Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/1H9JH7QRuSDXr4xmXPNwRgB8SUk.roa
File: 1H9JH7QRuSDXr4xmXPNwRgB8SUk.roa (raw, json)
Hash identifier: ziKl+jwxMv6HwekIqZTTpxWFqrGnl6wqrBMe638R2JU=
Subject key identifier: D4:7F:49:1F:B4:11:B9:20:D7:AF:8C:66:5C:F3:70:46:00:7C:49:49
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 019789DCE09224B942CEFD0015F02E648370
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/1H9JH7QRuSDXr4xmXPNwRgB8SUk.roa
Signing time: Thu 19 Jun 2025 20:24:03 +0000
ROA not before: Thu 19 Jun 2025 20:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49556
IP address blocks: 5.159.49.0/24 maxlen: 24
45.94.213.0/24 maxlen: 24
185.239.0.0/24 maxlen: 24
185.239.2.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Jun 2025 16:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:89:dc:e0:92:24:b9:42:ce:fd:00:15:f0:2e:64:83:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jun 19 20:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d47f491fb411b920d7af8c665cf37046007c4949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c2:f9:3b:07:fd:97:09:7e:8f:62:88:29:ec:
85:99:49:c1:57:d5:79:04:c4:b6:48:ba:05:32:d9:
41:f5:06:af:4c:62:5b:39:8d:84:47:54:1e:fd:ea:
a8:6d:8f:b4:6d:df:ae:99:c7:95:f4:b1:c2:e1:b8:
ae:8f:0f:02:1c:43:b2:0e:8a:3b:9e:4a:51:52:d5:
b1:79:31:62:77:79:a9:bf:45:56:fc:9c:ab:bd:e2:
98:b5:2c:18:72:b8:9f:d8:d0:5a:bf:59:84:cf:fe:
a4:d6:61:32:73:5e:54:7f:12:74:c7:c3:30:ce:bd:
bb:98:ad:1e:32:b9:d5:f7:37:c3:97:2b:67:1f:65:
00:87:a9:83:d2:0e:a9:7b:65:6a:ea:55:4c:01:0b:
b3:9f:5a:79:d4:cf:bf:68:1e:ab:c7:6c:4b:44:83:
4f:04:24:09:80:a5:ad:f1:e0:81:0e:84:17:ed:f6:
8c:cb:84:a5:74:24:4b:0d:9b:c9:ac:01:8a:f8:eb:
21:82:3e:de:a1:43:f5:bf:b3:8a:ae:cc:af:b8:b2:
63:df:e6:0b:01:0a:6a:a5:80:31:cd:92:12:b8:bb:
df:84:36:cd:b6:f1:ba:f5:7b:09:1b:35:55:c7:5f:
f4:54:d9:d7:c5:4d:a5:38:75:ef:a2:93:72:8e:2a:
23:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:7F:49:1F:B4:11:B9:20:D7:AF:8C:66:5C:F3:70:46:00:7C:49:49
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/1H9JH7QRuSDXr4xmXPNwRgB8SUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.49.0/24
45.94.213.0/24
185.239.0.0/24
185.239.2.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:f7:4a:68:47:a5:5b:35:5c:fd:99:d8:20:02:ef:66:19:ca:
45:3b:0a:54:e7:ea:81:78:5e:99:9e:c7:a4:56:94:51:14:8e:
0d:af:0d:71:37:9d:96:f6:4d:2b:69:6f:df:c2:ac:55:78:6b:
8a:63:0d:6f:a1:33:fb:19:91:74:3f:71:15:b3:24:af:7f:79:
3e:59:5e:a4:17:57:99:e7:44:e8:9d:19:e1:e5:84:16:49:09:
5f:8f:20:26:ca:8f:6a:51:e1:f7:1b:67:3e:d9:a9:7d:64:5b:
dc:62:c3:00:42:8a:d1:9b:13:6d:06:43:79:6f:1c:f8:46:82:
d8:d4:3b:b2:24:cc:8d:0b:7a:b5:2a:ff:44:6e:e8:fd:69:a7:
1b:24:26:c9:d7:f4:11:42:bd:0f:77:71:fd:bb:6e:0d:6a:bf:
cc:a2:b8:e5:1f:57:d1:b1:c2:fd:c9:58:87:ac:7d:3b:0a:dd:
ee:6e:53:16:8e:11:61:97:2b:a7:b8:a4:ab:b9:ac:b5:28:4b:
e0:a6:86:df:3f:d7:b8:2a:f2:65:5a:c7:f3:ab:f7:7f:6f:18:
04:23:71:bf:89:b0:31:4d:e6:63:6a:ce:2d:2d:79:3e:72:85:
43:f9:cf:e3:6c:fb:6f:fd:14:5a:70:e4:7f:c5:46:5b:11:ca:
78:7e:b2:86
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeJ3OCSJLlCzv0AFfAuZINwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwNjE5MjAyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDdmNDkxZmI0MTFiOTIwZDdhZjhjNjY1Y2YzNzA0NjAwN2M0OTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwcL5Owf9lwl+j2KIKeyFmUnBV9V5
BMS2SLoFMtlB9QavTGJbOY2ER1Qe/eqobY+0bd+umceV9LHC4biujw8CHEOyDoo7
nkpRUtWxeTFid3mpv0VW/JyrveKYtSwYcrif2NBav1mEz/6k1mEyc15UfxJ0x8Mw
zr27mK0eMrnV9zfDlytnH2UAh6mD0g6pe2Vq6lVMAQuzn1p51M+/aB6rx2xLRINP
BCQJgKWt8eCBDoQX7faMy4SldCRLDZvJrAGK+Oshgj7eoUP1v7OKrsyvuLJj3+YL
AQpqpYAxzZISuLvfhDbNtvG69XsJGzVVx1/0VNnXxU2lOHXvopNyjiojpQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNR/SR+0Ebkg16+MZlzzcEYAfElJMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvMUg5Skg3UVJ1U0RYcjR4bVhQTndSZ0I4U1VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABZ8xAwQA
LV7VAwQAue8AAwQAue8CMA0GCSqGSIb3DQEBCwUAA4IBAQA990poR6VbNVz9mdgg
Au9mGcpFOwpU5+qBeF6ZnsekVpRRFI4Nrw1xN52W9k0raW/fwqxVeGuKYw1voTP7
GZF0P3EVsySvf3k+WV6kF1eZ50TonRnh5YQWSQlfjyAmyo9qUeH3G2c+2al9ZFvc
YsMAQorRmxNtBkN5bxz4RoLY1DuyJMyNC3q1Kv9Ebuj9aacbJCbJ1/QRQr0Pd3H9
u24Nar/MorjlH1fRscL9yViHrH07Ct3ublMWjhFhlyunuKSruay1KEvgpobfP9e4
KvJlWsfzq/d/bxgEI3G/ibAxTeZjas4tLXk+coVD+c/jbPtv/RRacOR/xUZbEcp4
frKG
-----END CERTIFICATE-----
Generated at Sun Jun 29 19:07:42 2025 by rpki-client