Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/HFwiEyJd8ks87B4GES0cDKKzjMk.roa
File: HFwiEyJd8ks87B4GES0cDKKzjMk.roa (raw, json)
Hash identifier: FBpwGykUuZMc7MU+BoeSWmLMhkvhuTRrLAAbnMe/AYU=
Subject key identifier: 1C:5C:22:13:22:5D:F2:4B:3C:EC:1E:06:11:2D:1C:0C:A2:B3:8C:C9
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 0197C9B92608AAC9A830CC2BBB73E9C3EE8C
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/HFwiEyJd8ks87B4GES0cDKKzjMk.roa
Signing time: Wed 02 Jul 2025 06:00:43 +0000
ROA not before: Wed 02 Jul 2025 06:00:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12302
IP address blocks: 80.96.1.0/24 maxlen: 24
80.96.22.0/24 maxlen: 24
80.96.96.0/23 maxlen: 24
80.96.104.0/24 maxlen: 24
80.96.129.0/24 maxlen: 24
80.96.134.0/23 maxlen: 23
80.96.150.0/24 maxlen: 24
80.96.151.0/24 maxlen: 24
80.96.164.0/23 maxlen: 24
80.96.177.0/24 maxlen: 24
80.96.184.0/24 maxlen: 24
80.96.206.0/24 maxlen: 24
81.181.16.0/22 maxlen: 24
81.181.40.0/22 maxlen: 22
81.181.45.0/24 maxlen: 24
81.181.46.0/23 maxlen: 23
81.181.74.0/23 maxlen: 23
85.120.158.0/24 maxlen: 24
193.226.3.0/24 maxlen: 24
193.226.30.0/24 maxlen: 24
193.226.42.0/23 maxlen: 23
193.226.47.0/24 maxlen: 24
193.226.58.0/24 maxlen: 24
193.226.83.0/24 maxlen: 24
193.226.100.0/24 maxlen: 24
193.226.105.0/24 maxlen: 24
193.230.129.0/24 maxlen: 24
193.230.160.0/24 maxlen: 24
193.230.161.0/24 maxlen: 24
193.230.162.0/24 maxlen: 24
193.230.163.0/24 maxlen: 24
193.230.166.0/24 maxlen: 24
193.230.167.0/24 maxlen: 24
193.230.168.0/24 maxlen: 24
193.230.169.0/24 maxlen: 24
193.230.174.0/24 maxlen: 24
193.230.177.0/24 maxlen: 24
193.230.193.0/24 maxlen: 24
193.230.202.0/24 maxlen: 24
193.230.203.0/24 maxlen: 24
193.230.240.0/24 maxlen: 24
193.230.247.0/24 maxlen: 24
193.231.82.0/24 maxlen: 24
193.231.96.0/24 maxlen: 24
193.231.120.0/24 maxlen: 24
193.231.121.0/24 maxlen: 24
193.231.126.0/24 maxlen: 24
193.231.180.0/22 maxlen: 24
193.231.255.0/24 maxlen: 24
194.102.87.0/24 maxlen: 24
194.102.90.0/24 maxlen: 24
217.156.10.0/24 maxlen: 24
217.156.34.0/24 maxlen: 24
217.156.43.0/24 maxlen: 24
217.156.63.0/24 maxlen: 24
217.156.73.0/24 maxlen: 24
217.156.98.0/24 maxlen: 24
217.156.110.0/24 maxlen: 24
217.156.116.0/24 maxlen: 24
217.156.117.0/24 maxlen: 24
217.156.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Jul 2025 13:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c9:b9:26:08:aa:c9:a8:30:cc:2b:bb:73:e9:c3:ee:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Jul 2 06:00:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c5c2213225df24b3cec1e06112d1c0ca2b38cc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f2:ce:6f:ef:c9:30:92:3d:1c:01:ed:0f:a8:
dd:b2:34:fd:00:f7:9f:e0:67:88:bb:21:31:e8:a9:
48:eb:99:7b:00:2a:b4:11:b8:f5:89:7c:e6:a4:8d:
a1:aa:c4:96:3d:92:df:31:12:cc:9d:7d:1d:6d:32:
e5:b6:7f:c2:41:81:0d:2f:41:09:31:56:2e:4a:1d:
11:8a:a4:47:79:68:95:80:c7:0e:25:b8:7c:af:1a:
41:06:ab:82:cf:44:e4:cd:d3:ad:45:a6:ab:b7:26:
0a:65:98:49:20:0f:db:a5:39:ca:f2:ac:b8:e1:60:
d5:98:fd:08:a2:20:aa:5a:d9:8c:ab:79:ec:be:bd:
84:9e:51:ff:c1:74:ad:04:ab:f7:b4:3a:0a:3a:8b:
c5:8f:63:61:36:65:44:1a:1b:c5:67:10:53:b3:f3:
7c:d5:1e:2d:5f:34:73:c0:26:d8:85:74:2d:ee:4c:
36:70:52:14:fe:31:46:47:27:b2:57:a9:59:4c:b1:
07:ad:d1:81:17:0e:26:8f:c0:db:a5:ce:f0:e7:32:
b5:20:82:e2:de:e2:fa:55:5c:71:85:da:1a:6c:50:
7f:c7:8f:f3:6c:ed:88:0d:1f:73:1b:e6:23:ea:73:
3a:39:c9:a5:94:ea:e1:00:d2:5e:b4:b8:5f:13:c8:
a9:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:5C:22:13:22:5D:F2:4B:3C:EC:1E:06:11:2D:1C:0C:A2:B3:8C:C9
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/HFwiEyJd8ks87B4GES0cDKKzjMk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.1.0/24
80.96.22.0/24
80.96.96.0/23
80.96.104.0/24
80.96.129.0/24
80.96.134.0/23
80.96.150.0/23
80.96.164.0/23
80.96.177.0/24
80.96.184.0/24
80.96.206.0/24
81.181.16.0/22
81.181.40.0/22
81.181.45.0-81.181.47.255
81.181.74.0/23
85.120.158.0/24
193.226.3.0/24
193.226.30.0/24
193.226.42.0/23
193.226.47.0/24
193.226.58.0/24
193.226.83.0/24
193.226.100.0/24
193.226.105.0/24
193.230.129.0/24
193.230.160.0/22
193.230.166.0-193.230.169.255
193.230.174.0/24
193.230.177.0/24
193.230.193.0/24
193.230.202.0/23
193.230.240.0/24
193.230.247.0/24
193.231.82.0/24
193.231.96.0/24
193.231.120.0/23
193.231.126.0/24
193.231.180.0/22
193.231.255.0/24
194.102.87.0/24
194.102.90.0/24
217.156.10.0/24
217.156.34.0/24
217.156.43.0/24
217.156.63.0/24
217.156.73.0/24
217.156.98.0/24
217.156.110.0/24
217.156.116.0/23
217.156.120.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:3a:6d:78:5e:cf:70:92:21:23:74:91:00:a3:c2:13:1c:0c:
1b:af:ad:93:7b:ab:07:95:df:99:c0:0a:39:1c:a4:e1:7f:14:
0c:c4:63:f9:53:c3:c2:60:fc:b8:84:97:c4:23:4e:6f:c1:f3:
d4:3e:54:69:75:90:ed:8d:b3:1f:89:04:6f:c8:c3:a2:ca:73:
b9:85:dc:cd:29:7d:82:b3:1b:8b:0d:af:cb:96:e0:55:56:7a:
bd:b5:c2:b5:7c:59:53:75:4c:f4:58:e1:22:c8:50:54:85:ed:
a7:66:f5:6e:b3:d7:60:69:50:69:5a:7f:c9:dc:06:72:4d:b9:
97:80:23:04:78:40:b0:e9:69:d3:2f:45:48:19:01:13:47:cf:
ee:30:f5:b4:ff:42:5c:00:93:9b:2a:5a:49:f7:e6:dd:c5:36:
a7:3b:be:39:11:2b:59:fb:7a:99:7f:34:06:4a:64:7c:b1:e5:
c1:65:21:2b:93:9f:77:d5:59:d9:1b:a5:b9:5b:b6:c1:fe:27:
42:6c:fa:1f:66:88:34:07:db:e3:9d:c4:8e:e6:cc:4b:2a:47:
54:5e:25:de:cd:f4:0b:32:e4:e3:bf:2c:36:54:4f:35:86:fa:
50:c6:5d:b9:b2:93:1b:ee:b8:21:45:19:06:a6:4d:55:12:e5:
a2:36:ba:81
-----BEGIN CERTIFICATE-----
MIIGPTCCBSWgAwIBAgISAZfJuSYIqsmoMMwru3Ppw+6MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjUwNzAyMDYwMDQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzVjMjIxMzIyNWRmMjRiM2NlYzFlMDYxMTJkMWMwY2EyYjM4Y2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPLOb+/JMJI9HAHtD6jdsjT9APef
4GeIuyEx6KlI65l7ACq0Ebj1iXzmpI2hqsSWPZLfMRLMnX0dbTLltn/CQYENL0EJ
MVYuSh0RiqRHeWiVgMcOJbh8rxpBBquCz0TkzdOtRaartyYKZZhJIA/bpTnK8qy4
4WDVmP0IoiCqWtmMq3nsvr2EnlH/wXStBKv3tDoKOovFj2NhNmVEGhvFZxBTs/N8
1R4tXzRzwCbYhXQt7kw2cFIU/jFGRyeyV6lZTLEHrdGBFw4mj8Dbpc7w5zK1IILi
3uL6VVxxhdoabFB/x4/zbO2IDR9zG+Yj6nM6OcmllOrhANJetLhfE8ipZwIDAQAB
o4IDSTCCA0UwHQYDVR0OBBYEFBxcIhMiXfJLPOweBhEtHAyis4zJMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvSEZ3aUV5SmQ4a3M4N0I0R0VTMGNES0t6ak1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBXQYIKwYBBQUHAQcBAf8EggFMMIIBSDCCAUQEAgABMIIB
PAMEAFBgAQMEAFBgFgMEAVBgYAMEAFBgaAMEAFBggQMEAVBghgMEAVBglgMEAVBg
pAMEAFBgsQMEAFBguAMEAFBgzgMEAlG1EAMEAlG1KDAMAwQAUbUtAwQEUbUgAwQB
UbVKAwQAVXieAwQAweIDAwQAweIeAwQBweIqAwQAweIvAwQAweI6AwQAweJTAwQA
weJkAwQAweJpAwQAweaBAwQCweagMAwDBAHB5qYDBAHB5qgDBADB5q4DBADB5rED
BADB5sEDBAHB5soDBADB5vADBADB5vcDBADB51IDBADB52ADBAHB53gDBADB534D
BALB57QDBADB5/8DBADCZlcDBADCZloDBADZnAoDBADZnCIDBADZnCsDBADZnD8D
BADZnEkDBADZnGIDBADZnG4DBAHZnHQDBADZnHgwDQYJKoZIhvcNAQELBQADggEB
AI46bXhez3CSISN0kQCjwhMcDBuvrZN7qweV35nACjkcpOF/FAzEY/lTw8Jg/LiE
l8QjTm/B89Q+VGl1kO2Nsx+JBG/Iw6LKc7mF3M0pfYKzG4sNr8uW4FVWer21wrV8
WVN1TPRY4SLIUFSF7adm9W6z12BpUGlaf8ncBnJNuZeAIwR4QLDpadMvRUgZARNH
z+4w9bT/QlwAk5sqWkn35t3FNqc7vjkRK1n7epl/NAZKZHyx5cFlISuTn3fVWdkb
pblbtsH+J0Js+h9miDQH2+OdxI7mzEsqR1ReJd7N9Asy5OO/LDZUTzWG+lDGXbmy
kxvuuCFFGQamTVUS5aI2uoE=
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:02:03 2025 by rpki-client