Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/H8TYzbYuHjXhlGfUweiPEgV97LM.roa
File: H8TYzbYuHjXhlGfUweiPEgV97LM.roa (raw, json)
Hash identifier: CvLm7MppWhziIGnGiJ5pHxvcTxQ7ce1rGeAOZ0YtL50=
Subject key identifier: 1F:C4:D8:CD:B6:2E:1E:35:E1:94:67:D4:C1:E8:8F:12:05:7D:EC:B3
Certificate issuer: /CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
Certificate serial: 0197CBD8F3D3EA1B0DEC9D65187AB3FD93CB
Authority key identifier: C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/H8TYzbYuHjXhlGfUweiPEgV97LM.roa
Signing time: Wed 02 Jul 2025 15:54:42 +0000
ROA not before: Wed 02 Jul 2025 15:54:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210705
IP address blocks: 194.33.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 26 Jul 2025 09:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:d8:f3:d3:ea:1b:0d:ec:9d:65:18:7a:b3:fd:93:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0ba50fca33b180d68436e7ef0cbf6904baf45d4
Validity
Not Before: Jul 2 15:54:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1fc4d8cdb62e1e35e19467d4c1e88f12057decb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e4:ee:26:cf:fa:0b:4f:36:c8:f4:db:e4:bc:
c6:a1:43:02:7f:d9:c5:4e:c0:5e:bc:7e:3a:ec:ac:
da:6c:9f:c0:2e:27:6a:c0:90:b0:d2:31:02:dc:73:
19:97:36:c9:12:7d:e7:48:34:b3:d7:fd:14:1f:53:
be:37:b4:fe:10:6a:ab:3d:ba:0d:13:f2:aa:c2:da:
25:cc:78:8b:73:10:2d:81:82:7e:d4:7a:20:11:8f:
90:f8:b2:3b:66:63:7c:b4:1e:20:5d:23:c4:38:92:
e4:6d:b2:93:62:de:cc:cb:34:03:f2:0a:a3:ec:a6:
72:59:55:8f:5c:4e:da:20:f2:37:e9:f4:ce:6c:e6:
54:29:9a:f9:dc:36:16:59:0e:9d:e1:9b:bc:51:5d:
23:43:9f:35:b1:94:83:cc:68:21:53:f2:14:7b:83:
60:e8:d7:85:39:90:76:78:03:53:41:2e:55:60:c5:
bd:fc:b9:17:76:d9:46:55:84:a3:47:ba:e6:30:72:
54:b3:4b:7e:73:fe:8d:b1:45:20:1c:7f:9d:e4:99:
0d:63:86:0c:b3:f2:a9:c4:7f:9a:41:6b:49:13:60:
e6:fd:d0:6f:d7:ba:e9:27:38:19:fd:71:c7:d8:12:
5b:80:8a:ac:09:48:a5:37:9a:1e:35:d9:46:33:48:
57:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:C4:D8:CD:B6:2E:1E:35:E1:94:67:D4:C1:E8:8F:12:05:7D:EC:B3
X509v3 Authority Key Identifier:
keyid:C0:BA:50:FC:A3:3B:18:0D:68:43:6E:7E:F0:CB:F6:90:4B:AF:45:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/H8TYzbYuHjXhlGfUweiPEgV97LM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/422a4c-8394-46b4-aa18-d1fbe5a91d70/1/wLpQ_KM7GA1oQ25-8Mv2kEuvRdQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.33.28.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:fe:60:97:5e:50:b9:54:0a:85:31:2d:27:36:c2:37:26:c6:
96:a1:f4:4c:d0:af:41:6a:43:2a:df:53:6c:6f:ca:26:22:11:
0d:5e:21:ff:6d:81:1e:ee:fb:73:84:9f:23:4f:fb:7a:10:1c:
d2:02:18:3c:81:f2:72:76:1f:f8:63:61:23:b9:a9:ca:21:ca:
9b:4e:9a:93:a3:e8:64:3f:6c:7a:76:3c:66:60:2c:ea:32:8d:
70:9b:17:02:01:1f:5c:27:c2:58:d7:6e:93:ce:9e:b9:78:52:
5a:85:dc:ac:c7:77:ce:64:5d:2a:d3:02:76:c7:70:37:e3:76:
79:43:1d:a9:71:47:56:2e:75:f7:aa:e4:60:0b:4c:ae:ab:b1:
40:c1:40:e4:7b:29:3d:6b:b0:c6:fc:ed:e3:90:44:43:72:2a:
ce:3d:78:c8:a4:2a:14:ae:4e:18:f7:e3:2b:f4:c9:fb:3a:7d:
ac:36:6a:d5:bf:34:33:5c:39:c2:45:ce:ee:6f:d1:55:8c:15:
5d:34:9f:a1:bd:fb:83:ac:a3:39:2c:e4:95:9f:62:e5:50:14:
82:b4:e1:cb:0f:94:f8:3e:e3:bf:1f:87:2e:cc:1f:10:cb:2a:
10:f7:d2:b7:3c:4f:09:42:93:32:74:bb:9e:dc:97:30:da:8b:
dc:19:13:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfL2PPT6hsN7J1lGHqz/ZPLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYmE1MGZjYTMzYjE4MGQ2ODQzNmU3ZWYwY2JmNjkwNGJh
ZjQ1ZDQwHhcNMjUwNzAyMTU1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmM0ZDhjZGI2MmUxZTM1ZTE5NDY3ZDRjMWU4OGYxMjA1N2RlY2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOTuJs/6C082yPTb5LzGoUMCf9nF
TsBevH467KzabJ/ALidqwJCw0jEC3HMZlzbJEn3nSDSz1/0UH1O+N7T+EGqrPboN
E/KqwtolzHiLcxAtgYJ+1HogEY+Q+LI7ZmN8tB4gXSPEOJLkbbKTYt7MyzQD8gqj
7KZyWVWPXE7aIPI36fTObOZUKZr53DYWWQ6d4Zu8UV0jQ581sZSDzGghU/IUe4Ng
6NeFOZB2eANTQS5VYMW9/LkXdtlGVYSjR7rmMHJUs0t+c/6NsUUgHH+d5JkNY4YM
s/KpxH+aQWtJE2Dm/dBv17rpJzgZ/XHH2BJbgIqsCUilN5oeNdlGM0hXKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB/E2M22Lh414ZRn1MHojxIFfeyzMB8GA1UdIwQY
MBaAFMC6UPyjOxgNaENufvDL9pBLr0XUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgt
ZDFmYmU1YTkxZDcwLzEvSDhUWXpiWXVIalhobEdmVXdlaVBFZ1Y5N0xNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC80MjJhNGMtODM5NC00NmI0LWFhMTgtZDFmYmU1YTkxZDcw
LzEvd0xwUV9LTTdHQTFvUTI1LThNdjJrRXV2UmRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwiEcMA0G
CSqGSIb3DQEBCwUAA4IBAQCn/mCXXlC5VAqFMS0nNsI3JsaWofRM0K9BakMq31Ns
b8omIhENXiH/bYEe7vtzhJ8jT/t6EBzSAhg8gfJydh/4Y2EjuanKIcqbTpqTo+hk
P2x6djxmYCzqMo1wmxcCAR9cJ8JY126Tzp65eFJahdysx3fOZF0q0wJ2x3A343Z5
Qx2pcUdWLnX3quRgC0yuq7FAwUDkeyk9a7DG/O3jkERDcirOPXjIpCoUrk4Y9+Mr
9Mn7On2sNmrVvzQzXDnCRc7ub9FVjBVdNJ+hvfuDrKM5LOSVn2LlUBSCtOHLD5T4
PuO/H4cuzB8QyyoQ99K3PE8JQpMydLue3Jcw2ovcGRPj
-----END CERTIFICATE-----
Generated at Sat Jul 26 18:58:19 2025 by rpki-client