Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/htDNMi4gxdeX1tVpxOLrLfvoNR0.roa
File: htDNMi4gxdeX1tVpxOLrLfvoNR0.roa (raw, json)
Hash identifier: Ts8Toys2GY+5UO6VlhT37mZiouJN2drHX92LmCVB/ys=
Subject key identifier: 86:D0:CD:32:2E:20:C5:D7:97:D6:D5:69:C4:E2:EB:2D:FB:E8:35:1D
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B27E70B2C85B6A0A15FD1A94E3FC49
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/htDNMi4gxdeX1tVpxOLrLfvoNR0.roa
Signing time: Mon 14 Jul 2025 16:09:09 +0000
ROA not before: Mon 14 Jul 2025 16:09:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25227
IP address blocks: 185.244.175.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 15 Jul 2025 12:05:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b2:7e:70:b2:c8:5b:6a:0a:15:fd:1a:94:e3:fc:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:09:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=86d0cd322e20c5d797d6d569c4e2eb2dfbe8351d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:86:16:56:5e:fa:06:ac:dd:4a:f4:74:b9:97:
fd:c2:88:12:5b:1c:87:d1:d9:37:b3:58:63:f0:b4:
b8:e3:07:7b:ab:9f:a9:a9:63:52:c8:76:69:57:6e:
69:58:5b:f4:b0:53:1e:1b:fc:ee:35:9c:29:aa:bd:
3a:1c:ba:46:b7:f2:59:17:a7:c8:7f:53:ef:fa:e2:
b2:f4:b0:fd:5e:4a:7a:81:19:b5:82:9e:9f:3b:fe:
64:61:8a:c7:69:4c:fe:e7:f0:30:f8:ec:76:2e:5e:
3b:15:12:9b:db:d7:24:60:52:69:b4:50:91:d5:7e:
2c:ac:a8:1f:97:4d:d4:09:9e:84:10:d5:69:42:1a:
40:d5:d6:b6:4e:1e:94:8c:42:0f:a8:76:8e:9e:66:
ec:1b:c9:5f:84:59:95:55:fe:01:25:8c:af:fb:7e:
23:f0:3e:4f:a8:a0:40:9c:8c:02:6c:1e:02:29:c9:
9e:55:a9:f3:68:0d:b8:f1:6c:80:37:5b:18:ab:96:
df:6e:45:46:ba:92:a0:13:24:11:ac:7d:96:90:f2:
7a:85:2b:d4:8e:a9:23:56:3a:29:76:66:0f:a4:d4:
48:62:ac:62:ff:9c:73:fc:4f:d2:bb:33:f6:b1:4e:
2f:07:f4:8c:1b:b3:1c:1f:c3:6c:94:1b:f0:64:e4:
a8:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:D0:CD:32:2E:20:C5:D7:97:D6:D5:69:C4:E2:EB:2D:FB:E8:35:1D
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/htDNMi4gxdeX1tVpxOLrLfvoNR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.175.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:a0:af:be:e5:59:de:0a:7d:9e:23:78:be:3c:e5:2b:ed:7f:
ff:22:92:ec:b9:02:f2:a7:64:b5:f3:55:8f:17:ba:5c:b6:72:
09:93:a4:e9:b1:79:e0:47:fc:58:5b:bb:59:d1:38:d5:23:23:
39:da:e3:b3:6f:60:f6:12:62:ed:12:03:b1:8a:b7:e2:0e:cb:
93:1e:4a:46:88:92:69:b7:aa:f2:86:ee:8d:67:1a:4a:18:af:
eb:4d:8d:89:5e:21:06:35:bd:7b:d9:67:ce:90:60:db:66:9b:
26:24:a4:c6:e4:a6:1a:3e:ca:47:d5:37:20:a5:d0:00:14:0f:
b7:8e:99:8b:6f:61:0f:04:0e:4f:c8:ea:87:d8:42:ee:df:c0:
7e:26:6a:ea:f9:36:40:a8:be:1b:74:14:05:5f:7f:39:43:f6:
bb:50:fc:78:a5:b8:95:d0:6b:8a:b1:fb:6f:2d:60:34:6d:f8:
27:33:c6:d4:83:72:64:0c:ba:33:db:05:df:db:55:64:9b:eb:
a4:98:a6:2d:43:ac:4d:3d:d0:43:2b:ca:34:a7:f9:cf:79:fd:
cd:33:79:3d:e8:bb:89:f5:90:4b:0d:fe:46:19:76:c9:7d:6b:
16:c4:1f:f6:70:27:a4:d4:a8:33:cf:2e:23:c5:2b:78:9c:27:
f0:92:2a:65
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgJsn5wsshbagoV/RqU4/xJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYwOTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmQwY2QzMjJlMjBjNWQ3OTdkNmQ1NjljNGUyZWIyZGZiZTgzNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4YWVl76BqzdSvR0uZf9wogSWxyH
0dk3s1hj8LS44wd7q5+pqWNSyHZpV25pWFv0sFMeG/zuNZwpqr06HLpGt/JZF6fI
f1Pv+uKy9LD9Xkp6gRm1gp6fO/5kYYrHaUz+5/Aw+Ox2Ll47FRKb29ckYFJptFCR
1X4srKgfl03UCZ6EENVpQhpA1da2Th6UjEIPqHaOnmbsG8lfhFmVVf4BJYyv+34j
8D5PqKBAnIwCbB4CKcmeVanzaA248WyAN1sYq5bfbkVGupKgEyQRrH2WkPJ6hSvU
jqkjVjopdmYPpNRIYqxi/5xz/E/SuzP2sU4vB/SMG7McH8NslBvwZOSokQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIbQzTIuIMXXl9bVacTi6y376DUdMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvaHRETk1pNGd4ZGVYMXRWcHhPTHJMZnZvTlIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufSvMA0G
CSqGSIb3DQEBCwUAA4IBAQB/oK++5VneCn2eI3i+POUr7X//IpLsuQLyp2S181WP
F7pctnIJk6TpsXngR/xYW7tZ0TjVIyM52uOzb2D2EmLtEgOxirfiDsuTHkpGiJJp
t6ryhu6NZxpKGK/rTY2JXiEGNb172WfOkGDbZpsmJKTG5KYaPspH1TcgpdAAFA+3
jpmLb2EPBA5PyOqH2ELu38B+Jmrq+TZAqL4bdBQFX385Q/a7UPx4pbiV0GuKsftv
LWA0bfgnM8bUg3JkDLoz2wXf21Vkm+ukmKYtQ6xNPdBDK8o0p/nPef3NM3k96LuJ
9ZBLDf5GGXbJfWsWxB/2cCek1Kgzzy4jxSt4nCfwkipl
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:39:51 2025 by rpki-client