Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/hVc5m8P2Gwhf0ZTqugMurqHU8AM.roa
File: hVc5m8P2Gwhf0ZTqugMurqHU8AM.roa (raw, json)
Hash identifier: 2Ijmlr9CNSsSz074Kq3fg668Y21krniYpUSFUpak2go=
Subject key identifier: 85:57:39:9B:C3:F6:1B:08:5F:D1:94:EA:BA:03:2E:AE:A1:D4:F0:03
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 0194B17B7810CDF39F2A0FFD4637B0B31561
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/hVc5m8P2Gwhf0ZTqugMurqHU8AM.roa
Signing time: Wed 29 Jan 2025 09:54:06 +0000
ROA not before: Wed 29 Jan 2025 09:54:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42894
IP address blocks: 131.237.0.0/16 maxlen: 24
131.237.0.0/24 maxlen: 24
131.237.1.0/24 maxlen: 24
131.237.8.0/24 maxlen: 24
131.237.32.0/24 maxlen: 24
131.237.40.0/24 maxlen: 24
131.237.41.0/24 maxlen: 24
131.237.42.0/24 maxlen: 24
131.237.43.0/24 maxlen: 24
131.237.70.0/24 maxlen: 24
131.237.71.0/24 maxlen: 24
131.237.72.0/24 maxlen: 24
131.237.73.0/24 maxlen: 24
131.237.74.0/24 maxlen: 24
131.237.77.0/24 maxlen: 24
131.237.78.0/24 maxlen: 24
131.237.83.0/24 maxlen: 24
131.237.84.0/24 maxlen: 24
131.237.96.0/24 maxlen: 24
131.237.120.0/24 maxlen: 24
131.237.121.0/24 maxlen: 24
131.237.163.0/24 maxlen: 24
145.31.0.0/16 maxlen: 24
145.45.0.0/17 maxlen: 24
145.45.0.0/24 maxlen: 24
145.45.48.0/24 maxlen: 24
145.45.110.0/24 maxlen: 24
145.50.0.0/16 maxlen: 24
145.50.37.0/24 maxlen: 24
145.50.39.0/24 maxlen: 24
145.50.105.0/24 maxlen: 24
145.50.233.0/24 maxlen: 24
194.104.116.0/22 maxlen: 24
2a13:e080::/32 maxlen: 48
Validation: Failed, certificate revoked on Thu 13 Feb 2025 10:20:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b1:7b:78:10:cd:f3:9f:2a:0f:fd:46:37:b0:b3:15:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 29 09:54:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8557399bc3f61b085fd194eaba032eaea1d4f003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f5:42:59:68:f0:f1:0a:37:b8:61:87:40:8a:
88:cf:71:ca:59:9f:9b:03:d8:de:d8:aa:4e:76:29:
46:e4:a3:da:0c:a3:08:0e:5f:d6:23:c6:fb:af:5d:
66:e1:62:b8:47:48:98:8c:97:ea:61:82:d5:a3:4a:
47:3b:e5:a5:18:6b:53:a4:bb:4c:00:13:5c:af:fb:
32:a9:85:3e:ac:70:62:80:a1:b1:47:95:f5:a3:9a:
9f:15:d4:30:94:9e:5d:54:6b:97:bf:59:2c:fc:7f:
48:ac:a4:35:0a:78:d3:a0:2b:ef:11:2f:98:88:f6:
06:6c:3d:ae:42:18:16:52:7d:10:d5:dd:42:95:68:
7e:34:02:b4:6c:f4:0d:4b:6c:d8:f5:5e:f5:55:8c:
6c:52:56:ec:41:6a:95:80:b6:90:c2:d5:2c:f5:20:
8b:c3:02:9f:20:ca:5d:dd:ed:2b:ea:1d:f3:07:bd:
e6:b4:b2:40:56:dd:92:88:a0:43:95:db:8b:34:b8:
29:7e:43:48:fd:40:36:29:b2:f2:07:7b:3b:6f:cb:
0c:b3:4b:bc:5c:0e:3a:62:48:b0:43:1f:18:80:25:
0e:96:bd:bd:58:fc:0b:4a:ef:6b:4c:e2:95:3a:45:
55:0d:7f:e0:1b:83:a8:9a:1d:d0:fb:16:dc:2b:16:
65:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:57:39:9B:C3:F6:1B:08:5F:D1:94:EA:BA:03:2E:AE:A1:D4:F0:03
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/hVc5m8P2Gwhf0ZTqugMurqHU8AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.237.0.0/16
145.31.0.0/16
145.45.0.0/17
145.50.0.0/16
194.104.116.0/22
IPv6:
2a13:e080::/32
Signature Algorithm: sha256WithRSAEncryption
11:61:df:15:30:ed:7b:41:07:c4:15:c6:3c:1a:15:72:3b:95:
20:c3:7d:84:76:5a:05:cd:80:6c:31:4d:cd:5e:a7:22:1d:58:
b2:8b:8a:71:6c:39:6f:96:57:7c:33:66:b9:57:3f:c0:3c:d3:
11:ad:b6:b9:6f:29:28:44:90:7e:76:ab:0c:f9:5d:4d:ce:b7:
ae:a9:38:84:87:b5:64:2f:02:13:3d:d8:d0:d8:1a:8a:ce:f8:
26:aa:13:d4:14:20:4e:56:62:0f:1e:09:65:da:56:f2:98:71:
a1:08:62:61:2c:4f:84:87:21:7f:6d:3c:ff:b6:af:6d:d4:1f:
b1:6c:bc:32:81:5f:8f:70:61:50:f2:d0:73:0f:5d:cc:c6:ef:
65:7f:ea:1b:67:7b:b7:60:d3:c0:fc:f6:e0:ae:3d:bb:e9:56:
12:62:d3:af:15:bc:7f:a2:ac:3c:34:bb:98:78:f5:88:96:32:
fe:e9:50:43:ce:8f:c3:28:cb:6b:66:b9:0b:c7:18:09:82:5a:
d6:43:73:91:b9:7b:7f:c5:04:84:79:44:c8:c3:69:67:4c:ba:
18:9a:8b:f1:3b:b4:b9:48:09:c2:93:f2:3a:7f:9b:93:5a:58:
6f:74:59:4c:d6:bb:7d:d2:6d:99:d2:e5:68:ee:58:74:3c:42:
15:03:6f:c3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZSxe3gQzfOfKg/9RjewsxVhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjUwMTI5MDk1NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTU3Mzk5YmMzZjYxYjA4NWZkMTk0ZWFiYTAzMmVhZWExZDRmMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/VCWWjw8Qo3uGGHQIqIz3HKWZ+b
A9je2KpOdilG5KPaDKMIDl/WI8b7r11m4WK4R0iYjJfqYYLVo0pHO+WlGGtTpLtM
ABNcr/syqYU+rHBigKGxR5X1o5qfFdQwlJ5dVGuXv1ks/H9IrKQ1CnjToCvvES+Y
iPYGbD2uQhgWUn0Q1d1ClWh+NAK0bPQNS2zY9V71VYxsUlbsQWqVgLaQwtUs9SCL
wwKfIMpd3e0r6h3zB73mtLJAVt2SiKBDlduLNLgpfkNI/UA2KbLyB3s7b8sMs0u8
XA46YkiwQx8YgCUOlr29WPwLSu9rTOKVOkVVDX/gG4Oomh3Q+xbcKxZlswIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIVXOZvD9hsIX9GU6roDLq6h1PADMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvaFZjNW04UDJHd2hmMFpUcXVnTXVycUhVOEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAhBAIAATAbAwMAg+0DAwCR
HwMEB5EtAAMDAJEyAwQCwmh0MA0EAgACMAcDBQAqE+CAMA0GCSqGSIb3DQEBCwUA
A4IBAQARYd8VMO17QQfEFcY8GhVyO5Ugw32EdloFzYBsMU3NXqciHViyi4pxbDlv
lld8M2a5Vz/APNMRrba5bykoRJB+dqsM+V1NzreuqTiEh7VkLwITPdjQ2BqKzvgm
qhPUFCBOVmIPHgll2lbymHGhCGJhLE+EhyF/bTz/tq9t1B+xbLwygV+PcGFQ8tBz
D13Mxu9lf+obZ3u3YNPA/Pbgrj276VYSYtOvFbx/oqw8NLuYePWIljL+6VBDzo/D
KMtrZrkLxxgJglrWQ3ORuXt/xQSEeUTIw2lnTLoYmovxO7S5SAnCk/I6f5uTWlhv
dFlM1rt90m2Z0uVo7lh0PEIVA2/D
-----END CERTIFICATE-----
Generated at Tue May 13 00:10:22 2025 by rpki-client