Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/HvzAEws7ARBK6ROx5gHtoJ_O_T8.roa
File: HvzAEws7ARBK6ROx5gHtoJ_O_T8.roa (raw, json)
Hash identifier: /tdoxBso03V3l19KOML8XSnG+1i6DVZu4agCF3TnPPI=
Subject key identifier: 1E:FC:C0:13:0B:3B:01:10:4A:E9:13:B1:E6:01:ED:A0:9F:CE:FD:3F
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 019679BAD922943E6EDE27D2D19DCAB1187D
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/HvzAEws7ARBK6ROx5gHtoJ_O_T8.roa
Signing time: Mon 28 Apr 2025 00:10:10 +0000
ROA not before: Mon 28 Apr 2025 00:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 91.108.237.0/24 maxlen: 24
91.108.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 12:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:79:ba:d9:22:94:3e:6e:de:27:d2:d1:9d:ca:b1:18:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Apr 28 00:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1efcc0130b3b01104ae913b1e601eda09fcefd3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:73:56:a5:a2:9f:29:ae:85:cb:f7:18:ff:4c:
2a:ea:8d:7f:b2:6d:96:bd:ad:f7:b7:17:c8:da:01:
82:20:22:12:ab:b3:65:5e:8b:bf:86:be:c2:a1:9b:
c4:00:ec:79:ff:aa:7a:3b:05:79:41:24:ed:3f:d7:
25:00:da:24:73:ff:82:bd:1c:c9:85:2a:87:d7:e6:
49:96:e2:39:ad:76:a2:93:f4:c5:ec:32:ae:ef:4f:
6d:2e:dd:ae:c5:d6:5a:79:b4:cc:2e:27:da:15:c4:
8e:5c:e0:94:1a:bb:1f:5b:ae:41:17:cf:af:22:96:
04:ea:b3:2d:85:0b:09:59:b8:fb:95:72:bd:40:76:
ba:9e:bc:ca:0c:05:a9:9f:9e:cf:d4:44:28:56:87:
09:2b:5a:51:43:cd:33:f0:f8:6a:5f:fd:cd:44:56:
5d:94:04:37:06:9e:52:16:c8:f1:fa:3c:3e:0a:5e:
57:03:40:7b:c5:a0:68:69:48:82:74:dd:2f:4f:a8:
49:83:3c:d7:96:47:e9:6f:1f:d8:8e:e2:24:d3:00:
fd:e5:f8:43:f2:df:f7:c9:1f:da:d6:df:5d:24:2a:
2e:2a:f9:55:79:b0:99:25:47:ce:5f:97:16:cf:e7:
34:d6:4c:94:36:59:2d:ec:61:48:eb:2d:47:6e:54:
8e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1E:FC:C0:13:0B:3B:01:10:4A:E9:13:B1:E6:01:ED:A0:9F:CE:FD:3F
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/HvzAEws7ARBK6ROx5gHtoJ_O_T8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.237.0/24
91.108.253.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:2b:f4:75:13:62:f6:57:1a:70:56:83:b6:c7:dc:a4:f9:e3:
1e:58:b6:73:72:78:57:28:65:87:c9:b9:5d:9e:58:b7:28:85:
39:5c:ea:ff:49:b7:cd:dc:3e:42:4e:2e:c0:d4:f8:cf:a1:d1:
89:b6:e5:8f:cc:05:e8:56:88:a5:20:c8:b7:82:58:ce:d9:7a:
cd:53:09:77:82:a7:e4:c9:b3:44:6c:2a:23:d8:02:6d:e2:e0:
bc:a5:8f:0f:79:17:3d:a0:61:bb:37:ae:58:94:b1:1e:e7:e1:
4a:d5:67:5a:4f:f2:ee:13:60:eb:04:59:74:f3:05:2d:16:13:
3c:f6:5d:68:6e:96:6c:8d:38:f6:a3:e6:43:4d:5d:fe:36:a8:
8f:d6:7e:f4:ca:07:a4:67:3b:55:eb:b7:d9:42:53:a0:b5:83:
f0:b6:94:f4:21:f2:9a:d0:23:8f:1f:3e:f6:f9:65:7a:a6:11:
b2:a6:bd:46:bd:80:fa:d9:2a:c6:a0:09:be:c1:06:68:97:c5:
79:8b:ec:a0:c7:14:79:aa:e3:36:6b:02:54:b8:f0:10:cd:f6:
57:7c:e2:a2:c0:f2:8a:02:5d:14:cd:c5:fe:b2:77:30:0b:55:
f6:fc:11:c0:27:0b:51:04:2e:04:a9:6d:b6:8f:2c:2e:28:6a:
a5:cd:b1:b8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZ5utkilD5u3ifS0Z3KsRh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjUwNDI4MDAxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZWZjYzAxMzBiM2IwMTEwNGFlOTEzYjFlNjAxZWRhMDlmY2VmZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3NWpaKfKa6Fy/cY/0wq6o1/sm2W
va33txfI2gGCICISq7NlXou/hr7CoZvEAOx5/6p6OwV5QSTtP9clANokc/+CvRzJ
hSqH1+ZJluI5rXaik/TF7DKu709tLt2uxdZaebTMLifaFcSOXOCUGrsfW65BF8+v
IpYE6rMthQsJWbj7lXK9QHa6nrzKDAWpn57P1EQoVocJK1pRQ80z8PhqX/3NRFZd
lAQ3Bp5SFsjx+jw+Cl5XA0B7xaBoaUiCdN0vT6hJgzzXlkfpbx/YjuIk0wD95fhD
8t/3yR/a1t9dJCouKvlVebCZJUfOX5cWz+c01kyUNlkt7GFI6y1HblSO8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB78wBMLOwEQSukTseYB7aCfzv0/MB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvSHZ6QUV3czdBUkJLNlJPeDVnSHRvSl9PX1Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2ztAwQA
W2z9MA0GCSqGSIb3DQEBCwUAA4IBAQAcK/R1E2L2VxpwVoO2x9yk+eMeWLZzcnhX
KGWHybldnli3KIU5XOr/SbfN3D5CTi7A1PjPodGJtuWPzAXoVoilIMi3gljO2XrN
Uwl3gqfkybNEbCoj2AJt4uC8pY8PeRc9oGG7N65YlLEe5+FK1WdaT/LuE2DrBFl0
8wUtFhM89l1obpZsjTj2o+ZDTV3+NqiP1n70ygekZztV67fZQlOgtYPwtpT0IfKa
0COPHz72+WV6phGypr1GvYD62SrGoAm+wQZol8V5i+ygxxR5quM2awJUuPAQzfZX
fOKiwPKKAl0UzcX+sncwC1X2/BHAJwtRBC4EqW22jywuKGqlzbG4
-----END CERTIFICATE-----
Generated at Tue May 13 05:28:35 2025 by rpki-client