Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/HGkAUrd6KzXmnnF_cMeRmczgoWU.roa
File: HGkAUrd6KzXmnnF_cMeRmczgoWU.roa (raw, json)
Hash identifier: 82XBBpmzlBrYMI7g+apyBKbzR+EHPybDpNjLvso+yG8=
Subject key identifier: 1C:69:00:52:B7:7A:2B:35:E6:9E:71:7F:70:C7:91:99:CC:E0:A1:65
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 0197AD93EEBC53A52C300CF4C17DC2BC3883
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/HGkAUrd6KzXmnnF_cMeRmczgoWU.roa
Signing time: Thu 26 Jun 2025 18:50:42 +0000
ROA not before: Thu 26 Jun 2025 18:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.61.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Jun 2025 07:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ad:93:ee:bc:53:a5:2c:30:0c:f4:c1:7d:c2:bc:38:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Jun 26 18:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c690052b77a2b35e69e717f70c79199cce0a165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:70:e1:11:ff:51:26:2d:8d:e2:6f:3b:6b:fc:
db:4d:91:73:9d:df:a8:39:03:8e:c5:5f:fe:ba:80:
46:78:6e:13:57:b8:98:7b:11:1d:46:13:f0:ad:06:
2c:98:3c:3a:48:99:8b:01:81:52:ff:62:47:00:a4:
e3:00:57:df:66:b5:2e:91:17:f8:fa:c4:de:86:35:
aa:47:81:9f:4b:22:02:a7:ad:03:48:e7:a6:8d:79:
47:b8:5f:87:b6:27:a6:24:f0:a0:ff:c7:ea:1f:02:
48:d2:ae:72:76:19:2e:8a:56:e9:93:c4:fa:5c:a1:
d9:0d:09:9d:48:0b:a5:4b:4a:24:c2:e7:1c:c4:1b:
db:d0:16:5a:e4:4c:12:7c:fd:4f:d9:50:cd:c1:97:
a6:1f:f3:51:0b:f5:dd:8e:80:a5:a8:43:a3:58:b7:
57:ae:d2:77:0d:7a:60:b3:31:fe:98:b6:ba:03:2f:
b5:1d:da:36:bd:cd:06:44:81:e9:8d:98:09:e8:0f:
8e:55:76:cc:c2:ff:78:b7:f3:67:ba:05:e5:83:59:
70:3a:b3:3f:1f:6c:f6:74:b6:d4:7e:d2:69:c2:d4:
eb:bd:2c:8e:2c:f1:1d:3f:e7:f4:9b:39:63:27:06:
3a:08:18:6a:af:64:7e:80:ce:6b:ca:cb:93:3d:93:
03:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:69:00:52:B7:7A:2B:35:E6:9E:71:7F:70:C7:91:99:CC:E0:A1:65
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/HGkAUrd6KzXmnnF_cMeRmczgoWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.61.0/24
Signature Algorithm: sha256WithRSAEncryption
65:da:3c:8a:c2:12:ba:f3:fb:9c:ce:14:0c:6d:1a:1f:5f:15:
f4:90:81:ce:60:e6:cc:4e:02:f8:fd:e6:81:78:b9:d4:aa:1a:
10:bb:3a:1e:c0:a8:59:1f:65:a6:bc:e7:76:cc:e8:4d:fc:87:
11:1f:1b:89:78:d1:f3:cc:c8:88:50:04:bc:4d:44:cc:7e:35:
bb:ab:81:23:5b:4b:ab:2b:36:60:4c:da:b9:db:11:bf:84:32:
4c:d9:22:e3:83:81:7a:e4:ef:f6:21:70:93:e8:7f:f0:65:e8:
2c:f4:42:1a:45:59:75:fc:89:d9:92:25:c5:e0:4f:4e:b7:09:
86:e1:0d:b5:2b:2f:22:01:8d:30:30:56:07:24:2d:7d:14:bc:
a0:a5:a2:fc:73:9f:08:f8:b6:0a:6a:ae:72:2f:a2:2c:d3:9f:
dd:bd:f9:97:bf:1e:c1:70:e3:26:16:5d:c9:a3:b3:14:7e:68:
b4:92:1e:54:20:36:4a:4a:fd:df:27:4a:62:8d:17:1b:ec:97:
91:12:a6:46:e1:aa:d5:b3:7d:13:cd:b2:94:04:f5:8c:58:d8:
98:fe:b4:a5:bf:45:e5:de:04:2f:0d:f4:11:a6:46:9d:7c:f2:
b5:99:6a:24:32:f2:53:56:7c:23:3f:11:8d:01:d8:92:14:06:
8e:36:ee:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZetk+68U6UsMAz0wX3CvDiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwNjI2MTg1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzY5MDA1MmI3N2EyYjM1ZTY5ZTcxN2Y3MGM3OTE5OWNjZTBhMTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvnDhEf9RJi2N4m87a/zbTZFznd+o
OQOOxV/+uoBGeG4TV7iYexEdRhPwrQYsmDw6SJmLAYFS/2JHAKTjAFffZrUukRf4
+sTehjWqR4GfSyICp60DSOemjXlHuF+HtiemJPCg/8fqHwJI0q5ydhkuilbpk8T6
XKHZDQmdSAulS0okwuccxBvb0BZa5EwSfP1P2VDNwZemH/NRC/XdjoClqEOjWLdX
rtJ3DXpgszH+mLa6Ay+1Hdo2vc0GRIHpjZgJ6A+OVXbMwv94t/NnugXlg1lwOrM/
H2z2dLbUftJpwtTrvSyOLPEdP+f0mzljJwY6CBhqr2R+gM5rysuTPZMDJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBxpAFK3eis15p5xf3DHkZnM4KFlMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvSEdrQVVyZDZLelhtbm5GX2NNZVJtY3pnb1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXo9MA0G
CSqGSIb3DQEBCwUAA4IBAQBl2jyKwhK68/uczhQMbRofXxX0kIHOYObMTgL4/eaB
eLnUqhoQuzoewKhZH2WmvOd2zOhN/IcRHxuJeNHzzMiIUAS8TUTMfjW7q4EjW0ur
KzZgTNq52xG/hDJM2SLjg4F65O/2IXCT6H/wZegs9EIaRVl1/InZkiXF4E9OtwmG
4Q21Ky8iAY0wMFYHJC19FLygpaL8c58I+LYKaq5yL6Is05/dvfmXvx7BcOMmFl3J
o7MUfmi0kh5UIDZKSv3fJ0pijRcb7JeREqZG4arVs30TzbKUBPWMWNiY/rSlv0Xl
3gQvDfQRpkadfPK1mWokMvJTVnwjPxGNAdiSFAaONu4U
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:05:28 2025 by rpki-client