Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/lZ8dVsyKoa-9YaIJj9p07TMG0Ug.roa
File: lZ8dVsyKoa-9YaIJj9p07TMG0Ug.roa (raw, json)
Hash identifier: eufWys+wfIIQheKxbnu/rpl45ykRamuXTslBMfzm/kc=
Subject key identifier: 95:9F:1D:56:CC:8A:A1:AF:BD:61:A2:09:8F:DA:74:ED:33:06:D1:48
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01982471F9CF5ADB5DC18515D399525E7F51
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/lZ8dVsyKoa-9YaIJj9p07TMG0Ug.roa
Signing time: Sat 19 Jul 2025 20:48:25 +0000
ROA not before: Sat 19 Jul 2025 20:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 150.241.64.0/19 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Jul 2025 16:29:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:24:71:f9:cf:5a:db:5d:c1:85:15:d3:99:52:5e:7f:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jul 19 20:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=959f1d56cc8aa1afbd61a2098fda74ed3306d148
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b7:8d:de:78:b8:72:f9:a2:ca:21:a1:22:03:
89:9d:ca:4e:eb:b7:d6:2d:70:60:ac:54:a3:fe:c9:
a3:6a:2e:ee:0d:69:6b:c2:99:5f:af:57:1e:d1:53:
1f:85:9c:45:c2:0f:f4:9c:08:a8:ea:71:1a:62:bc:
43:3c:d1:2c:d1:0f:5f:d2:6b:a9:fd:c6:3a:2d:73:
91:85:d8:a0:9c:87:9e:22:66:7d:aa:02:44:a5:5b:
bb:1d:eb:20:70:42:4c:94:40:97:65:06:71:5e:21:
8b:f5:8d:a1:1d:0e:f2:07:8c:a7:05:c4:df:0a:40:
3e:f3:9d:c6:f9:17:7a:7c:f8:48:e0:08:89:80:79:
4d:15:46:ce:ed:af:b1:dc:ef:5d:04:8e:25:5a:20:
ef:46:ac:d4:97:21:6b:2a:42:16:63:91:0a:50:69:
83:88:08:52:3a:50:9c:28:90:51:f1:61:63:72:b7:
9b:ef:ce:1d:df:97:c9:b6:5d:34:6f:c4:7c:db:57:
f0:c7:ee:05:a0:98:96:8c:97:df:28:92:03:49:a0:
c5:39:6c:97:d2:1c:fc:12:d0:a3:f3:8f:65:05:47:
5f:1d:c5:72:4e:c8:c1:66:58:af:e5:59:01:34:ff:
95:a9:96:56:c5:a9:3c:b1:4b:87:15:91:0f:98:f5:
2e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9F:1D:56:CC:8A:A1:AF:BD:61:A2:09:8F:DA:74:ED:33:06:D1:48
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/lZ8dVsyKoa-9YaIJj9p07TMG0Ug.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
150.241.64.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:f8:b1:ca:89:82:9c:b0:bc:d4:54:84:3f:bb:46:a2:0f:1f:
48:4c:7e:08:c7:dd:b8:ca:7d:ee:91:94:cc:6b:4b:78:91:77:
ad:3a:2e:f8:fb:73:66:94:2e:13:e8:bb:08:4d:e6:37:00:e2:
62:ed:18:d9:c9:00:11:22:a6:a0:84:a2:ed:4d:72:85:aa:10:
ac:2b:70:d7:a8:48:2c:05:36:56:ae:a6:9c:5d:ec:fe:bc:0f:
29:73:08:51:cc:f9:59:de:9b:b1:e1:54:d5:a8:c1:89:da:34:
6a:b2:fd:20:0e:31:38:70:d6:fc:ec:c5:1c:7e:a6:22:c7:27:
0c:58:25:6d:60:8e:67:72:c2:24:98:38:1e:9e:3f:ad:f6:ee:
34:48:28:a4:b5:c9:2a:e7:eb:97:31:ce:72:9e:7b:ea:f5:da:
06:95:96:4b:9a:bb:68:ae:fc:78:b7:a4:39:45:7e:03:93:bc:
64:e0:ae:5a:a0:ed:f0:af:7a:7f:07:9d:39:3c:14:1b:cb:b3:
19:16:fb:d8:f7:80:d6:88:9e:52:1e:92:be:23:bd:c9:94:36:
b9:0c:f0:c3:60:a3:51:c3:fe:a3:4d:46:20:e8:5d:e8:86:e9:
da:ed:3f:7a:cf:ac:61:c7:f1:b6:80:f1:1d:f8:38:ed:7c:3f:
1f:9f:03:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgkcfnPWttdwYUV05lSXn9RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNzE5MjA0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTlmMWQ1NmNjOGFhMWFmYmQ2MWEyMDk4ZmRhNzRlZDMzMDZkMTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbeN3ni4cvmiyiGhIgOJncpO67fW
LXBgrFSj/smjai7uDWlrwplfr1ce0VMfhZxFwg/0nAio6nEaYrxDPNEs0Q9f0mup
/cY6LXORhdignIeeImZ9qgJEpVu7HesgcEJMlECXZQZxXiGL9Y2hHQ7yB4ynBcTf
CkA+853G+Rd6fPhI4AiJgHlNFUbO7a+x3O9dBI4lWiDvRqzUlyFrKkIWY5EKUGmD
iAhSOlCcKJBR8WFjcreb784d35fJtl00b8R821fwx+4FoJiWjJffKJIDSaDFOWyX
0hz8EtCj849lBUdfHcVyTsjBZliv5VkBNP+VqZZWxak8sUuHFZEPmPUukwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJWfHVbMiqGvvWGiCY/adO0zBtFIMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvbFo4ZFZzeUtvYS05WWFJSmo5cDA3VE1HMFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFlvFAMA0G
CSqGSIb3DQEBCwUAA4IBAQBt+LHKiYKcsLzUVIQ/u0aiDx9ITH4Ix924yn3ukZTM
a0t4kXetOi74+3NmlC4T6LsITeY3AOJi7RjZyQARIqaghKLtTXKFqhCsK3DXqEgs
BTZWrqacXez+vA8pcwhRzPlZ3pux4VTVqMGJ2jRqsv0gDjE4cNb87MUcfqYixycM
WCVtYI5ncsIkmDgenj+t9u40SCiktckq5+uXMc5ynnvq9doGlZZLmrtorvx4t6Q5
RX4Dk7xk4K5aoO3wr3p/B505PBQby7MZFvvY94DWiJ5SHpK+I73JlDa5DPDDYKNR
w/6jTUYg6F3ohuna7T96z6xhx/G2gPEd+DjtfD8fnwOL
-----END CERTIFICATE-----
Generated at Wed Jul 23 02:01:54 2025 by rpki-client