Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ehiEGyzGfHP1eYfIFnwAdihLKW8.roa
File: ehiEGyzGfHP1eYfIFnwAdihLKW8.roa (raw, json)
Hash identifier: UskPJCInKisiCGIP5P1O/APPySfKSbRuXCaotsgQZvo=
Subject key identifier: 7A:18:84:1B:2C:C6:7C:73:F5:79:87:C8:16:7C:00:76:28:4B:29:6F
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0195BBACAA06ED3E2C6B3E55CF835B33BC11
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ehiEGyzGfHP1eYfIFnwAdihLKW8.roa
Signing time: Sat 22 Mar 2025 02:26:49 +0000
ROA not before: Sat 22 Mar 2025 02:26:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56619
IP address blocks: 90.188.192.0/24 maxlen: 24
94.233.176.0/24 maxlen: 24
94.233.177.0/24 maxlen: 24
176.208.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 01:19:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:bb:ac:aa:06:ed:3e:2c:6b:3e:55:cf:83:5b:33:bc:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Mar 22 02:26:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7a18841b2cc67c73f57987c8167c0076284b296f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:3a:b1:a0:ef:28:73:8c:08:9a:8e:46:5b:
17:78:f0:30:88:06:25:35:6b:c6:37:3b:bb:03:85:
6c:fb:03:dd:18:ba:6e:8c:51:d9:2a:35:82:ac:86:
2e:a2:b6:7e:67:a8:ab:2b:34:70:b0:1d:87:cc:4c:
aa:fb:e7:c3:7a:71:87:af:f8:a4:30:71:b7:79:72:
73:cc:8c:90:2b:f5:b3:bf:11:75:ea:68:ad:8f:26:
46:57:4b:d7:7e:cd:02:31:bc:03:c7:8f:a0:c6:7b:
ed:8c:99:90:48:28:a6:00:1b:48:3e:2a:ad:0e:71:
04:fe:7e:bd:bb:31:f3:62:69:cd:d7:37:65:43:48:
6f:a9:cd:c9:0b:4c:30:1b:8d:45:f7:aa:c4:6f:1b:
b8:d8:80:cf:34:85:59:40:26:1c:1d:bc:e5:ca:a0:
01:91:93:94:9a:94:a6:e1:13:0a:2e:7a:0c:c9:30:
86:a3:2e:c4:f6:4d:0a:79:a5:72:9a:fc:3a:b6:48:
83:9a:c5:46:39:8b:6b:f3:c2:67:25:e5:c9:73:72:
79:44:36:f2:0f:fa:14:10:9c:5f:68:64:43:18:ba:
50:3e:7a:a2:cc:98:10:ed:db:6b:04:e5:43:a8:02:
d5:02:7c:c8:c0:03:4a:1a:dc:da:b8:cb:23:2f:39:
0e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:18:84:1B:2C:C6:7C:73:F5:79:87:C8:16:7C:00:76:28:4B:29:6F
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ehiEGyzGfHP1eYfIFnwAdihLKW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.188.192.0/24
94.233.176.0/23
176.208.94.0/24
Signature Algorithm: sha256WithRSAEncryption
34:f8:35:8a:34:2b:75:bd:a9:d6:7d:68:b6:f1:ff:7b:e9:e9:
66:37:8b:03:89:b4:37:83:cd:00:8d:ee:1c:58:49:4d:c2:c2:
b6:f9:bc:32:f0:3e:50:b2:3f:1d:0d:b8:5f:01:ab:12:64:a3:
2d:f6:04:93:26:04:75:18:19:d9:c4:90:ae:61:54:00:1b:4a:
fe:5c:75:8f:22:13:a0:8e:59:71:7f:4f:41:09:3e:7d:64:61:
4e:f7:5f:24:87:54:c0:d1:04:1b:4d:46:9e:5e:f1:76:ae:ea:
0e:42:fb:e7:18:08:c6:28:5a:ba:11:0a:65:7b:d3:6e:ed:0e:
46:ac:99:c2:19:ea:90:fb:9a:03:3f:f3:17:8c:d1:7a:61:db:
c6:2a:ec:81:d5:c3:84:84:b4:73:f2:b2:73:c8:b4:d5:b9:75:
9f:d1:4f:e4:23:6a:c7:99:9c:1b:da:da:d9:57:8d:4f:63:b4:
08:79:63:17:f8:3e:c0:07:4e:56:96:96:6d:e7:72:e5:4d:43:
28:96:b8:7d:06:ff:ac:9d:20:b5:8d:61:53:e2:66:53:5a:52:
6a:d6:0a:4a:b6:e7:86:4a:a0:68:2f:e6:33:bc:d3:ce:e3:96:
bf:29:e6:58:ab:56:67:24:0a:4a:d7:74:7f:4a:2a:82:b9:f0:
8f:f1:45:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZW7rKoG7T4saz5Vz4NbM7wRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMzIyMDIyNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTE4ODQxYjJjYzY3YzczZjU3OTg3YzgxNjdjMDA3NjI4NGIyOTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbw6saDvKHOMCJqORlsXePAwiAYl
NWvGNzu7A4Vs+wPdGLpujFHZKjWCrIYuorZ+Z6irKzRwsB2HzEyq++fDenGHr/ik
MHG3eXJzzIyQK/WzvxF16mitjyZGV0vXfs0CMbwDx4+gxnvtjJmQSCimABtIPiqt
DnEE/n69uzHzYmnN1zdlQ0hvqc3JC0wwG41F96rEbxu42IDPNIVZQCYcHbzlyqAB
kZOUmpSm4RMKLnoMyTCGoy7E9k0KeaVymvw6tkiDmsVGOYtr88JnJeXJc3J5RDby
D/oUEJxfaGRDGLpQPnqizJgQ7dtrBOVDqALVAnzIwANKGtzauMsjLzkOEwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHoYhBssxnxz9XmHyBZ8AHYoSylvMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvZWhpRUd5ekdmSFAxZVlmSUZud0FkaWhMS1c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWrzAAwQB
XumwAwQAsNBeMA0GCSqGSIb3DQEBCwUAA4IBAQA0+DWKNCt1vanWfWi28f976elm
N4sDibQ3g80Aje4cWElNwsK2+bwy8D5Qsj8dDbhfAasSZKMt9gSTJgR1GBnZxJCu
YVQAG0r+XHWPIhOgjllxf09BCT59ZGFO918kh1TA0QQbTUaeXvF2ruoOQvvnGAjG
KFq6EQple9Nu7Q5GrJnCGeqQ+5oDP/MXjNF6YdvGKuyB1cOEhLRz8rJzyLTVuXWf
0U/kI2rHmZwb2trZV41PY7QIeWMX+D7AB05WlpZt53LlTUMolrh9Bv+snSC1jWFT
4mZTWlJq1gpKtueGSqBoL+YzvNPO45a/KeZYq1ZnJApK13R/SiqCufCP8UVQ
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:29:57 2025 by rpki-client