Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/59avmMM9O2PopcrxImzpm0u4vcI.roa
File: 59avmMM9O2PopcrxImzpm0u4vcI.roa (raw, json)
Hash identifier: nB9CjwBgsf6IjSLCZFmLDreuHxwr/e33imc7i8Y0/KI=
Subject key identifier: E7:D6:AF:98:C3:3D:3B:63:E8:A5:CA:F1:22:6C:E9:9B:4B:B8:BD:C2
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0196114FE186403C868B06C66D17268F4D85
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/59avmMM9O2PopcrxImzpm0u4vcI.roa
Signing time: Mon 07 Apr 2025 17:32:49 +0000
ROA not before: Mon 07 Apr 2025 17:32:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 64.188.99.0/24 maxlen: 24
77.239.127.0/24 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Apr 2025 18:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:11:4f:e1:86:40:3c:86:8b:06:c6:6d:17:26:8f:4d:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 7 17:32:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7d6af98c33d3b63e8a5caf1226ce99b4bb8bdc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:16:e9:82:94:93:21:ec:17:15:0b:9f:47:88:
7e:78:9d:8d:67:a9:04:8b:42:69:15:91:bd:29:18:
77:5b:51:f0:c9:5e:0a:a6:d3:37:71:7c:c9:f4:46:
12:1e:7e:dd:ea:67:ed:dd:9a:bc:6b:d1:0a:f4:3f:
06:83:36:9e:00:d3:19:43:e2:b3:3e:b0:96:b3:a6:
2a:f6:e4:81:b2:0a:af:15:6e:4d:1d:40:a2:57:7e:
60:ee:23:b0:cf:9a:91:4d:c9:59:b5:9d:54:67:51:
f6:9b:88:94:3c:30:b0:80:c0:31:33:c0:c7:c2:40:
c5:5b:c4:29:4d:30:55:3b:f0:43:ba:09:fd:e5:cf:
4b:d7:3b:ed:43:0a:b0:a2:27:97:df:3c:d1:88:60:
84:5b:b5:ad:8f:e3:37:c2:96:3b:cb:9e:96:e1:a5:
e2:36:c4:76:79:78:45:e2:5a:6f:d5:63:09:23:2b:
28:2b:de:8f:cd:03:a5:38:0c:2f:71:fa:5a:dc:d7:
79:50:6f:fb:0d:6a:02:ba:03:eb:76:aa:68:b2:cb:
f6:b8:c7:01:dc:09:e2:0a:46:fb:f8:31:cb:67:60:
f4:96:1e:b5:76:22:25:14:5f:40:84:d8:c3:23:dc:
ce:7e:9f:c9:fc:1e:6e:c0:f8:8a:84:52:4a:a4:e8:
af:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D6:AF:98:C3:3D:3B:63:E8:A5:CA:F1:22:6C:E9:9B:4B:B8:BD:C2
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/59avmMM9O2PopcrxImzpm0u4vcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.99.0/24
77.239.127.0/24
193.23.221.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:fd:5f:63:af:fd:b2:08:1c:37:c8:40:39:89:af:bd:ec:26:
43:f8:cf:dc:a1:a0:f2:eb:82:d2:a9:ad:df:1e:2b:eb:5e:c8:
b8:63:81:77:33:b8:69:1d:a3:aa:6f:c7:5c:22:59:6e:65:fe:
6f:63:07:d5:18:a2:2c:c7:c6:48:7a:23:34:0d:a7:10:01:5e:
a1:9a:ea:bd:41:93:66:0e:c3:fa:77:26:04:7f:ea:c1:31:6c:
0b:70:94:a7:e6:75:0b:00:53:b6:65:a7:63:21:fc:89:de:bd:
f8:37:9b:20:ce:9d:2a:fc:82:38:e9:16:ba:fb:1c:b9:0c:6b:
f6:99:5f:3f:48:36:9b:28:e8:28:e6:ca:2b:1a:26:84:c9:75:
da:66:8f:e0:ed:97:0d:e8:87:f7:1f:ba:ef:41:93:6b:79:be:
a8:4a:43:4c:68:9a:1d:d6:95:bd:76:c0:bb:38:0a:99:b4:be:
20:11:b2:de:74:08:2e:a6:36:34:4c:9f:f9:6c:59:7c:8b:16:
31:a7:37:46:56:8d:66:91:03:04:6a:9e:9d:67:c0:5d:8d:06:
2c:4b:e2:7f:2c:29:e3:55:aa:1b:ee:f1:86:bb:61:e1:55:81:
9c:82:c9:19:bb:f1:3c:7c:02:7a:ff:c2:5b:a5:d8:5d:bb:e8:
93:3a:14:5a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZYRT+GGQDyGiwbGbRcmj02FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNDA3MTczMjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Q2YWY5OGMzM2QzYjYzZThhNWNhZjEyMjZjZTk5YjRiYjhiZGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RbpgpSTIewXFQufR4h+eJ2NZ6kE
i0JpFZG9KRh3W1HwyV4KptM3cXzJ9EYSHn7d6mft3Zq8a9EK9D8GgzaeANMZQ+Kz
PrCWs6Yq9uSBsgqvFW5NHUCiV35g7iOwz5qRTclZtZ1UZ1H2m4iUPDCwgMAxM8DH
wkDFW8QpTTBVO/BDugn95c9L1zvtQwqwoieX3zzRiGCEW7Wtj+M3wpY7y56W4aXi
NsR2eXhF4lpv1WMJIysoK96PzQOlOAwvcfpa3Nd5UG/7DWoCugPrdqpossv2uMcB
3AniCkb7+DHLZ2D0lh61diIlFF9AhNjDI9zOfp/J/B5uwPiKhFJKpOiv4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOfWr5jDPTtj6KXK8SJs6ZtLuL3CMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNTlhdm1NTTlPMlBvcGNyeEltenBtMHU0dmNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAQLxjAwQA
Te9/AwQAwRfdMA0GCSqGSIb3DQEBCwUAA4IBAQB//V9jr/2yCBw3yEA5ia+97CZD
+M/coaDy64LSqa3fHivrXsi4Y4F3M7hpHaOqb8dcIlluZf5vYwfVGKIsx8ZIeiM0
DacQAV6hmuq9QZNmDsP6dyYEf+rBMWwLcJSn5nULAFO2ZadjIfyJ3r34N5sgzp0q
/II46Ra6+xy5DGv2mV8/SDabKOgo5sorGiaEyXXaZo/g7ZcN6If3H7rvQZNreb6o
SkNMaJod1pW9dsC7OAqZtL4gEbLedAgupjY0TJ/5bFl8ixYxpzdGVo1mkQMEap6d
Z8BdjQYsS+J/LCnjVaob7vGGu2HhVYGcgskZu/E8fAJ6/8Jbpdhdu+iTOhRa
-----END CERTIFICATE-----
Generated at Sun Apr 20 20:09:27 2025 by rpki-client