Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/HfWnLU5wC6v6kdZP5S4mm1cV-wQ.roa
File: HfWnLU5wC6v6kdZP5S4mm1cV-wQ.roa (raw, json)
Hash identifier: 1FQOlHhYBDbjH2KEBj2J9fYt11yLpQ822rF1r2oICe0=
Subject key identifier: 1D:F5:A7:2D:4E:70:0B:AB:FA:91:D6:4F:E5:2E:26:9B:57:15:FB:04
Certificate issuer: /CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Certificate serial: 0194E3F6F6CD608B58706237CF58545651E7
Authority key identifier: A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/HfWnLU5wC6v6kdZP5S4mm1cV-wQ.roa
Signing time: Sat 08 Feb 2025 05:10:00 +0000
ROA not before: Sat 08 Feb 2025 05:10:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 932
IP address blocks: 88.218.192.0/24 maxlen: 24
88.218.194.0/23 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Feb 2025 06:24:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:e3:f6:f6:cd:60:8b:58:70:62:37:cf:58:54:56:51:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a576eb2cc462e6e4bf0de69b9f634875debbaae2
Validity
Not Before: Feb 8 05:10:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1df5a72d4e700babfa91d64fe52e269b5715fb04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a6:47:6d:79:e4:97:c6:95:57:4c:d2:a0:c0:
e2:00:17:89:0b:97:9f:20:85:90:d3:db:80:61:ef:
2e:f2:0d:74:d0:b7:8c:50:1d:5b:43:23:37:52:59:
5f:bb:20:ea:ca:e3:c3:89:3f:ce:f5:02:2d:0d:c4:
68:3d:be:53:a9:0e:70:55:75:c0:f4:6f:6f:17:1e:
b9:a4:03:4b:23:24:74:80:9e:a4:23:eb:4b:a5:57:
54:1f:c7:7b:63:7d:94:aa:29:6a:56:f2:75:a6:2c:
93:ca:42:92:ca:eb:4d:5e:9a:ef:6a:97:f4:17:02:
7f:e7:5f:92:fc:d8:e2:c3:eb:36:2c:08:92:4a:4b:
3d:8e:e6:61:1a:29:4d:6e:51:83:06:9f:81:57:f8:
86:17:d9:f4:90:cc:52:fd:e6:e7:cc:21:3c:f2:b7:
b0:08:a6:a5:04:ae:f4:f7:a0:e9:e3:67:6f:85:02:
de:43:ed:22:6d:5b:1d:52:0b:cb:3d:94:57:f5:3c:
fe:a0:c2:5c:a3:75:72:54:5d:21:d7:10:fa:da:90:
39:81:d1:8c:72:dc:34:03:f9:bc:82:93:d5:79:0d:
29:ec:3c:5d:95:05:e8:a1:89:74:b9:1c:43:51:68:
69:16:03:6c:10:3b:12:63:1d:74:d0:4d:c5:21:bc:
55:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:F5:A7:2D:4E:70:0B:AB:FA:91:D6:4F:E5:2E:26:9B:57:15:FB:04
X509v3 Authority Key Identifier:
keyid:A5:76:EB:2C:C4:62:E6:E4:BF:0D:E6:9B:9F:63:48:75:DE:BB:AA:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pXbrLMRi5uS_Deabn2NIdd67quI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/HfWnLU5wC6v6kdZP5S4mm1cV-wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/931927-9f38-41b6-87fa-254acd92b4e1/1/pXbrLMRi5uS_Deabn2NIdd67quI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.192.0/24
88.218.194.0/23
Signature Algorithm: sha256WithRSAEncryption
15:cd:47:ad:58:75:d1:6d:de:3b:12:01:10:e4:18:49:7e:f6:
1f:de:dd:37:bc:71:53:3b:24:d3:fd:33:20:d5:b8:dc:fa:08:
51:2e:ba:4a:3f:a7:b2:24:fc:52:d1:4e:bc:f2:0c:c6:6c:06:
99:81:05:99:e6:c0:29:28:30:9c:be:42:9f:44:16:91:87:1e:
37:af:32:d4:42:bd:e8:85:ed:a7:ac:fe:9a:6b:02:61:aa:00:
a4:49:e2:ba:dc:d8:67:08:af:5d:5c:5e:4f:5e:1d:4c:da:16:
ed:51:52:8f:a5:76:8a:f6:c8:07:19:ec:f6:37:d5:0b:ce:b6:
30:3e:1d:f6:65:7a:fb:01:81:bb:3a:f6:b1:b8:8c:d7:dc:36:
15:43:07:23:44:98:73:e9:f0:63:63:c2:88:f7:c0:9e:26:d0:
7b:b5:2e:35:e4:24:9b:27:70:8f:3b:51:d2:ae:ac:85:5f:aa:
49:d7:dc:8e:bb:f2:0e:66:06:6e:80:bf:dc:61:c2:6d:70:33:
bf:4f:af:eb:cd:cb:83:e2:c2:a6:41:95:a4:d4:5c:8b:57:35:
57:99:9b:8b:8c:bf:fc:a1:90:6f:21:2e:11:8c:86:55:9d:fb:
e0:34:34:21:bf:45:5a:25:e4:ff:e4:e6:0c:a8:67:09:81:c0:
54:b3:75:41
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTj9vbNYItYcGI3z1hUVlHnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NzZlYjJjYzQ2MmU2ZTRiZjBkZTY5YjlmNjM0ODc1ZGVi
YmFhZTIwHhcNMjUwMjA4MDUxMDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGY1YTcyZDRlNzAwYmFiZmE5MWQ2NGZlNTJlMjY5YjU3MTVmYjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1aZHbXnkl8aVV0zSoMDiABeJC5ef
IIWQ09uAYe8u8g100LeMUB1bQyM3UllfuyDqyuPDiT/O9QItDcRoPb5TqQ5wVXXA
9G9vFx65pANLIyR0gJ6kI+tLpVdUH8d7Y32UqilqVvJ1piyTykKSyutNXprvapf0
FwJ/51+S/Njiw+s2LAiSSks9juZhGilNblGDBp+BV/iGF9n0kMxS/ebnzCE88rew
CKalBK7096Dp42dvhQLeQ+0ibVsdUgvLPZRX9Tz+oMJco3VyVF0h1xD62pA5gdGM
ctw0A/m8gpPVeQ0p7DxdlQXooYl0uRxDUWhpFgNsEDsSYx100E3FIbxVuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB31py1OcAur+pHWT+UuJptXFfsEMB8GA1UdIwQY
MBaAFKV26yzEYubkvw3mm59jSHXeu6riMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEt
MjU0YWNkOTJiNGUxLzEvSGZXbkxVNXdDNnY2a2RaUDVTNG1tMWNWLXdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny85MzE5MjctOWYzOC00MWI2LTg3ZmEtMjU0YWNkOTJiNGUx
LzEvcFhickxNUmk1dVNfRGVhYm4yTklkZDY3cXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWNrAAwQB
WNrCMA0GCSqGSIb3DQEBCwUAA4IBAQAVzUetWHXRbd47EgEQ5BhJfvYf3t03vHFT
OyTT/TMg1bjc+ghRLrpKP6eyJPxS0U688gzGbAaZgQWZ5sApKDCcvkKfRBaRhx43
rzLUQr3ohe2nrP6aawJhqgCkSeK63NhnCK9dXF5PXh1M2hbtUVKPpXaK9sgHGez2
N9ULzrYwPh32ZXr7AYG7OvaxuIzX3DYVQwcjRJhz6fBjY8KI98CeJtB7tS415CSb
J3CPO1HSrqyFX6pJ19yOu/IOZgZugL/cYcJtcDO/T6/rzcuD4sKmQZWk1FyLVzVX
mZuLjL/8oZBvIS4RjIZVnfvgNDQhv0VaJeT/5OYMqGcJgcBUs3VB
-----END CERTIFICATE-----
Generated at Fri May 2 04:07:23 2025 by rpki-client