Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/L8ExvpJwVSSgSZHb48a5nrMohF0.roa
File: L8ExvpJwVSSgSZHb48a5nrMohF0.roa (raw, json)
Hash identifier: pYswMsEu4rhc4HqEc8HNn53PFcxJ3ONwWnjUsZ/pF1M=
Subject key identifier: 2F:C1:31:BE:92:70:55:24:A0:49:91:DB:E3:C6:B9:9E:B3:28:84:5D
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0195008EA36E98FA0509B08B71333EA04D5F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/L8ExvpJwVSSgSZHb48a5nrMohF0.roa
Signing time: Thu 13 Feb 2025 18:25:02 +0000
ROA not before: Thu 13 Feb 2025 18:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215232
IP address blocks: 64.188.99.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 21:44:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:00:8e:a3:6e:98:fa:05:09:b0:8b:71:33:3e:a0:4d:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 13 18:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fc131be92705524a04991dbe3c6b99eb328845d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:38:bb:d5:bd:9c:7c:04:6c:f2:49:01:77:70:
72:22:71:03:67:c1:00:51:f9:2d:19:48:bf:00:df:
d6:8d:02:18:70:27:46:be:3e:e3:6c:d3:08:e2:74:
20:d4:69:1b:c0:ca:12:16:52:48:f5:24:b8:b4:68:
3e:03:1e:b1:6f:67:ca:39:62:04:16:9a:71:a8:6e:
2d:9c:71:da:b9:c0:4a:72:11:cb:f1:a6:56:d2:6b:
a7:6c:ce:5b:bc:b5:08:52:da:83:46:e6:2e:c1:f2:
5f:9c:93:08:d7:b5:a6:d0:29:ea:c4:da:17:18:ee:
59:52:b9:f5:6e:72:46:0f:3c:d6:79:70:d6:ca:06:
db:dc:ce:7f:60:2d:12:04:4c:ca:8b:ec:86:49:c1:
0d:d0:b6:96:2f:e3:4a:41:fb:8d:36:f2:9a:44:17:
1f:d7:28:8c:f2:23:18:76:4f:73:1a:bb:02:a6:55:
6b:b3:ea:36:c8:3c:d2:93:40:84:79:22:3c:4d:1c:
8f:14:e0:57:38:7e:54:b3:b7:70:24:33:4d:2d:d3:
69:38:bf:d3:8d:5a:05:48:57:60:e9:2f:d1:23:3c:
dd:39:73:b9:72:41:fc:25:03:1b:06:68:62:73:ab:
af:ab:96:c3:1c:05:01:e2:7d:d9:70:97:62:b7:0f:
72:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:C1:31:BE:92:70:55:24:A0:49:91:DB:E3:C6:B9:9E:B3:28:84:5D
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/L8ExvpJwVSSgSZHb48a5nrMohF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.99.0/24
Signature Algorithm: sha256WithRSAEncryption
50:9f:53:12:d6:f1:b6:95:01:12:73:bb:cb:a1:92:c1:05:b6:
d4:d4:74:0a:35:b0:96:a6:27:9d:69:4b:e8:49:43:d7:65:37:
5e:d8:b6:05:03:bd:96:a3:6b:a9:8b:15:8a:8f:80:16:a4:c5:
8e:82:90:6e:43:55:01:e4:18:75:c2:92:5c:5f:6e:3b:28:34:
17:bf:da:2a:ba:b8:ec:f0:fc:36:ab:00:bc:a4:08:28:f5:8e:
7f:f5:a7:d3:d2:6a:cb:8e:43:e2:e4:bf:3a:c4:d8:11:ca:c1:
d7:01:ac:f1:63:64:38:2a:8f:79:39:96:3f:1e:00:a5:94:cc:
ac:9a:32:43:21:bf:d1:5b:f5:44:27:be:c2:bf:67:89:db:0e:
7b:4d:83:2d:62:0e:00:16:0f:e0:c9:a5:b7:4f:d5:15:47:a0:
bf:78:9a:d6:ba:69:63:f8:b0:c9:30:a4:23:b8:86:eb:22:de:
e3:bf:95:4e:dd:c8:be:b9:59:fb:81:48:6f:b6:c9:a4:6f:dc:
06:20:48:21:9d:69:10:3c:4e:d3:c6:20:5b:0e:dc:13:46:1d:
e4:d6:7f:6a:49:e8:4d:27:c7:46:f4:02:e1:3a:40:ff:e6:1d:
36:d3:b8:9f:a8:d9:79:88:2d:0a:3c:35:12:55:3b:f5:76:bb:
2f:29:c3:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUAjqNumPoFCbCLcTM+oE1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjEzMTgyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmMxMzFiZTkyNzA1NTI0YTA0OTkxZGJlM2M2Yjk5ZWIzMjg4NDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ji71b2cfARs8kkBd3ByInEDZ8EA
UfktGUi/AN/WjQIYcCdGvj7jbNMI4nQg1GkbwMoSFlJI9SS4tGg+Ax6xb2fKOWIE
FppxqG4tnHHaucBKchHL8aZW0munbM5bvLUIUtqDRuYuwfJfnJMI17Wm0CnqxNoX
GO5ZUrn1bnJGDzzWeXDWygbb3M5/YC0SBEzKi+yGScEN0LaWL+NKQfuNNvKaRBcf
1yiM8iMYdk9zGrsCplVrs+o2yDzSk0CEeSI8TRyPFOBXOH5Us7dwJDNNLdNpOL/T
jVoFSFdg6S/RIzzdOXO5ckH8JQMbBmhic6uvq5bDHAUB4n3ZcJditw9yWQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC/BMb6ScFUkoEmR2+PGuZ6zKIRdMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvTDhFeHZwSndWU1NnU1pIYjQ4YTVuck1vaEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQLxjMA0G
CSqGSIb3DQEBCwUAA4IBAQBQn1MS1vG2lQESc7vLoZLBBbbU1HQKNbCWpiedaUvo
SUPXZTde2LYFA72Wo2upixWKj4AWpMWOgpBuQ1UB5Bh1wpJcX247KDQXv9oqurjs
8Pw2qwC8pAgo9Y5/9afT0mrLjkPi5L86xNgRysHXAazxY2Q4Ko95OZY/HgCllMys
mjJDIb/RW/VEJ77Cv2eJ2w57TYMtYg4AFg/gyaW3T9UVR6C/eJrWumlj+LDJMKQj
uIbrIt7jv5VO3ci+uVn7gUhvtsmkb9wGIEghnWkQPE7TxiBbDtwTRh3k1n9qSehN
J8dG9ALhOkD/5h0207ifqNl5iC0KPDUSVTv1drsvKcN3
-----END CERTIFICATE-----
Generated at Sat Apr 19 17:40:56 2025 by rpki-client