Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/hgur-zXZ3kdfY-mHnHCYaYQQ7_Y.roa
File: hgur-zXZ3kdfY-mHnHCYaYQQ7_Y.roa (raw, json)
Hash identifier: Sj6ofc/JJY4Z0npIvyA5mUvw33oopovdRFc+wiaO1u0=
Subject key identifier: 86:0B:AB:FB:35:D9:DE:47:5F:63:E9:87:9C:70:98:69:84:10:EF:F6
Certificate issuer: /CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Certificate serial: 019691E166BB5FF88FC95FB4A48FFD991749
Authority key identifier: 8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/hgur-zXZ3kdfY-mHnHCYaYQQ7_Y.roa
Signing time: Fri 02 May 2025 16:43:10 +0000
ROA not before: Fri 02 May 2025 16:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205570
IP address blocks: 185.213.170.0/24 maxlen: 24
2a0b:8b40::/29 maxlen: 29
Validation: Failed, certificate revoked on Fri 02 May 2025 23:07:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:e1:66:bb:5f:f8:8f:c9:5f:b4:a4:8f:fd:99:17:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d89223c1f335c0cc569359fa2dda349a2236ccb
Validity
Not Before: May 2 16:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=860babfb35d9de475f63e9879c7098698410eff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:99:70:4d:73:20:33:4f:0d:b3:a4:3d:ae:a7:
11:5c:c7:23:8e:f8:c9:9e:73:05:d6:37:f9:e2:7c:
cf:82:33:4f:32:43:79:0b:10:bc:48:c1:eb:b1:7f:
4c:73:46:35:3f:40:08:8f:b8:ef:f6:42:52:35:ff:
da:78:7b:06:d3:4a:11:b3:9d:22:68:d1:25:84:f6:
59:12:d5:b2:76:cc:91:c0:06:57:40:ac:ce:5b:96:
8b:81:a3:88:37:cf:1d:97:a8:cf:29:72:0e:0c:12:
50:7b:3f:27:a2:00:e8:13:61:f4:dc:d4:d8:a8:d2:
2f:cc:1c:18:f7:a7:d3:64:5c:e0:4a:ed:ee:89:a8:
db:42:77:c9:da:c7:53:aa:9c:5f:af:7a:fe:9f:18:
80:35:73:80:56:90:59:05:10:40:70:d9:1b:93:0a:
bd:df:99:c2:fb:cf:5f:5f:10:7e:95:2f:ac:f4:0e:
d5:30:47:ca:e9:1b:57:f8:aa:a7:99:10:ca:16:be:
14:90:c8:ac:f2:eb:79:0e:cb:a2:56:08:08:ab:29:
f8:27:1c:59:a8:e6:84:99:72:40:c5:4a:51:28:b5:
1e:99:45:38:40:c0:35:79:2f:ba:75:10:1e:b3:e5:
97:74:e0:8b:21:d4:c1:7f:8e:41:ab:50:ab:00:24:
f4:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:0B:AB:FB:35:D9:DE:47:5F:63:E9:87:9C:70:98:69:84:10:EF:F6
X509v3 Authority Key Identifier:
keyid:8D:89:22:3C:1F:33:5C:0C:C5:69:35:9F:A2:DD:A3:49:A2:23:6C:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYkiPB8zXAzFaTWfot2jSaIjbMs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/hgur-zXZ3kdfY-mHnHCYaYQQ7_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/52a10d-d851-40ae-a8b0-a1028eda6383/1/jYkiPB8zXAzFaTWfot2jSaIjbMs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.213.170.0/24
IPv6:
2a0b:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
86:ef:06:49:74:76:0c:23:82:46:66:35:e8:cc:22:ff:fa:d8:
28:79:80:f5:ef:91:1a:6f:af:29:53:1d:2e:ca:94:87:e9:7f:
39:ef:1f:27:de:f3:ac:c3:f2:21:25:d6:3d:ca:5a:a6:79:7e:
c1:75:a3:eb:6a:2c:a1:ec:ee:09:23:ea:30:2c:24:75:6c:d4:
c6:f2:de:1a:41:5f:b6:82:67:ec:31:ca:f2:62:47:f9:f2:d2:
e2:a4:5b:85:d8:b0:ec:e8:27:be:0e:31:11:ab:32:da:b7:d9:
03:54:61:9b:c5:3e:6c:fd:5e:bc:64:de:51:58:f4:02:18:97:
d3:b5:dd:28:de:60:24:61:d5:8b:f3:7d:e8:fd:32:14:df:78:
d3:18:9d:02:a0:7d:bb:3b:a4:bd:79:f8:c9:b1:5d:1d:d5:fe:
fa:62:53:61:d5:a6:bf:ce:05:eb:6c:d8:15:3d:e0:70:a5:1b:
58:dc:af:48:ea:63:68:e5:e6:3b:d9:ed:9d:87:91:39:94:f8:
4b:fe:20:31:c5:8e:b1:62:f5:76:f9:b4:ea:64:07:f4:2a:33:
3c:39:f0:92:99:8d:a7:3f:c1:93:dc:d6:83:30:10:b9:fc:e5:
d8:3b:97:22:51:78:53:0e:f2:50:79:fe:62:d5:73:96:70:2d:
46:64:b6:02
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZaR4Wa7X/iPyV+0pI/9mRdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODkyMjNjMWYzMzVjMGNjNTY5MzU5ZmEyZGRhMzQ5YTIy
MzZjY2IwHhcNMjUwNTAyMTY0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjBiYWJmYjM1ZDlkZTQ3NWY2M2U5ODc5YzcwOTg2OTg0MTBlZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiplwTXMgM08Ns6Q9rqcRXMcjjvjJ
nnMF1jf54nzPgjNPMkN5CxC8SMHrsX9Mc0Y1P0AIj7jv9kJSNf/aeHsG00oRs50i
aNElhPZZEtWydsyRwAZXQKzOW5aLgaOIN88dl6jPKXIODBJQez8nogDoE2H03NTY
qNIvzBwY96fTZFzgSu3uiajbQnfJ2sdTqpxfr3r+nxiANXOAVpBZBRBAcNkbkwq9
35nC+89fXxB+lS+s9A7VMEfK6RtX+KqnmRDKFr4UkMis8ut5DsuiVggIqyn4JxxZ
qOaEmXJAxUpRKLUemUU4QMA1eS+6dRAes+WXdOCLIdTBf45Bq1CrACT0gwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIYLq/s12d5HX2Pph5xwmGmEEO/2MB8GA1UdIwQY
MBaAFI2JIjwfM1wMxWk1n6Ldo0miI2zLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAt
YTEwMjhlZGE2MzgzLzEvaGd1ci16WFoza2RmWS1tSG5IQ1lhWVFRN19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy81MmExMGQtZDg1MS00MGFlLWE4YjAtYTEwMjhlZGE2Mzgz
LzEvallraVBCOHpYQXpGYVRXZm90MmpTYUlqYk1zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAudWqMA0E
AgACMAcDBQMqC4tAMA0GCSqGSIb3DQEBCwUAA4IBAQCG7wZJdHYMI4JGZjXozCL/
+tgoeYD175Eab68pUx0uypSH6X857x8n3vOsw/IhJdY9ylqmeX7BdaPraiyh7O4J
I+owLCR1bNTG8t4aQV+2gmfsMcryYkf58tLipFuF2LDs6Ce+DjERqzLat9kDVGGb
xT5s/V68ZN5RWPQCGJfTtd0o3mAkYdWL833o/TIU33jTGJ0CoH27O6S9efjJsV0d
1f76YlNh1aa/zgXrbNgVPeBwpRtY3K9I6mNo5eY72e2dh5E5lPhL/iAxxY6xYvV2
+bTqZAf0KjM8OfCSmY2nP8GT3NaDMBC5/OXYO5ciUXhTDvJQef5i1XOWcC1GZLYC
-----END CERTIFICATE-----
Generated at Sat May 10 10:15:32 2025 by rpki-client