Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hvVvA9Msg2yKgnoso6lJcz8Nyr0.roa
File: hvVvA9Msg2yKgnoso6lJcz8Nyr0.roa (raw, json)
Hash identifier: OczdPEpfbK+SQGDTYTKg+r10yqyjcNCuisQXbDfaXKI=
Subject key identifier: 86:F5:6F:03:D3:2C:83:6C:8A:82:7A:2C:A3:A9:49:73:3F:0D:CA:BD
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196391D19865CE3E176C39A0BDE1E04BF28
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hvVvA9Msg2yKgnoso6lJcz8Nyr0.roa
Signing time: Tue 15 Apr 2025 11:02:10 +0000
ROA not before: Tue 15 Apr 2025 11:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 89.144.34.0/24 maxlen: 24
94.103.172.0/24 maxlen: 24
94.103.173.0/24 maxlen: 24
94.103.174.0/24 maxlen: 24
94.249.197.0/24 maxlen: 24
94.249.198.0/24 maxlen: 24
94.249.199.0/24 maxlen: 24
94.249.200.0/24 maxlen: 24
94.249.201.0/24 maxlen: 24
94.249.202.0/24 maxlen: 24
94.249.203.0/24 maxlen: 24
94.249.204.0/24 maxlen: 24
94.249.205.0/24 maxlen: 24
94.249.206.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 10:17:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:39:1d:19:86:5c:e3:e1:76:c3:9a:0b:de:1e:04:bf:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 15 11:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86f56f03d32c836c8a827a2ca3a949733f0dcabd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:71:8b:a3:63:78:05:57:17:02:f9:6c:07:b3:
cc:6a:7a:08:fa:9e:7a:2c:67:07:fd:d3:e6:0e:e6:
63:4e:a7:82:5f:c8:73:2f:e6:49:bf:cc:06:f2:da:
0c:3b:82:1b:c5:f6:b7:5b:b6:8b:d6:77:b1:53:f6:
29:a0:e1:5e:e9:8c:f4:66:d2:df:62:f8:2c:4f:43:
1a:4d:dc:b3:90:8a:0f:ec:30:b5:6a:f9:1a:95:0b:
da:9a:12:32:46:b2:c4:c2:d8:54:69:84:05:b0:49:
78:7a:a3:e0:5d:67:45:ed:4c:60:90:cf:9d:6b:ab:
d9:47:d3:81:8c:d4:b7:e0:40:2b:ef:1f:4c:dd:a4:
31:13:5e:a1:80:7b:3f:06:76:4d:cf:87:a5:65:14:
4d:21:18:5c:c6:99:32:26:0f:0e:ed:9e:2c:ee:33:
56:3c:b6:81:66:b9:09:90:ee:ee:44:82:4f:25:57:
c4:7d:7b:fd:02:f4:ca:dd:9d:86:10:a4:39:55:06:
e4:10:9a:e4:80:62:4f:31:e9:58:62:bc:83:83:5b:
c1:c3:23:4a:01:ed:da:e5:3e:5c:56:f5:64:32:e9:
96:f1:53:b0:44:7c:d6:d3:81:17:e3:8e:72:3e:02:
69:cb:bd:eb:06:f9:45:b2:ea:b3:14:33:91:14:26:
fd:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:F5:6F:03:D3:2C:83:6C:8A:82:7A:2C:A3:A9:49:73:3F:0D:CA:BD
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/hvVvA9Msg2yKgnoso6lJcz8Nyr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.34.0/24
94.103.172.0-94.103.174.255
94.249.197.0-94.249.206.255
178.18.147.0/24
Signature Algorithm: sha256WithRSAEncryption
93:5f:5a:82:e3:eb:b7:b4:9d:d3:86:00:3b:4d:1b:3b:91:96:
bc:fc:e9:93:c6:c1:b6:f0:5b:c0:ed:a5:a6:60:17:c4:e7:f9:
53:6b:27:93:d8:f2:11:8b:49:c1:71:12:c6:b3:03:1a:70:24:
07:44:e9:fd:ea:05:d0:ef:ed:25:e4:06:08:47:b6:af:47:8f:
e3:54:60:39:93:f0:0e:8d:80:1f:0c:76:89:bc:1c:2b:40:a3:
cb:65:c4:9f:39:a3:84:3f:b2:b3:62:50:fa:ed:f7:a1:33:fb:
91:d3:37:be:fc:7a:11:b6:81:46:55:87:1c:1e:d1:9e:ab:23:
61:e5:b6:85:20:bf:87:21:48:00:c2:93:4d:93:10:b8:89:82:
c2:9d:9a:9c:50:48:28:b2:ff:fd:25:87:38:52:52:13:dd:39:
5d:b4:00:a7:0c:4b:aa:18:8b:7f:13:1a:e4:f9:d1:03:60:e0:
52:54:82:b7:2d:a9:1e:1c:5f:c2:19:01:64:03:e2:1a:f5:39:
31:be:d3:04:7a:bc:14:5f:00:3d:1c:8b:14:12:80:95:57:e4:
2a:70:fe:2f:bb:84:83:7c:9c:15:b8:d3:ff:5f:8c:63:48:2f:
15:96:32:83:c8:bd:3d:da:1a:b8:d1:81:65:c6:ca:33:b3:b7:
b8:2c:33:07
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZY5HRmGXOPhdsOaC94eBL8oMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDE1MTEwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmY1NmYwM2QzMmM4MzZjOGE4MjdhMmNhM2E5NDk3MzNmMGRjYWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHGLo2N4BVcXAvlsB7PManoI+p56
LGcH/dPmDuZjTqeCX8hzL+ZJv8wG8toMO4Ibxfa3W7aL1nexU/YpoOFe6Yz0ZtLf
YvgsT0MaTdyzkIoP7DC1avkalQvamhIyRrLEwthUaYQFsEl4eqPgXWdF7UxgkM+d
a6vZR9OBjNS34EAr7x9M3aQxE16hgHs/BnZNz4elZRRNIRhcxpkyJg8O7Z4s7jNW
PLaBZrkJkO7uRIJPJVfEfXv9AvTK3Z2GEKQ5VQbkEJrkgGJPMelYYryDg1vBwyNK
Ae3a5T5cVvVkMumW8VOwRHzW04EX445yPgJpy73rBvlFsuqzFDORFCb9xwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFIb1bwPTLINsioJ6LKOpSXM/Dcq9MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaHZWdkE5TXNnMnlLZ25vc282bEpjejhOeXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQAWZAiMAwD
BAJeZ6wDBABeZ64wDAMEAF75xQMEAF75zgMEALISkzANBgkqhkiG9w0BAQsFAAOC
AQEAk19aguPrt7Sd04YAO00bO5GWvPzpk8bBtvBbwO2lpmAXxOf5U2snk9jyEYtJ
wXESxrMDGnAkB0Tp/eoF0O/tJeQGCEe2r0eP41RgOZPwDo2AHwx2ibwcK0Cjy2XE
nzmjhD+ys2JQ+u33oTP7kdM3vvx6EbaBRlWHHB7RnqsjYeW2hSC/hyFIAMKTTZMQ
uImCwp2anFBIKLL//SWHOFJSE905XbQApwxLqhiLfxMa5PnRA2DgUlSCty2pHhxf
whkBZAPiGvU5Mb7TBHq8FF8APRyLFBKAlVfkKnD+L7uEg3ycFbjT/1+MY0gvFZYy
g8i9PdoauNGBZcbKM7O3uCwzBw==
-----END CERTIFICATE-----
Generated at Wed Jun 18 04:43:33 2025 by rpki-client