Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/hQNfliZEhrk512tSi-JVNRpvEl4.roa
File: hQNfliZEhrk512tSi-JVNRpvEl4.roa (raw, json)
Hash identifier: +lOwVTHnjfGNvaTH9I8wI/hjOdaWDjoqk4NYdUKy23Q=
Subject key identifier: 85:03:5F:96:26:44:86:B9:39:D7:6B:52:8B:E2:55:35:1A:6F:12:5E
Certificate issuer: /CN=1e36de27974727aa0046b3e9c8d0624674541255
Certificate serial: 018F722877C16706918979663485F39CF2C6
Authority key identifier: 1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/hQNfliZEhrk512tSi-JVNRpvEl4.roa
Signing time: Mon 13 May 2024 13:33:25 +0000
ROA not before: Mon 13 May 2024 13:33:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215540
IP address blocks: 46.29.234.0/24 maxlen: 24
46.29.235.0/24 maxlen: 24
85.159.228.0/24 maxlen: 24
85.159.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 13 May 2024 14:14:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:72:28:77:c1:67:06:91:89:79:66:34:85:f3:9c:f2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e36de27974727aa0046b3e9c8d0624674541255
Validity
Not Before: May 13 13:33:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=85035f96264486b939d76b528be255351a6f125e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d6:02:5c:1d:26:d5:f8:46:3d:0b:14:b5:3e:
13:09:68:03:68:57:21:7e:08:b1:59:b9:2d:af:5f:
f5:62:82:17:af:e5:6d:4c:5e:01:01:38:2e:af:73:
0d:f2:b8:5b:06:8c:1f:b4:0a:2f:b5:f9:3e:39:57:
88:36:e2:ee:81:37:5a:05:76:c1:cf:0e:ba:47:5f:
b6:65:ea:f9:76:7b:62:37:a9:f6:4c:0b:09:89:73:
a6:c5:ff:43:41:a1:4d:72:d7:0a:80:6d:07:a8:81:
ab:ec:20:d0:54:74:03:4c:46:57:ce:d8:77:9e:32:
79:93:a0:ea:bb:70:ac:8b:08:38:4c:fc:5d:c6:1c:
a7:b0:79:71:99:72:33:94:0a:01:a4:f7:54:9b:72:
ce:c0:89:48:50:ee:89:0b:92:93:48:f5:a6:66:cb:
66:ae:e5:46:a6:1a:82:4b:38:9f:e4:02:de:50:68:
0b:4d:cd:bf:d5:09:ce:02:1a:c6:0a:4a:ff:42:20:
c6:da:60:da:80:e1:22:cb:29:e5:d3:4a:ec:b7:d4:
52:dd:ca:ff:e1:d3:41:c5:9f:f3:92:78:96:3b:17:
fa:a1:15:d7:d7:68:dc:63:ad:07:84:88:68:0d:c9:
b0:6f:ac:1f:f5:9e:d1:a3:c1:76:c4:3d:ef:e9:34:
42:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:03:5F:96:26:44:86:B9:39:D7:6B:52:8B:E2:55:35:1A:6F:12:5E
X509v3 Authority Key Identifier:
keyid:1E:36:DE:27:97:47:27:AA:00:46:B3:E9:C8:D0:62:46:74:54:12:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HjbeJ5dHJ6oARrPpyNBiRnRUElU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/hQNfliZEhrk512tSi-JVNRpvEl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/59e8c3-626b-4ece-8e39-df793a940bab/1/HjbeJ5dHJ6oARrPpyNBiRnRUElU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.234.0/23
85.159.228.0/23
Signature Algorithm: sha256WithRSAEncryption
75:3a:57:48:18:ef:b1:67:65:1d:cd:b5:e9:80:80:44:f1:51:
ea:e2:17:22:92:fb:16:f8:10:e2:03:14:c5:80:96:f9:a5:f0:
f2:2f:55:74:9b:43:e1:6b:0f:56:ec:1a:16:da:9f:9c:96:35:
63:2d:69:d9:11:ad:0d:9e:b1:be:39:d9:01:51:ed:29:9d:5c:
ea:60:68:e6:9b:5e:1a:21:c4:88:a6:fc:fa:33:35:bd:5f:3f:
b3:65:fe:20:f2:80:1b:bd:9f:78:d3:52:d2:72:ab:57:c2:49:
5b:12:fe:fb:37:71:fd:3d:e3:e3:19:6a:1d:28:ac:2d:ef:3e:
92:e5:1b:8e:5a:cd:82:bb:51:35:f5:d5:cf:9f:95:9b:85:3d:
23:62:de:eb:db:81:7d:ee:38:b2:9f:44:84:41:d0:ac:7f:34:
cc:34:98:32:4f:22:6f:bb:1b:a6:72:55:0a:ba:92:0d:96:2e:
ce:5b:d4:94:02:9a:65:f0:bc:72:cb:c0:35:55:be:39:b4:9d:
65:cb:9d:bf:8b:7b:95:3e:56:f2:fb:ff:11:17:2b:f8:46:79:
2e:17:e7:1a:27:61:12:c1:ea:70:ce:be:a0:4e:65:9d:5c:16:
14:2f:f3:04:8f:7c:54:1f:d9:af:92:61:11:f5:e5:ce:d1:74:
f6:54:f5:16
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY9yKHfBZwaRiXlmNIXznPLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMzZkZTI3OTc0NzI3YWEwMDQ2YjNlOWM4ZDA2MjQ2NzQ1
NDEyNTUwHhcNMjQwNTEzMTMzMzI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTAzNWY5NjI2NDQ4NmI5MzlkNzZiNTI4YmUyNTUzNTFhNmYxMjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtYCXB0m1fhGPQsUtT4TCWgDaFch
fgixWbktr1/1YoIXr+VtTF4BATgur3MN8rhbBowftAovtfk+OVeINuLugTdaBXbB
zw66R1+2Zer5dntiN6n2TAsJiXOmxf9DQaFNctcKgG0HqIGr7CDQVHQDTEZXzth3
njJ5k6Dqu3Csiwg4TPxdxhynsHlxmXIzlAoBpPdUm3LOwIlIUO6JC5KTSPWmZstm
ruVGphqCSzif5ALeUGgLTc2/1QnOAhrGCkr/QiDG2mDagOEiyynl00rst9RS3cr/
4dNBxZ/zkniWOxf6oRXX12jcY60HhIhoDcmwb6wf9Z7Ro8F2xD3v6TRCaQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIUDX5YmRIa5OddrUoviVTUabxJeMB8GA1UdIwQY
MBaAFB423ieXRyeqAEaz6cjQYkZ0VBJVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzkt
ZGY3OTNhOTQwYmFiLzEvaFFOZmxpWkVocms1MTJ0U2ktSlZOUnB2RWw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy81OWU4YzMtNjI2Yi00ZWNlLThlMzktZGY3OTNhOTQwYmFi
LzEvSGpiZUo1ZEhKNm9BUnJQcHlOQmlSblJVRWxVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLh3qAwQB
VZ/kMA0GCSqGSIb3DQEBCwUAA4IBAQB1OldIGO+xZ2UdzbXpgIBE8VHq4hcikvsW
+BDiAxTFgJb5pfDyL1V0m0Phaw9W7BoW2p+cljVjLWnZEa0NnrG+OdkBUe0pnVzq
YGjmm14aIcSIpvz6MzW9Xz+zZf4g8oAbvZ9401LScqtXwklbEv77N3H9PePjGWod
KKwt7z6S5RuOWs2Cu1E19dXPn5WbhT0jYt7r24F97jiyn0SEQdCsfzTMNJgyTyJv
uxumclUKupINli7OW9SUAppl8Lxyy8A1Vb45tJ1ly52/i3uVPlby+/8RFyv4Rnku
F+caJ2ESwepwzr6gTmWdXBYUL/MEj3xUH9mvkmER9eXO0XT2VPUW
-----END CERTIFICATE-----
Generated at Sat May 10 20:30:59 2025 by rpki-client