Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/HTMnx-UdyLMV6KIKzqz1Btmwr5Q.roa
File: HTMnx-UdyLMV6KIKzqz1Btmwr5Q.roa (raw, json)
Hash identifier: xihpgZXQaWLdhsTIJJ4h7dG0maLfJNwu+ecFpWz+/+4=
Subject key identifier: 1D:33:27:C7:E5:1D:C8:B3:15:E8:A2:0A:CE:AC:F5:06:D9:B0:AF:94
Certificate issuer: /CN=464dcfa96399716692d245a804887c09da451f8f
Certificate serial: 0194D655FAA7E9F3E362A239558156DEDB4D
Authority key identifier: 46:4D:CF:A9:63:99:71:66:92:D2:45:A8:04:88:7C:09:DA:45:1F:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Rk3PqWOZcWaS0kWoBIh8CdpFH48.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/HTMnx-UdyLMV6KIKzqz1Btmwr5Q.roa
Signing time: Wed 05 Feb 2025 13:39:06 +0000
ROA not before: Wed 05 Feb 2025 13:39:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51173
IP address blocks: 37.203.48.0/24 maxlen: 24
37.203.49.0/24 maxlen: 24
37.203.50.0/24 maxlen: 24
37.203.51.0/24 maxlen: 24
37.203.52.0/24 maxlen: 24
37.203.53.0/24 maxlen: 24
89.106.136.0/24 maxlen: 24
89.106.137.0/24 maxlen: 24
89.106.138.0/24 maxlen: 24
89.106.139.0/24 maxlen: 24
89.106.140.0/24 maxlen: 24
89.106.141.0/24 maxlen: 24
89.106.142.0/24 maxlen: 24
89.106.143.0/24 maxlen: 24
185.94.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 11:07:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:55:fa:a7:e9:f3:e3:62:a2:39:55:81:56:de:db:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464dcfa96399716692d245a804887c09da451f8f
Validity
Not Before: Feb 5 13:39:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d3327c7e51dc8b315e8a20aceacf506d9b0af94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:3c:38:fd:fb:b3:01:84:13:45:64:74:03:5c:
de:0e:c7:01:10:ad:7c:d5:08:85:67:cc:88:24:04:
29:44:a8:5d:ee:22:cf:4f:44:71:9e:f0:04:dd:92:
68:cf:c9:63:a0:b4:0d:72:7a:4f:a5:bf:42:ae:68:
72:cf:c7:0b:62:5a:50:81:30:c7:b7:9b:74:4d:57:
26:7f:c8:b8:35:f9:b7:81:ac:a3:8f:a3:61:07:37:
ff:69:b5:db:04:4e:04:29:96:fe:37:c2:77:43:35:
7d:f6:b1:da:26:27:86:98:9d:bb:a4:01:05:fe:81:
48:23:5a:dd:39:23:bf:03:e3:7e:97:26:f1:20:d1:
9d:cf:c6:93:3c:be:2e:c3:28:9f:68:59:56:69:3e:
24:af:85:09:01:f7:4b:a1:de:e2:08:6b:f7:c5:ab:
16:c9:34:05:c5:24:d0:66:d9:73:b2:b1:8e:d5:ee:
23:c5:7b:72:8b:72:9b:59:95:d6:12:39:e3:b6:a1:
0e:95:d2:50:a6:bd:3f:7d:5d:d5:52:57:b6:41:79:
76:39:3b:3c:f5:6a:43:da:3b:9d:38:83:40:54:e7:
af:27:62:da:bd:fe:31:a9:7e:96:17:69:06:ff:93:
bc:b9:f3:b4:4a:86:62:51:9c:bc:29:6d:68:4b:56:
c2:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:33:27:C7:E5:1D:C8:B3:15:E8:A2:0A:CE:AC:F5:06:D9:B0:AF:94
X509v3 Authority Key Identifier:
keyid:46:4D:CF:A9:63:99:71:66:92:D2:45:A8:04:88:7C:09:DA:45:1F:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Rk3PqWOZcWaS0kWoBIh8CdpFH48.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/HTMnx-UdyLMV6KIKzqz1Btmwr5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6be5a6-eb0e-44b4-b6a7-af1f36811098/1/Rk3PqWOZcWaS0kWoBIh8CdpFH48.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.203.48.0-37.203.53.255
89.106.136.0/21
185.94.46.0/24
Signature Algorithm: sha256WithRSAEncryption
34:c8:51:37:0f:e0:38:e8:0b:9d:b5:52:42:77:76:b1:3e:03:
e6:e0:bc:96:86:18:e5:89:06:ba:c2:a9:c0:42:89:07:1f:81:
23:0d:b4:fc:78:41:83:96:b8:68:58:61:72:82:54:2e:86:f4:
fb:ca:48:7a:61:f2:8f:05:f3:94:40:d0:1c:60:f5:ba:0a:c6:
6f:20:e3:d4:c2:ec:11:21:a2:75:3e:a1:da:4e:54:17:88:85:
1b:b1:3d:b5:fc:49:a7:8f:f4:61:46:69:e2:42:e7:d9:11:14:
4f:92:fb:80:aa:40:b7:18:d8:bc:b7:d5:d2:e3:cc:a4:47:19:
6f:9c:17:ff:73:79:56:00:e8:e9:8d:14:46:d1:c8:da:9a:24:
ee:1c:e8:ca:e0:ca:1e:0e:11:e3:b7:11:ab:c5:01:06:68:e0:
5a:dd:7f:e3:84:d0:e7:81:9e:21:36:c0:a4:bf:38:30:1b:ab:
67:13:17:3b:54:d1:9f:a9:7d:1b:ec:b6:7f:0c:41:24:14:17:
c1:34:d9:f6:dc:e1:e1:ed:52:57:ff:45:40:e7:71:b8:39:7b:
e6:42:67:e4:df:63:6a:e5:45:6e:5f:07:8d:55:41:da:f5:94:
ef:33:a9:a0:6e:d2:20:11:6e:eb:69:8c:94:30:44:15:34:9b:
d6:08:2b:53
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZTWVfqn6fPjYqI5VYFW3ttNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NGRjZmE5NjM5OTcxNjY5MmQyNDVhODA0ODg3YzA5ZGE0
NTFmOGYwHhcNMjUwMjA1MTMzOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMzMjdjN2U1MWRjOGIzMTVlOGEyMGFjZWFjZjUwNmQ5YjBhZjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTw4/fuzAYQTRWR0A1zeDscBEK18
1QiFZ8yIJAQpRKhd7iLPT0RxnvAE3ZJoz8ljoLQNcnpPpb9Crmhyz8cLYlpQgTDH
t5t0TVcmf8i4Nfm3gayjj6NhBzf/abXbBE4EKZb+N8J3QzV99rHaJieGmJ27pAEF
/oFII1rdOSO/A+N+lybxINGdz8aTPL4uwyifaFlWaT4kr4UJAfdLod7iCGv3xasW
yTQFxSTQZtlzsrGO1e4jxXtyi3KbWZXWEjnjtqEOldJQpr0/fV3VUle2QXl2OTs8
9WpD2judOINAVOevJ2Lavf4xqX6WF2kG/5O8ufO0SoZiUZy8KW1oS1bCgQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFB0zJ8flHcizFeiiCs6s9QbZsK+UMB8GA1UdIwQY
MBaAFEZNz6ljmXFmktJFqASIfAnaRR+PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmszUHFXT1pjV2FTMGtXb0JJaDhDZHBGSDQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82YmU1YTYtZWIwZS00NGI0LWI2YTct
YWYxZjM2ODExMDk4LzEvSFRNbngtVWR5TE1WNktJS3pxejFCdG13cjVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82YmU1YTYtZWIwZS00NGI0LWI2YTctYWYxZjM2ODExMDk4
LzEvUmszUHFXT1pjV2FTMGtXb0JJaDhDZHBGSDQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAQlyzAD
BAElyzQDBANZaogDBAC5Xi4wDQYJKoZIhvcNAQELBQADggEBADTIUTcP4DjoC521
UkJ3drE+A+bgvJaGGOWJBrrCqcBCiQcfgSMNtPx4QYOWuGhYYXKCVC6G9PvKSHph
8o8F85RA0Bxg9boKxm8g49TC7BEhonU+odpOVBeIhRuxPbX8SaeP9GFGaeJC59kR
FE+S+4CqQLcY2Ly31dLjzKRHGW+cF/9zeVYA6OmNFEbRyNqaJO4c6Mrgyh4OEeO3
EavFAQZo4Frdf+OE0OeBniE2wKS/ODAbq2cTFztU0Z+pfRvstn8MQSQUF8E02fbc
4eHtUlf/RUDncbg5e+ZCZ+TfY2rlRW5fB41VQdr1lO8zqaBu0iARbutpjJQwRBU0
m9YIK1M=
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:59:03 2025 by rpki-client