Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/1HKVusm2FzyeXEwL74oXA3KHfp0.roa
File: 1HKVusm2FzyeXEwL74oXA3KHfp0.roa (raw, json)
Hash identifier: mwtuibH1jBIF9StKkNmvkfurryVfhjGq4I5WZsKrz7s=
Subject key identifier: D4:72:95:BA:C9:B6:17:3C:9E:5C:4C:0B:EF:8A:17:03:72:87:7E:9D
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 0197EAAA74E067E69B9DE4E8167722A09B74
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/1HKVusm2FzyeXEwL74oXA3KHfp0.roa
Signing time: Tue 08 Jul 2025 15:32:08 +0000
ROA not before: Tue 08 Jul 2025 15:32:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 53667
IP address blocks: 65.111.0.0/19 maxlen: 19
104.167.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 11:30:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:aa:74:e0:67:e6:9b:9d:e4:e8:16:77:22:a0:9b:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Jul 8 15:32:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d47295bac9b6173c9e5c4c0bef8a170372877e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:5b:8c:6d:06:ff:d6:0b:08:97:a4:6d:21:88:
1f:5d:03:48:79:04:fd:00:2d:b7:82:e9:18:1c:04:
5d:9e:77:d9:52:d7:f5:a9:f3:1f:0a:ba:50:e0:79:
b9:52:df:68:5a:d3:85:04:f4:6d:79:44:4d:83:12:
c3:01:aa:2d:9a:50:a6:8d:fb:8c:e9:50:27:cc:02:
4b:b4:43:a0:8e:cb:b4:ee:2a:b2:2d:ed:33:b0:07:
1f:62:20:82:73:09:9d:64:25:9e:ee:36:af:e5:90:
db:89:bc:89:ea:a7:72:ec:1e:e8:b0:da:a7:ec:78:
5a:97:df:54:6e:c8:d8:83:7a:ef:02:cb:c7:8f:0e:
e4:82:85:ed:e0:5d:1d:4b:df:3f:ec:ad:6e:2c:7b:
1f:90:b9:c4:f7:14:bd:59:27:c5:08:51:c2:f8:c8:
19:74:31:24:dd:e6:64:9c:0c:93:c7:8c:e5:96:91:
d5:2c:bf:28:22:0e:34:df:0b:8a:5f:74:09:27:55:
40:91:17:3e:3d:79:7e:3c:3e:67:b7:0d:c2:6b:bc:
4b:73:80:a0:b8:82:39:e8:7a:01:cb:e9:14:94:13:
f4:fc:f2:c6:b3:02:fc:62:06:b3:97:91:e9:10:dc:
72:48:45:20:47:ff:e9:c6:69:79:d6:c7:1f:3f:8d:
b3:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:72:95:BA:C9:B6:17:3C:9E:5C:4C:0B:EF:8A:17:03:72:87:7E:9D
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/1HKVusm2FzyeXEwL74oXA3KHfp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
65.111.0.0/19
104.167.19.0/24
Signature Algorithm: sha256WithRSAEncryption
80:b6:7f:11:ab:3e:40:93:0b:a2:ad:0d:5e:25:e4:6d:35:f2:
a0:38:42:dc:b0:cd:43:95:31:96:89:64:98:ea:fe:1a:33:18:
13:76:9f:42:72:a5:77:27:63:c0:01:74:01:19:c2:76:59:54:
c4:60:ca:49:bb:5c:3a:51:ce:83:fc:00:71:49:c0:d3:d5:aa:
27:5e:71:c7:c4:72:ef:4d:37:c5:98:53:6a:f6:9a:f4:6d:c2:
30:7e:51:05:7d:13:c0:7c:a9:04:ce:0e:1f:89:c4:a3:ba:7c:
91:64:a6:f7:63:83:b6:17:eb:9d:09:35:93:6a:ac:4f:ac:97:
cc:58:09:64:a5:e9:5c:a4:fb:b6:a1:4b:98:86:2e:21:78:b4:
89:ac:9a:69:2c:ba:ec:ba:51:6f:d1:48:c3:19:a3:c9:fd:dc:
07:08:64:d8:24:bd:6e:fb:2b:b5:70:98:1f:ff:88:40:f9:ec:
97:ae:3b:ba:f6:a8:b6:67:70:3a:17:3a:8b:a3:a9:25:b8:92:
3c:1d:33:fb:b8:d8:a3:38:9a:01:2e:be:70:fe:8e:29:f5:2f:
23:81:75:dd:e7:a1:9b:7f:2e:3a:cd:2d:89:ee:df:f3:83:4b:
df:6b:1a:f6:39:8c:3f:f7:e0:b8:8f:ac:37:29:57:8e:a5:50:
8b:13:aa:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfqqnTgZ+abneToFncioJt0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjUwNzA4MTUzMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDcyOTViYWM5YjYxNzNjOWU1YzRjMGJlZjhhMTcwMzcyODc3ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwluMbQb/1gsIl6RtIYgfXQNIeQT9
AC23gukYHARdnnfZUtf1qfMfCrpQ4Hm5Ut9oWtOFBPRteURNgxLDAaotmlCmjfuM
6VAnzAJLtEOgjsu07iqyLe0zsAcfYiCCcwmdZCWe7jav5ZDbibyJ6qdy7B7osNqn
7Hhal99UbsjYg3rvAsvHjw7kgoXt4F0dS98/7K1uLHsfkLnE9xS9WSfFCFHC+MgZ
dDEk3eZknAyTx4zllpHVLL8oIg403wuKX3QJJ1VAkRc+PXl+PD5ntw3Ca7xLc4Cg
uII56HoBy+kUlBP0/PLGswL8Ygazl5HpENxySEUgR//pxml51scfP42z1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNRylbrJthc8nlxMC++KFwNyh36dMB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvMUhLVnVzbTJGenllWEV3TDc0b1hBM0tIZnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFQW8AAwQA
aKcTMA0GCSqGSIb3DQEBCwUAA4IBAQCAtn8Rqz5AkwuirQ1eJeRtNfKgOELcsM1D
lTGWiWSY6v4aMxgTdp9CcqV3J2PAAXQBGcJ2WVTEYMpJu1w6Uc6D/ABxScDT1aon
XnHHxHLvTTfFmFNq9pr0bcIwflEFfRPAfKkEzg4ficSjunyRZKb3Y4O2F+udCTWT
aqxPrJfMWAlkpelcpPu2oUuYhi4heLSJrJppLLrsulFv0UjDGaPJ/dwHCGTYJL1u
+yu1cJgf/4hA+eyXrju69qi2Z3A6FzqLo6kluJI8HTP7uNijOJoBLr5w/o4p9S8j
gXXd56Gbfy46zS2J7t/zg0vfaxr2OYw/9+C4j6w3KVeOpVCLE6pL
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:19:45 2025 by rpki-client