:e9:a3:65:42:
16:64:70:bb:1c:2e:24:f1:06:80:35:a6:9e:89:bd:
98:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:02:53:0C:14:EF:4D:41:BD:E6:E5:1D:88:93:31:85:F4:AD:9B:46
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/hgJTDBTvTUG95uUdiJMxhfStm0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.132.0/23
Signature Algorithm: sha256WithRSAEncryption
81:2b:3e:bd:6d:0a:58:58:29:f5:d5:8b:92:2f:e3:77:3a:20:
d4:d2:16:f8:7e:db:35:d8:7f:18:f5:4e:fe:0c:da:82:3b:85:
c0:c8:c4:5b:ff:bf:fa:e3:f6:a0:fb:ba:6f:d0:f0:3c:fc:8d:
04:7b:e4:8c:30:04:33:00:5a:85:9f:24:0a:ee:f1:cd:64:eb:
ef:52:28:b6:f8:03:27:07:f2:63:0d:9e:6c:e5:c5:77:6d:0a:
26:d1:fb:42:d5:9d:c7:34:be:f4:4b:67:6e:b6:14:92:fc:a6:
22:2f:8a:60:9e:58:61:5c:e8:cf:f1:5a:d5:ea:40:62:32:a2:
fd:75:55:31:ee:2b:be:e3:0c:65:7f:a5:e4:6a:55:78:15:10:
90:b8:6e:4a:2b:4a:a4:ba:fe:26:8a:ce:63:33:fc:14:6c:b2:
82:38:08:45:70:35:25:86:66:c5:c3:76:c8:b2:74:5e:5a:60:
1c:a3:27:51:7e:4f:be:60:ba:00:e9:82:80:56:8c:dc:94:ac:
75:2d:48:b5:ad:08:62:45:c2:28:ad:f7:b5:65:67:12:6a:da:
a8:95:eb:f7:df:3b:00:29:14:01:9b:95:9a:49:ed:af:a1:4c:
cd:24:e5:a3:2f:a8:78:ca:fb:32:ef:80:4c:a5:9b:39:a4:f4:
c8:c4:88:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnRc9PVDDOEEBuR4aMS2z4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTAyMTM0NzUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjAyNTMwYzE0ZWY0ZDQxYmRlNmU1MWQ4ODkzMzE4NWY0YWQ5YjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDQkuJkbNMHaOxv9iPRZykweqoTp
za/5CKRkpsVMOzmJ4vpx29nsfLyNYrghAfo+Z89Mx6KVNKD9t5cEwlEXOyU9IpUu
CKJfERHP/oiUEZ+Xcnx3ww7v3sT5aHLrUQiRmmCHwt2K5SAp4dB01mAwlGUhV1N5
OKEXzMG3sQFDcTlTdLFT7+XAgVd+S+bB1cvphYA+yP9wsr+HqKlywS5el5GK9woV
XjwoG5tG8SpAH2uHkW5f2YOmH9OU1C1GnpIuAr2lguILgtt9NEUDN9bEdjb9/Lv0
P/DBOTYwDHy1792Jf3dm+L+cASDfYOmjZUIWZHC7HC4k8QaANaaeib2YeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYCUwwU701BveblHYiTMYX0rZtGMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvaGdKVERCVHZUVUc5NXVVZGlKTXhoZlN0bTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfyEMA0G
CSqGSIb3DQEBCwUAA4IBAQCBKz69bQpYWCn11YuSL+N3OiDU0hb4fts12H8Y9U7+
DNqCO4XAyMRb/7/64/ag+7pv0PA8/I0Ee+SMMAQzAFqFnyQK7vHNZOvvUii2+AMn
B/JjDZ5s5cV3bQom0ftC1Z3HNL70S2duthSS/KYiL4pgnlhhXOjP8VrV6kBiMqL9
dVUx7iu+4wxlf6XkalV4FRCQuG5KK0qkuv4mis5jM/wUbLKCOAhFcDUlhmbFw3bI
snReWmAcoydRfk++YLoA6YKAVozclKx1LUi1rQhiRcIorfe1ZWcSatqolev33zsA
KRQBm5WaSe2voUzNJOWjL6h4yvsy74BMpZs5pPTIxIiX
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:19:30 2025 by rpki-client