Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/blYbGsJrK48Wm9-GD1sNTAK5n0k.roa
File: blYbGsJrK48Wm9-GD1sNTAK5n0k.roa (raw, json)
Hash identifier: 7H6TuB80/kUaL7LU81UpPks1CE3DWFHmGrbnBQBDvRA=
Subject key identifier: 6E:56:1B:1A:C2:6B:2B:8F:16:9B:DF:86:0F:5B:0D:4C:02:B9:9F:49
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0195E87311B5ACDFEF187324C1587A427DB3
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/blYbGsJrK48Wm9-GD1sNTAK5n0k.roa
Signing time: Sun 30 Mar 2025 19:06:50 +0000
ROA not before: Sun 30 Mar 2025 19:06:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213568
IP address blocks: 5.181.183.0/24 maxlen: 24
185.176.94.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Apr 2025 18:17:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e8:73:11:b5:ac:df:ef:18:73:24:c1:58:7a:42:7d:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Mar 30 19:06:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e561b1ac26b2b8f169bdf860f5b0d4c02b99f49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:40:b0:36:f2:90:9f:38:5a:5f:cf:a3:cf:32:
12:92:0a:49:c1:b1:af:89:7c:00:c1:30:e3:d8:c5:
f8:bd:92:ca:0c:70:0c:7f:e7:2b:2f:04:b3:2f:e2:
9a:f0:91:77:8a:8b:83:f7:f1:bb:d5:9d:3a:53:04:
a7:57:a9:20:07:bd:27:05:40:e1:0d:21:13:b7:0d:
18:48:45:a1:3f:4d:ff:bf:1a:0c:57:27:5a:83:b7:
e9:4b:f9:5c:16:13:fc:f9:0e:1f:dd:36:25:e4:a9:
97:84:04:89:d4:8d:54:fb:1c:e8:ac:47:24:41:67:
a6:ee:62:3a:11:2e:52:e6:10:c3:60:ff:5e:33:62:
5a:e0:15:4a:46:de:d8:7e:7d:9b:15:aa:4c:1c:4b:
49:5d:ca:bb:83:6e:82:a8:74:01:c9:29:01:57:7d:
86:f7:a4:3e:bd:2c:0d:10:fc:92:06:2d:8c:a3:a3:
26:3a:1b:09:62:8d:d1:05:88:56:54:b5:47:57:e9:
c3:1a:61:6c:4c:6f:cc:29:08:f2:c2:be:a4:b3:c0:
36:59:ba:58:16:d1:b4:ca:64:d7:7d:e8:5d:73:37:
98:3b:47:37:77:a9:59:1c:0d:4d:bb:cb:93:1f:85:
1c:7d:71:f1:da:e3:f2:53:e3:87:07:35:f1:f2:70:
38:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:56:1B:1A:C2:6B:2B:8F:16:9B:DF:86:0F:5B:0D:4C:02:B9:9F:49
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/blYbGsJrK48Wm9-GD1sNTAK5n0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.183.0/24
185.176.94.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:d8:d9:8c:9e:09:8a:d1:08:a9:92:0d:c7:8a:50:60:06:0e:
ea:87:34:6f:48:1b:48:ec:e0:80:97:ae:ad:b5:a3:ef:7b:1f:
89:62:f8:80:16:fd:26:01:76:82:01:60:76:c4:08:39:52:18:
b8:d7:6c:ff:0a:94:b3:62:be:7b:5c:a6:f0:6f:07:a9:fd:76:
64:d9:55:af:96:66:75:e4:dd:54:a0:1d:6f:55:22:eb:2d:5d:
23:3c:e2:17:eb:07:69:1c:b4:9e:d9:e1:15:80:3d:da:c6:0c:
67:90:1f:4f:78:57:22:c3:e6:d1:1d:1d:5b:1e:75:a3:71:e5:
c1:e2:5e:01:85:46:29:ed:04:96:1c:62:f7:33:02:c0:d4:7c:
ba:9e:b9:03:af:8c:b6:1e:0a:fa:50:45:4a:be:67:fa:e9:66:
65:49:0b:e2:ab:4e:91:6a:7b:33:8d:5f:03:b8:44:e8:9f:f4:
9a:77:3e:da:95:64:ef:fc:50:ad:1c:a7:e1:f5:89:c4:63:ed:
7e:52:f7:c4:e5:3a:02:b3:7b:84:0b:40:c2:6b:07:e6:4f:25:
0e:97:f4:e9:b5:5e:c1:16:31:fb:3a:a3:bb:40:e7:5a:35:02:
a3:94:fb:7b:76:54:54:fd:aa:7e:50:b9:a0:1f:8f:a6:c4:c6:
2e:f3:a8:66
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZXocxG1rN/vGHMkwVh6Qn2zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMzMwMTkwNjUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTU2MWIxYWMyNmIyYjhmMTY5YmRmODYwZjViMGQ0YzAyYjk5ZjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0CwNvKQnzhaX8+jzzISkgpJwbGv
iXwAwTDj2MX4vZLKDHAMf+crLwSzL+Ka8JF3iouD9/G71Z06UwSnV6kgB70nBUDh
DSETtw0YSEWhP03/vxoMVydag7fpS/lcFhP8+Q4f3TYl5KmXhASJ1I1U+xzorEck
QWem7mI6ES5S5hDDYP9eM2Ja4BVKRt7Yfn2bFapMHEtJXcq7g26CqHQBySkBV32G
96Q+vSwNEPySBi2Mo6MmOhsJYo3RBYhWVLVHV+nDGmFsTG/MKQjywr6ks8A2WbpY
FtG0ymTXfehdczeYO0c3d6lZHA1Nu8uTH4UcfXHx2uPyU+OHBzXx8nA4PwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG5WGxrCayuPFpvfhg9bDUwCuZ9JMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvYmxZYkdzSnJLNDhXbTktR0Qxc05UQUs1bjBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABbW3AwQA
ubBeMA0GCSqGSIb3DQEBCwUAA4IBAQCz2NmMngmK0Qipkg3HilBgBg7qhzRvSBtI
7OCAl66ttaPvex+JYviAFv0mAXaCAWB2xAg5Uhi412z/CpSzYr57XKbwbwep/XZk
2VWvlmZ15N1UoB1vVSLrLV0jPOIX6wdpHLSe2eEVgD3axgxnkB9PeFciw+bRHR1b
HnWjceXB4l4BhUYp7QSWHGL3MwLA1Hy6nrkDr4y2Hgr6UEVKvmf66WZlSQviq06R
anszjV8DuETon/Sadz7alWTv/FCtHKfh9YnEY+1+UvfE5ToCs3uEC0DCawfmTyUO
l/TptV7BFjH7OqO7QOdaNQKjlPt7dlRU/ap+ULmgH4+mxMYu86hm
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:38:49 2025 by rpki-client