Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/1HJEXMgGIgYG__fdsCJaT1mzDHM.roa
File: 1HJEXMgGIgYG__fdsCJaT1mzDHM.roa (raw, json)
Hash identifier: 9/skvlcgJdp5uULv364hg6RpDXzehqS+VAfYA9qJBM8=
Subject key identifier: D4:72:44:5C:C8:06:22:06:06:FF:F7:DD:B0:22:5A:4F:59:B3:0C:73
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 01954C9AACB8BE6BE61655CC8AC2FF1C7976
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/1HJEXMgGIgYG__fdsCJaT1mzDHM.roa
Signing time: Fri 28 Feb 2025 12:49:19 +0000
ROA not before: Fri 28 Feb 2025 12:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39150
IP address blocks: 91.196.136.0/24 maxlen: 24
91.196.137.0/24 maxlen: 24
91.196.138.0/24 maxlen: 24
91.196.139.0/24 maxlen: 24
93.179.68.0/23 maxlen: 23
93.179.69.0/24 maxlen: 24
93.179.120.0/24 maxlen: 24
95.85.83.128/25 maxlen: 25
95.181.213.0/24 maxlen: 24
109.196.133.0/24 maxlen: 24
195.182.8.0/24 maxlen: 24
2a04:8680::/32 maxlen: 32
2a04:8681::/32 maxlen: 32
2a09:d5c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 14 Mar 2025 20:21:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:9a:ac:b8:be:6b:e6:16:55:cc:8a:c2:ff:1c:79:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Feb 28 12:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d472445cc806220606fff7ddb0225a4f59b30c73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:39:91:6f:d7:61:b9:1b:26:85:80:cd:50:23:
b3:e3:54:f9:13:47:7f:8c:15:3a:b2:eb:f7:f8:bf:
76:b5:b7:62:b5:e4:da:c4:36:1a:e4:ed:98:88:0c:
93:0b:a1:67:25:f9:37:92:35:e6:1a:90:b9:c3:45:
a9:d5:b5:6a:19:d9:74:3d:cd:b6:f1:d6:06:c7:f5:
d9:b3:74:94:03:45:92:78:55:ad:4a:d3:7d:23:67:
24:25:00:8b:d6:7b:1a:42:0a:3b:ab:95:e1:3e:d3:
40:45:28:c8:f5:3a:58:3c:db:6e:01:bb:e3:ea:27:
f8:02:a6:c6:4c:a0:ec:13:d9:7c:8c:95:ee:b4:f8:
7b:d0:ba:1c:b1:4a:d6:20:8e:b6:50:30:6d:2f:aa:
98:7f:c9:3a:91:d2:82:a5:64:e7:c6:ef:5f:7b:99:
35:30:e3:ac:20:46:5e:d0:07:08:03:8f:03:f4:9b:
0a:de:41:37:4b:19:18:af:04:08:63:6d:7e:b5:60:
23:5f:45:4f:75:c1:86:2b:dc:40:3e:54:c6:37:7d:
4b:17:89:77:62:ea:d1:7e:a0:f4:80:f9:ea:0b:c1:
70:da:ff:06:fe:27:cf:1e:af:20:ba:b6:50:8a:f7:
37:af:13:bd:da:c5:ff:7e:1e:26:ab:94:b2:76:ff:
da:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:72:44:5C:C8:06:22:06:06:FF:F7:DD:B0:22:5A:4F:59:B3:0C:73
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/1HJEXMgGIgYG__fdsCJaT1mzDHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.136.0/22
93.179.68.0/23
93.179.120.0/24
95.85.83.128/25
95.181.213.0/24
109.196.133.0/24
195.182.8.0/24
IPv6:
2a04:8680::/31
2a09:d5c0::/32
Signature Algorithm: sha256WithRSAEncryption
a9:f6:ee:9d:24:24:55:7f:0c:9c:c9:eb:6c:2a:c5:4c:46:ca:
8a:ba:05:0d:1e:c0:75:31:fd:8d:43:b7:b7:95:9f:a7:82:26:
36:e8:98:fc:dc:9a:ac:0f:a0:af:03:f3:8b:62:d2:be:fa:5d:
64:d3:8f:29:fc:db:e5:8d:b4:b0:9a:48:67:1a:0d:b6:a5:de:
c8:a1:b9:10:67:12:05:ab:ab:f5:43:e1:99:70:67:8a:ce:b5:
94:bf:37:a6:b2:bd:f9:07:0a:63:e9:2e:5d:b8:18:f6:62:7e:
c3:74:74:a0:c6:e6:3b:38:51:4e:fc:70:9b:c6:42:d8:53:21:
90:2c:09:38:8f:d5:5e:18:b6:fd:25:fc:aa:4d:2d:4a:ce:f4:
91:b2:4c:34:43:02:4a:4a:00:8b:d8:34:48:44:49:b0:5e:86:
6c:d3:ef:68:4b:ad:db:a1:0d:53:9b:a3:44:d9:da:01:99:7d:
7b:05:f8:73:6c:95:28:8d:a6:8e:8c:3a:b1:88:35:cf:95:dd:
97:4d:56:8b:2e:dc:43:87:6d:74:60:3b:fd:83:64:16:08:6f:
6e:96:a0:37:6d:7b:19:d6:4b:ff:85:0f:c8:36:72:23:50:f1:
e5:5f:73:4e:0f:c5:3c:9b:37:07:d0:5d:57:34:cb:6f:3c:f7:
12:6f:e2:fc
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZVMmqy4vmvmFlXMisL/HHl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwMjI4MTI0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDcyNDQ1Y2M4MDYyMjA2MDZmZmY3ZGRiMDIyNWE0ZjU5YjMwYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDmRb9dhuRsmhYDNUCOz41T5E0d/
jBU6suv3+L92tbditeTaxDYa5O2YiAyTC6FnJfk3kjXmGpC5w0Wp1bVqGdl0Pc22
8dYGx/XZs3SUA0WSeFWtStN9I2ckJQCL1nsaQgo7q5XhPtNARSjI9TpYPNtuAbvj
6if4AqbGTKDsE9l8jJXutPh70LocsUrWII62UDBtL6qYf8k6kdKCpWTnxu9fe5k1
MOOsIEZe0AcIA48D9JsK3kE3SxkYrwQIY21+tWAjX0VPdcGGK9xAPlTGN31LF4l3
YurRfqD0gPnqC8Fw2v8G/ifPHq8gurZQivc3rxO92sX/fh4mq5Sydv/aBwIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFNRyRFzIBiIGBv/33bAiWk9ZswxzMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvMUhKRVhNZ0dJZ1lHX19mZHNDSmFUMW16REhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTAxBAIAATArAwQCW8SIAwQB
XbNEAwQAXbN4AwUHX1VTgAMEAF+11QMEAG3EhQMEAMO2CDAUBAIAAjAOAwUBKgSG
gAMFACoJ1cAwDQYJKoZIhvcNAQELBQADggEBAKn27p0kJFV/DJzJ62wqxUxGyoq6
BQ0ewHUx/Y1Dt7eVn6eCJjbomPzcmqwPoK8D84ti0r76XWTTjyn82+WNtLCaSGca
Dbal3sihuRBnEgWrq/VD4ZlwZ4rOtZS/N6ayvfkHCmPpLl24GPZifsN0dKDG5js4
UU78cJvGQthTIZAsCTiP1V4Ytv0l/KpNLUrO9JGyTDRDAkpKAIvYNEhESbBehmzT
72hLrduhDVObo0TZ2gGZfXsF+HNslSiNpo6MOrGINc+V3ZdNVosu3EOHbXRgO/2D
ZBYIb26WoDdtexnWS/+FD8g2ciNQ8eVfc04PxTybNwfQXVc0y2889xJv4vw=
-----END CERTIFICATE-----
Generated at Mon Apr 28 07:07:29 2025 by rpki-client