Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HgCBSJA9NBOe6vBth4awI09iSt8.roa
File: HgCBSJA9NBOe6vBth4awI09iSt8.roa (raw, json)
Hash identifier: 9ezp8K7g9aLoBowuTHQ9NPPBZd/zMsoECrSjK0EopAs=
Subject key identifier: 1E:00:81:48:90:3D:34:13:9E:EA:F0:6D:87:86:B0:23:4F:62:4A:DF
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 0196819383484D9F00188242FF1DFEC7E878
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HgCBSJA9NBOe6vBth4awI09iSt8.roa
Signing time: Tue 29 Apr 2025 12:44:10 +0000
ROA not before: Tue 29 Apr 2025 12:44:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51202
IP address blocks: 31.25.11.0/24 maxlen: 24
89.36.35.0/24 maxlen: 24
185.144.70.0/24 maxlen: 24
212.232.18.0/24 maxlen: 24
2a0c:2500::/29 maxlen: 48
2a0c:2502::/32 maxlen: 32
2a0c:2502::/48 maxlen: 48
2a14:6781::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Apr 2025 01:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:93:83:48:4d:9f:00:18:82:42:ff:1d:fe:c7:e8:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Apr 29 12:44:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1e008148903d34139eeaf06d8786b0234f624adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:b0:de:44:54:1c:7a:80:e4:6b:22:d2:d6:eb:
f6:08:04:71:bb:36:18:71:83:64:22:be:9d:df:83:
a6:c2:13:69:fb:a2:6f:68:cb:f7:ad:d5:2d:9d:5f:
9d:4e:0d:d6:7b:17:53:a3:95:c7:eb:a9:f1:cf:3c:
35:95:6a:78:35:5f:31:ac:d1:75:1a:bc:02:7f:2f:
dd:0a:0b:03:7b:3f:d4:2a:69:f6:d9:eb:2f:de:3e:
64:ad:5e:05:96:d6:31:88:50:ad:35:3f:94:64:74:
5d:89:20:64:b0:14:11:20:b8:f0:86:f6:a7:74:77:
0c:64:8d:0c:18:79:04:a7:50:89:d1:54:5f:2f:4b:
20:59:59:c9:3c:a2:9d:34:2c:f9:ae:52:44:01:cb:
10:9c:e2:4b:2e:5d:3d:aa:ca:f9:6d:62:87:52:15:
fe:49:fb:66:30:70:97:f4:0a:e8:57:dd:b6:a7:8d:
51:28:9c:09:58:70:ba:07:5d:a2:35:c8:9f:e9:72:
43:2c:fc:5d:1f:54:4f:28:8f:41:bf:56:77:02:58:
09:d1:fd:ba:7a:bf:ff:75:e1:90:ee:03:87:74:8a:
70:2d:61:0e:04:bf:b2:97:8d:47:72:7b:24:7b:e3:
e2:af:1b:48:a8:ee:94:a7:8e:a6:4c:37:5f:ba:83:
11:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:00:81:48:90:3D:34:13:9E:EA:F0:6D:87:86:B0:23:4F:62:4A:DF
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/HgCBSJA9NBOe6vBth4awI09iSt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.11.0/24
89.36.35.0/24
185.144.70.0/24
212.232.18.0/24
IPv6:
2a0c:2500::/29
2a14:6781::/32
Signature Algorithm: sha256WithRSAEncryption
0b:5c:c7:fe:71:64:e4:3d:25:39:a7:6a:57:07:06:ab:3f:5e:
ab:99:d1:0e:6a:62:cc:ce:ad:d7:1e:3b:ed:f0:46:02:d9:1c:
4a:ae:1c:38:b4:32:80:3f:7b:ce:88:b4:f9:f3:ba:96:8b:b7:
03:cf:1f:ce:4e:b6:b8:b9:79:4b:55:34:b6:8d:74:4a:ea:ec:
60:c6:7d:fa:fc:d4:69:81:f3:de:41:36:0b:a1:d4:b6:b2:d8:
b8:23:8f:38:b0:2c:89:88:5f:eb:48:ee:e1:de:92:52:f5:91:
54:41:68:f3:8d:68:7f:9c:cc:8b:96:92:66:3a:d5:1a:89:90:
e0:64:a1:ff:05:cc:11:d3:f9:8b:e7:a6:10:77:cf:52:53:40:
ae:3c:54:7d:06:67:32:42:96:55:4b:d4:b1:3c:9b:26:15:97:
ae:5a:11:9c:9b:e4:04:e7:a4:26:3d:e5:e9:a1:b9:5b:58:84:
e1:a0:35:0b:54:f3:d2:76:bb:c5:cc:a8:16:d8:18:4b:4c:1c:
3e:3a:1a:bf:0d:b5:88:62:03:45:c4:5e:8f:d2:d0:5e:55:26:
10:ed:1d:0d:20:2c:b9:56:72:d3:4a:09:3c:b9:ed:52:fc:ad:
d4:b2:a6:f3:a4:00:c7:c7:cf:bd:35:e3:81:78:01:80:55:e2:
c5:18:f0:00
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZaBk4NITZ8AGIJC/x3+x+h4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNDI5MTI0NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZTAwODE0ODkwM2QzNDEzOWVlYWYwNmQ4Nzg2YjAyMzRmNjI0YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4LDeRFQceoDkayLS1uv2CARxuzYY
cYNkIr6d34OmwhNp+6JvaMv3rdUtnV+dTg3WexdTo5XH66nxzzw1lWp4NV8xrNF1
GrwCfy/dCgsDez/UKmn22esv3j5krV4FltYxiFCtNT+UZHRdiSBksBQRILjwhvan
dHcMZI0MGHkEp1CJ0VRfL0sgWVnJPKKdNCz5rlJEAcsQnOJLLl09qsr5bWKHUhX+
SftmMHCX9AroV922p41RKJwJWHC6B12iNcif6XJDLPxdH1RPKI9Bv1Z3AlgJ0f26
er//deGQ7gOHdIpwLWEOBL+yl41Hcnske+PirxtIqO6Up46mTDdfuoMRnwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFB4AgUiQPTQTnurwbYeGsCNPYkrfMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvSGdDQlNKQTlOQk9lNnZCdGg0YXdJMDlpU3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQAHxkLAwQA
WSQjAwQAuZBGAwQA1OgSMBQEAgACMA4DBQMqDCUAAwUAKhRngTANBgkqhkiG9w0B
AQsFAAOCAQEAC1zH/nFk5D0lOadqVwcGqz9eq5nRDmpizM6t1x477fBGAtkcSq4c
OLQygD97zoi0+fO6lou3A88fzk62uLl5S1U0to10SursYMZ9+vzUaYHz3kE2C6HU
trLYuCOPOLAsiYhf60ju4d6SUvWRVEFo841of5zMi5aSZjrVGomQ4GSh/wXMEdP5
i+emEHfPUlNArjxUfQZnMkKWVUvUsTybJhWXrloRnJvkBOekJj3l6aG5W1iE4aA1
C1Tz0na7xcyoFtgYS0wcPjoavw21iGIDRcRej9LQXlUmEO0dDSAsuVZy00oJPLnt
Uvyt1LKm86QAx8fPvTXjgXgBgFXixRjwAA==
-----END CERTIFICATE-----
Generated at Tue May 13 02:52:48 2025 by rpki-client