Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/THYbzR_BBXGUMLQ1R1PXbl66kPo.roa
File: THYbzR_BBXGUMLQ1R1PXbl66kPo.roa (raw, json)
Hash identifier: W3lV5LrHG1vfdmq6KmotJTHwKIWZ7koQwCyeJLBN8cw=
Subject key identifier: 4C:76:1B:CD:1F:C1:05:71:94:30:B4:35:47:53:D7:6E:5E:BA:90:FA
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 0198137F651FC84F982BAA1B967FF9C7239F
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/THYbzR_BBXGUMLQ1R1PXbl66kPo.roa
Signing time: Wed 16 Jul 2025 13:49:32 +0000
ROA not before: Wed 16 Jul 2025 13:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204878
IP address blocks: 212.193.152.0/23 maxlen: 23
212.193.152.0/24 maxlen: 24
212.193.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Jul 2025 13:51:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:7f:65:1f:c8:4f:98:2b:aa:1b:96:7f:f9:c7:23:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Jul 16 13:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c761bcd1fc105719430b4354753d76e5eba90fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:11:fc:40:e7:0f:f4:88:1b:41:14:b0:8a:38:
3d:ca:88:ab:b7:67:b8:24:77:19:e8:c9:42:c5:fe:
8d:52:20:cf:fb:6f:dc:0c:98:5e:20:57:eb:81:4a:
19:53:f9:ff:ce:1b:33:c7:98:33:45:0b:f3:bb:51:
5e:d6:60:5a:66:32:f2:3c:6d:2b:ed:4d:8b:c4:d7:
db:54:1f:30:d6:2c:41:4e:d6:c4:22:12:9c:bf:91:
80:9a:55:20:53:55:06:fa:e5:3d:00:31:35:cc:a7:
0b:ac:a4:ee:72:a8:bb:23:bb:75:ae:fe:f1:2a:a4:
52:ae:df:14:fb:8b:e8:ff:cf:f7:84:6b:15:c5:c2:
94:6a:11:ed:e6:27:43:dd:00:f6:a7:f9:2c:44:74:
d6:3e:14:f8:3c:a5:97:3a:0a:4a:37:fc:19:57:0a:
0e:d8:ba:9f:b5:2f:f0:3b:32:5f:38:e3:85:68:7e:
c3:71:b6:b1:07:5a:94:9f:01:85:f3:9a:c8:ed:37:
af:2c:90:33:79:dd:c6:d6:c3:e7:46:8b:65:c3:12:
87:64:b5:94:7c:1d:68:c5:03:9b:e3:8a:95:bd:67:
49:31:e7:be:6d:64:30:eb:93:07:f6:20:1f:25:1e:
7d:e3:5e:ba:7b:66:4b:04:03:2e:1d:96:4d:43:c7:
38:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:76:1B:CD:1F:C1:05:71:94:30:B4:35:47:53:D7:6E:5E:BA:90:FA
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/THYbzR_BBXGUMLQ1R1PXbl66kPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.193.152.0/23
Signature Algorithm: sha256WithRSAEncryption
12:12:ed:33:aa:aa:2b:bf:04:2c:fe:d2:6f:e0:25:92:b2:a5:
ca:2f:42:45:2d:20:d4:a5:df:08:40:52:39:f3:f6:27:29:58:
e2:7b:13:ed:e2:4f:92:b3:99:09:61:06:d5:38:eb:a7:b5:d5:
87:18:59:a2:9d:a1:a8:69:eb:63:f3:4d:58:5c:ac:20:c9:4a:
14:1c:c5:83:38:4c:c8:80:a6:da:d8:90:58:53:69:c9:5a:63:
32:05:ad:29:f4:94:33:70:4a:c0:a1:dd:43:c1:ba:91:d9:cb:
94:fb:f9:61:40:ae:05:06:58:21:20:8a:93:ce:bf:59:37:e6:
ea:58:8b:ab:2c:ea:d9:2a:85:69:97:0a:2b:58:32:fe:8b:b3:
8a:e4:64:bf:aa:b1:c5:84:90:87:13:79:f2:a0:c7:29:b2:11:
59:30:bd:07:9e:4c:55:51:f0:92:ea:30:56:70:b0:4a:3b:8d:
8a:a0:46:41:fb:61:ec:96:fd:17:9d:f8:de:61:43:54:e3:33:
75:75:42:99:10:14:aa:5c:39:d1:5f:32:21:e9:ce:35:b3:8f:
55:f0:83:62:49:f9:02:32:25:42:14:a1:2f:9b:98:08:68:ee:
21:b7:d3:d8:2d:07:43:ed:54:cb:11:51:9a:37:ae:9f:31:44:
99:9d:7c:a9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgTf2UfyE+YK6obln/5xyOfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjUwNzE2MTM0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzc2MWJjZDFmYzEwNTcxOTQzMGI0MzU0NzUzZDc2ZTVlYmE5MGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxH8QOcP9IgbQRSwijg9yoirt2e4
JHcZ6MlCxf6NUiDP+2/cDJheIFfrgUoZU/n/zhszx5gzRQvzu1Fe1mBaZjLyPG0r
7U2LxNfbVB8w1ixBTtbEIhKcv5GAmlUgU1UG+uU9ADE1zKcLrKTucqi7I7t1rv7x
KqRSrt8U+4vo/8/3hGsVxcKUahHt5idD3QD2p/ksRHTWPhT4PKWXOgpKN/wZVwoO
2LqftS/wOzJfOOOFaH7DcbaxB1qUnwGF85rI7TevLJAzed3G1sPnRotlwxKHZLWU
fB1oxQOb44qVvWdJMee+bWQw65MH9iAfJR594166e2ZLBAMuHZZNQ8c4AQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEx2G80fwQVxlDC0NUdT125eupD6MB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvVEhZYnpSX0JCWEdVTUxRMVIxUFhibDY2a1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB1MGYMA0G
CSqGSIb3DQEBCwUAA4IBAQASEu0zqqorvwQs/tJv4CWSsqXKL0JFLSDUpd8IQFI5
8/YnKVjiexPt4k+Ss5kJYQbVOOuntdWHGFminaGoaetj801YXKwgyUoUHMWDOEzI
gKba2JBYU2nJWmMyBa0p9JQzcErAod1DwbqR2cuU+/lhQK4FBlghIIqTzr9ZN+bq
WIurLOrZKoVplworWDL+i7OK5GS/qrHFhJCHE3nyoMcpshFZML0HnkxVUfCS6jBW
cLBKO42KoEZB+2Hslv0XnfjeYUNU4zN1dUKZEBSqXDnRXzIh6c41s49V8INiSfkC
MiVCFKEvm5gIaO4ht9PYLQdD7VTLEVGaN66fMUSZnXyp
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:25:08 2025 by rpki-client