Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mhig09EHYOEA_YvhxECk_Z-tLcE.roa
File: mhig09EHYOEA_YvhxECk_Z-tLcE.roa (raw, json)
Hash identifier: +hRL/9C1Pp/UdtMDX1OMLkOQmlfd11eYj1b6yV+h6jU=
Subject key identifier: 9A:18:A0:D3:D1:07:60:E1:00:FD:8B:E1:C4:40:A4:FD:9F:AD:2D:C1
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019685EED441E7872D485BEF80294108597B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mhig09EHYOEA_YvhxECk_Z-tLcE.roa
Signing time: Wed 30 Apr 2025 09:02:23 +0000
ROA not before: Wed 30 Apr 2025 09:02:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.17.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.78.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 10:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:ee:d4:41:e7:87:2d:48:5b:ef:80:29:41:08:59:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Apr 30 09:02:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a18a0d3d10760e100fd8be1c440a4fd9fad2dc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:5b:5a:03:bd:c5:65:72:38:d9:4c:c6:38:ee:
a0:aa:58:aa:dd:2c:ff:b4:fe:77:6b:3f:b4:54:a7:
9a:a7:86:48:8c:ee:d8:b7:5d:f1:d8:82:82:ab:98:
24:9f:bc:95:01:30:1e:87:85:c4:c5:07:e5:6a:39:
d4:30:cc:07:8a:6e:7d:84:dd:8e:75:81:93:f8:78:
62:32:3e:1d:fb:5b:2d:cc:7a:43:5c:1a:b3:94:3c:
f4:56:27:bd:f5:2a:9c:a9:0f:69:a4:eb:af:93:fe:
28:8c:e9:f9:82:d4:f4:ea:0e:f5:96:60:16:be:7b:
09:62:03:a4:67:04:7b:fb:dc:2b:75:f1:7c:e0:ee:
e5:87:76:36:e9:2e:f4:55:46:ff:f4:f5:ab:b8:7f:
07:67:5e:52:87:8d:2f:5d:b0:a0:8d:57:9a:c5:06:
a5:27:f7:90:b6:ca:6b:7b:f6:9a:90:1e:ed:d6:84:
75:ec:32:0b:58:75:4c:5b:d1:26:ff:24:16:0d:70:
78:54:3c:4c:ec:2d:93:df:7c:c7:ae:fb:d2:37:74:
50:7f:16:9f:b2:3a:49:16:0a:69:af:fe:6f:f6:2d:
97:75:4d:c3:dc:ab:1e:fb:1f:e0:33:6d:52:67:b7:
21:c8:02:1f:40:25:f6:a1:1e:f1:5c:8e:68:e3:30:
a7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:18:A0:D3:D1:07:60:E1:00:FD:8B:E1:C4:40:A4:FD:9F:AD:2D:C1
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/mhig09EHYOEA_YvhxECk_Z-tLcE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.17.0/24
185.126.82.0/24
185.209.38.0/24
185.209.73.0/24
185.209.75.0/24
185.210.233.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.250.0/23
185.222.28.0/23
185.223.78.0/24
185.223.155.0/24
185.225.0.0/23
185.225.3.0/24
185.226.104.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:0d:3c:97:3c:08:f2:d5:f4:4b:5a:65:d2:a9:49:23:27:48:
0c:82:e2:de:7b:cb:02:58:d3:27:fb:77:7d:ba:56:ac:9b:a3:
94:1a:32:ba:f6:3a:08:1d:35:7f:c9:e3:95:9a:b4:3f:49:ba:
dc:4a:03:37:15:27:51:1f:23:42:8d:ab:cf:88:4a:c3:78:48:
bb:15:8d:1e:89:86:44:00:98:49:88:b6:f3:80:67:92:b7:a7:
f4:70:df:32:54:56:00:8c:18:e5:8c:5a:df:af:77:fb:15:ab:
5e:dd:3c:41:13:ef:48:29:33:60:f1:3b:db:ea:6e:58:13:e4:
b1:05:02:9f:9c:fb:0e:ad:3f:f0:94:19:4e:eb:77:eb:e2:5f:
3c:f5:a1:3d:f8:55:0f:b7:46:85:41:db:6e:1d:25:31:42:1a:
e5:3d:eb:ab:e1:d6:89:4f:76:fa:dd:fd:da:b0:52:b1:47:38:
09:a2:43:11:40:3c:93:88:07:dc:2c:b8:06:f4:ce:6e:3e:59:
2a:46:af:a5:85:87:c0:ba:81:95:13:82:5c:93:bd:8d:de:45:
cc:c1:e6:30:d6:9b:5a:68:f7:30:22:b0:9d:3c:03:31:c6:08:
01:34:ec:ad:dd:5f:73:92:ae:cd:59:c6:10:d3:78:b5:ae:c9:
f6:9f:35:c7
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZaF7tRB54ctSFvvgClBCFl7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwNDMwMDkwMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE4YTBkM2QxMDc2MGUxMDBmZDhiZTFjNDQwYTRmZDlmYWQyZGMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1taA73FZXI42UzGOO6gqliq3Sz/
tP53az+0VKeap4ZIjO7Yt13x2IKCq5gkn7yVATAeh4XExQflajnUMMwHim59hN2O
dYGT+HhiMj4d+1stzHpDXBqzlDz0Vie99SqcqQ9ppOuvk/4ojOn5gtT06g71lmAW
vnsJYgOkZwR7+9wrdfF84O7lh3Y26S70VUb/9PWruH8HZ15Sh40vXbCgjVeaxQal
J/eQtspre/aakB7t1oR17DILWHVMW9Em/yQWDXB4VDxM7C2T33zHrvvSN3RQfxaf
sjpJFgppr/5v9i2XdU3D3Kse+x/gM21SZ7chyAIfQCX2oR7xXI5o4zCnLQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFJoYoNPRB2DhAP2L4cRApP2frS3BMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbWhpZzA5RUhZT0VBX1l2aHhFQ2tfWi10TGNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAt
WhEDBAC5flIDBAC50SYDBAC50UkDBAC50UsDBAC50ukDBAC51mwDBAC52hQDBAC5
2mUDBAG53PoDBAG53hwDBAC5304DBAC535sDBAG54QADBAC54QMDBAC54mgDBAG5
45IDBAC55EsDBAC56M4wDAMEBMEIcAMEAMEIcgMEAcE6kgMEAMJMqQMEAMJMrAME
AMJ8RTANBgkqhkiG9w0BAQsFAAOCAQEAvA08lzwI8tX0S1pl0qlJIydIDILi3nvL
AljTJ/t3fbpWrJujlBoyuvY6CB01f8njlZq0P0m63EoDNxUnUR8jQo2rz4hKw3hI
uxWNHomGRACYSYi284Bnkren9HDfMlRWAIwY5Yxa3693+xWrXt08QRPvSCkzYPE7
2+puWBPksQUCn5z7Dq0/8JQZTut36+JfPPWhPfhVD7dGhUHbbh0lMUIa5T3rq+HW
iU92+t392rBSsUc4CaJDEUA8k4gH3Cy4BvTObj5ZKkavpYWHwLqBlROCXJO9jd5F
zMHmMNabWmj3MCKwnTwDMcYIATTsrd1fc5KuzVnGENN4ta7J9p81xw==
-----END CERTIFICATE-----
Generated at Fri May 9 10:27:11 2025 by rpki-client