Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/hpTJEbtxgttCqTdNWuKmcUdGapc.roa
File: hpTJEbtxgttCqTdNWuKmcUdGapc.roa (raw, json)
Hash identifier: 9T2GP07ImOtxRydjZFuD8I1TkGuLHcGywcTiwCSMGFw=
Subject key identifier: 86:94:C9:11:BB:71:82:DB:42:A9:37:4D:5A:E2:A6:71:47:46:6A:97
Certificate issuer: /CN=885b857706dac54e20ca0d11bd6416cb634203b4
Certificate serial: 019755D16E43DE98910BFDD779BFD802C5AA
Authority key identifier: 88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/hpTJEbtxgttCqTdNWuKmcUdGapc.roa
Signing time: Mon 09 Jun 2025 17:51:17 +0000
ROA not before: Mon 09 Jun 2025 17:51:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30738
IP address blocks: 95.182.111.0/24 maxlen: 24
188.130.182.0/24 maxlen: 24
195.211.52.0/22 maxlen: 24
2001:1468::/32 maxlen: 33
2001:1468:8000::/36 maxlen: 36
Validation: Failed, certificate revoked on Wed 11 Jun 2025 19:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:55:d1:6e:43:de:98:91:0b:fd:d7:79:bf:d8:02:c5:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=885b857706dac54e20ca0d11bd6416cb634203b4
Validity
Not Before: Jun 9 17:51:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8694c911bb7182db42a9374d5ae2a67147466a97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:22:85:1b:a7:fe:f2:91:c5:c7:be:0b:9b:09:
1a:5d:7e:f4:87:b9:da:d7:71:e3:f4:c8:98:d0:be:
43:ef:6d:ab:7f:21:5b:eb:02:f9:2a:3a:e0:93:b7:
75:3f:cc:ac:fd:95:32:29:07:f2:33:95:7b:b3:44:
86:c2:e0:0f:45:1c:7d:02:39:ba:4c:d0:a8:b9:5a:
32:8e:48:63:cb:1a:fd:2a:ed:d5:84:d6:6b:93:6b:
29:46:54:28:69:f9:9d:ed:a8:5b:ff:22:b4:d7:a9:
61:f5:bf:96:7d:b9:39:15:3d:e3:a1:0e:97:29:02:
83:b2:45:d6:fb:c7:b7:51:71:67:80:30:9b:1c:6d:
f2:45:d0:1a:a9:b8:52:df:97:77:cf:3c:3e:99:3f:
c2:5b:f2:01:cd:d0:69:e9:f3:4c:dd:e1:11:48:50:
9c:13:57:c2:52:c4:4a:49:ac:8f:a0:cf:7c:6a:d9:
96:30:39:56:d6:58:8e:e8:f5:60:74:90:fa:9f:87:
68:e9:d1:e6:de:21:79:67:cd:06:ca:3c:38:05:22:
d5:5d:42:96:32:78:d5:af:8d:ff:1c:32:ef:65:d0:
db:6f:13:7c:75:3f:d7:26:d1:0e:45:a4:09:3b:28:
99:6b:0e:fb:c4:20:fc:8e:c5:be:7d:2a:37:14:cf:
68:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:94:C9:11:BB:71:82:DB:42:A9:37:4D:5A:E2:A6:71:47:46:6A:97
X509v3 Authority Key Identifier:
keyid:88:5B:85:77:06:DA:C5:4E:20:CA:0D:11:BD:64:16:CB:63:42:03:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/hpTJEbtxgttCqTdNWuKmcUdGapc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/321cdc-2143-4b5c-9733-16699c96dd5e/1/iFuFdwbaxU4gyg0RvWQWy2NCA7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.182.111.0/24
188.130.182.0/24
195.211.52.0/22
IPv6:
2001:1468::/32
Signature Algorithm: sha256WithRSAEncryption
00:99:a8:41:47:b6:44:84:2c:c9:85:7b:24:71:03:27:7d:27:
29:d8:c0:41:db:18:d3:30:a2:f6:d0:c0:7a:b3:37:39:7a:4d:
c9:bd:b1:53:7f:be:5e:b5:13:f5:2e:46:b5:5b:25:d2:b1:6e:
59:aa:3b:a0:6e:79:14:ae:14:38:74:e8:34:6e:23:81:f1:5a:
af:e5:f8:0d:67:e2:10:56:98:27:59:ce:aa:80:00:f7:dc:97:
f8:64:13:e1:cb:4b:79:9c:d9:d4:f6:8a:cf:8b:d6:1f:b3:45:
2e:f0:a2:63:4b:c0:8a:42:86:02:5a:61:42:2f:56:40:03:de:
c6:09:0c:15:fe:a9:6c:c0:7a:18:e0:61:74:31:d9:ce:92:dd:
99:00:79:ea:89:2b:0b:65:20:7f:6d:2f:e9:89:af:04:97:60:
4f:12:95:fc:ac:68:1a:46:0e:bd:5a:85:d0:5d:be:ec:b6:1c:
43:54:02:57:fe:44:31:3a:bc:20:d8:40:05:99:71:eb:71:ea:
7a:40:ea:bc:29:44:03:06:b0:fa:ca:f1:4c:45:c9:37:4c:42:
d1:a7:3c:be:6e:ca:15:dc:81:84:6d:84:b8:73:16:04:f0:ef:
74:cc:b7:49:77:75:ac:1a:d7:d4:4b:6f:02:5e:3f:da:43:60:
d7:c7:cc:84
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZdV0W5D3piRC/3Xeb/YAsWqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4NWI4NTc3MDZkYWM1NGUyMGNhMGQxMWJkNjQxNmNiNjM0
MjAzYjQwHhcNMjUwNjA5MTc1MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njk0YzkxMWJiNzE4MmRiNDJhOTM3NGQ1YWUyYTY3MTQ3NDY2YTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmCKFG6f+8pHFx74LmwkaXX70h7na
13Hj9MiY0L5D722rfyFb6wL5Kjrgk7d1P8ys/ZUyKQfyM5V7s0SGwuAPRRx9Ajm6
TNCouVoyjkhjyxr9Ku3VhNZrk2spRlQoafmd7ahb/yK016lh9b+Wfbk5FT3joQ6X
KQKDskXW+8e3UXFngDCbHG3yRdAaqbhS35d3zzw+mT/CW/IBzdBp6fNM3eERSFCc
E1fCUsRKSayPoM98atmWMDlW1liO6PVgdJD6n4do6dHm3iF5Z80Gyjw4BSLVXUKW
MnjVr43/HDLvZdDbbxN8dT/XJtEORaQJOyiZaw77xCD8jsW+fSo3FM9oQQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIaUyRG7cYLbQqk3TVripnFHRmqXMB8GA1UdIwQY
MBaAFIhbhXcG2sVOIMoNEb1kFstjQgO0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMt
MTY2OTljOTZkZDVlLzEvaHBUSkVidHhndHRDcVRkTld1S21jVWRHYXBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8zMjFjZGMtMjE0My00YjVjLTk3MzMtMTY2OTljOTZkZDVl
LzEvaUZ1RmR3YmF4VTRneWcwUnZXUVd5Mk5DQTdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAX7ZvAwQA
vIK2AwQCw9M0MA0EAgACMAcDBQAgARRoMA0GCSqGSIb3DQEBCwUAA4IBAQAAmahB
R7ZEhCzJhXskcQMnfScp2MBB2xjTMKL20MB6szc5ek3JvbFTf75etRP1Lka1WyXS
sW5ZqjugbnkUrhQ4dOg0biOB8Vqv5fgNZ+IQVpgnWc6qgAD33Jf4ZBPhy0t5nNnU
9orPi9Yfs0Uu8KJjS8CKQoYCWmFCL1ZAA97GCQwV/qlswHoY4GF0MdnOkt2ZAHnq
iSsLZSB/bS/pia8El2BPEpX8rGgaRg69WoXQXb7sthxDVAJX/kQxOrwg2EAFmXHr
cep6QOq8KUQDBrD6yvFMRck3TELRpzy+bsoV3IGEbYS4cxYE8O90zLdJd3WsGtfU
S28CXj/aQ2DXx8yE
-----END CERTIFICATE-----
Generated at Sun Jun 15 18:58:13 2025 by rpki-client