Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/hlt96U4df2BBNDIKCXm3S72Wn4o.roa
File: hlt96U4df2BBNDIKCXm3S72Wn4o.roa (raw, json)
Hash identifier: U42NbrrNm9zFrfUbR8anjA6UruHVA1BJf/L3t0ypYQ4=
Subject key identifier: 86:5B:7D:E9:4E:1D:7F:60:41:34:32:0A:09:79:B7:4B:BD:96:9F:8A
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 019428281F767656F41735ABEBE8F122F4D0
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/hlt96U4df2BBNDIKCXm3S72Wn4o.roa
Signing time: Thu 02 Jan 2025 17:55:05 +0000
ROA not before: Thu 02 Jan 2025 17:55:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59484
IP address blocks: 87.227.140.0/24 maxlen: 24
151.251.32.0/22 maxlen: 22
151.251.40.0/24 maxlen: 24
151.251.41.0/24 maxlen: 24
151.251.42.0/24 maxlen: 24
151.251.60.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 20 Jan 2025 07:41:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:28:1f:76:76:56:f4:17:35:ab:eb:e8:f1:22:f4:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 2 17:55:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=865b7de94e1d7f604134320a0979b74bbd969f8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1d:8c:06:8e:2f:a7:30:df:0e:0e:00:95:2d:
bf:7a:5a:16:e5:8b:22:aa:31:10:a8:83:a0:09:f6:
fe:ec:62:52:bc:00:ee:d1:48:f6:67:4b:fa:0e:21:
0a:d3:8f:53:05:1f:f1:03:84:60:76:61:9c:ff:b2:
66:91:05:e2:f2:fb:6b:94:80:88:70:24:20:76:af:
04:e7:0c:ec:b8:e2:62:08:09:9f:a5:31:32:4e:bb:
71:69:49:e4:40:9f:e4:38:08:7e:3a:64:c7:c1:0e:
ca:e7:6f:05:6f:24:53:b4:6a:77:89:86:57:2b:47:
e1:f8:ca:df:71:79:85:31:e5:8f:6f:f9:e5:cf:86:
74:27:9d:d1:f8:d1:3b:70:62:dc:52:27:64:d2:2f:
83:fb:3d:3c:83:c6:ec:23:92:b4:e9:43:88:47:49:
bf:15:db:6a:11:8b:1f:47:a5:81:d2:15:8e:6b:4a:
62:e2:18:9f:1b:93:de:00:a5:b3:82:cb:4f:6d:c1:
aa:ed:44:bb:ff:b0:a2:06:f2:0e:a5:9a:1e:e0:eb:
ad:e9:c0:aa:54:01:e0:5e:9c:46:23:88:cd:f1:4d:
d1:69:96:f5:33:a5:11:29:20:8e:f4:ec:79:6e:74:
c6:fd:1f:59:c5:61:57:be:b0:ab:d5:70:e9:7d:3e:
69:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:5B:7D:E9:4E:1D:7F:60:41:34:32:0A:09:79:B7:4B:BD:96:9F:8A
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/hlt96U4df2BBNDIKCXm3S72Wn4o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.227.140.0/24
151.251.32.0/22
151.251.40.0-151.251.42.255
151.251.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:74:58:d5:a9:e5:64:98:68:c1:5b:cc:08:b5:53:a4:51:e5:
9d:50:0a:2e:7e:50:b1:1d:1d:a8:c3:d4:78:b8:cf:03:c6:d4:
a4:59:f5:0d:22:ae:e8:b7:3f:92:96:09:5b:48:3e:19:0b:c0:
14:27:69:3a:13:f2:df:10:53:f6:ca:3d:0b:7c:a4:07:68:bd:
41:7e:50:28:09:cf:49:b5:ba:a8:42:cc:db:ad:a0:8d:46:50:
58:47:c0:eb:81:0c:09:a1:a0:de:d4:a7:13:03:93:96:e8:ff:
6d:99:fb:be:73:6b:9a:ef:69:c2:2e:31:c0:f3:59:12:4d:1b:
5c:48:d1:24:7a:e8:7f:06:22:6c:bb:c0:43:23:9c:2e:09:16:
eb:b4:e0:e3:b4:d6:3b:8d:cc:b7:18:8c:4e:77:8d:07:05:99:
92:85:2b:1c:8c:d1:5f:aa:c5:f1:24:78:8f:e5:84:41:1f:e5:
e1:3a:ef:da:36:35:84:2c:12:e4:08:bd:eb:f0:7a:97:59:67:
39:ce:75:82:4c:c8:98:1f:89:dc:01:d2:27:ba:60:05:b6:8e:
ad:40:78:15:e9:86:36:e5:99:a2:de:1c:3d:3d:84:4c:22:3c:
f5:ad:23:28:c9:ae:0c:20:e9:d7:1b:6e:0c:85:34:61:ce:e7:
a6:b4:09:43
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQoKB92dlb0FzWr6+jxIvTQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwMTAyMTc1NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjViN2RlOTRlMWQ3ZjYwNDEzNDMyMGEwOTc5Yjc0YmJkOTY5ZjhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyR2MBo4vpzDfDg4AlS2/eloW5Ysi
qjEQqIOgCfb+7GJSvADu0Uj2Z0v6DiEK049TBR/xA4RgdmGc/7JmkQXi8vtrlICI
cCQgdq8E5wzsuOJiCAmfpTEyTrtxaUnkQJ/kOAh+OmTHwQ7K528FbyRTtGp3iYZX
K0fh+MrfcXmFMeWPb/nlz4Z0J53R+NE7cGLcUidk0i+D+z08g8bsI5K06UOIR0m/
FdtqEYsfR6WB0hWOa0pi4hifG5PeAKWzgstPbcGq7US7/7CiBvIOpZoe4Out6cCq
VAHgXpxGI4jN8U3RaZb1M6URKSCO9Ox5bnTG/R9ZxWFXvrCr1XDpfT5pUQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFIZbfelOHX9gQTQyCgl5t0u9lp+KMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvaGx0OTZVNGRmMkJCTkRJS0NYbTNTNzJXbjRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAV+OMAwQC
l/sgMAwDBAOX+ygDBACX+yoDBACX+zwwDQYJKoZIhvcNAQELBQADggEBADx0WNWp
5WSYaMFbzAi1U6RR5Z1QCi5+ULEdHajD1Hi4zwPG1KRZ9Q0irui3P5KWCVtIPhkL
wBQnaToT8t8QU/bKPQt8pAdovUF+UCgJz0m1uqhCzNutoI1GUFhHwOuBDAmhoN7U
pxMDk5bo/22Z+75za5rvacIuMcDzWRJNG1xI0SR66H8GImy7wEMjnC4JFuu04OO0
1juNzLcYjE53jQcFmZKFKxyM0V+qxfEkeI/lhEEf5eE679o2NYQsEuQIvevwepdZ
ZznOdYJMyJgfidwB0ie6YAW2jq1AeBXphjblmaLeHD09hEwiPPWtIyjJrgwg6dcb
bgyFNGHO56a0CUM=
-----END CERTIFICATE-----
Generated at Mon Apr 28 12:40:27 2025 by rpki-client