Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/Hwbn9rlKlmjn-jwoBC23qURY4q4.roa
File: Hwbn9rlKlmjn-jwoBC23qURY4q4.roa (raw, json)
Hash identifier: Si4Q6XCCwOmcgFL48gnqDPFknu4P7kEYqfzfdSQ16Xk=
Subject key identifier: 1F:06:E7:F6:B9:4A:96:68:E7:FA:3C:28:04:2D:B7:A9:44:58:E2:AE
Certificate issuer: /CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Certificate serial: 01981ED0EDECE26AECC00F4683C6CF0B11E5
Authority key identifier: C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/Hwbn9rlKlmjn-jwoBC23qURY4q4.roa
Signing time: Fri 18 Jul 2025 18:34:25 +0000
ROA not before: Fri 18 Jul 2025 18:34:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34661
IP address blocks: 195.123.0.0/22 maxlen: 22
195.123.12.0/22 maxlen: 22
195.123.168.0/22 maxlen: 22
195.123.196.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 22 Jul 2025 19:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:d0:ed:ec:e2:6a:ec:c0:0f:46:83:c6:cf:0b:11:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c105adc5c4262dff6b3f3e606830c7f971d766ce
Validity
Not Before: Jul 18 18:34:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f06e7f6b94a9668e7fa3c28042db7a94458e2ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:0f:15:38:72:65:76:9c:56:4e:17:7e:c9:d4:
e5:3f:72:7b:03:7c:c6:ec:ab:02:d9:ad:98:b6:5d:
0f:7d:60:80:6f:a5:52:06:ab:75:f5:07:c5:b8:43:
06:b7:dd:d5:bf:a2:c7:a7:7b:c1:77:2e:3b:50:1b:
67:3c:b1:03:80:0b:76:e0:58:6f:b5:9e:aa:10:a8:
d9:8b:73:81:18:bb:05:37:03:57:22:4f:01:c7:0a:
6f:1e:04:53:14:2c:25:f9:bd:67:18:e7:e1:16:b1:
40:12:d5:eb:fd:26:44:09:a6:8f:5a:73:20:e4:a6:
9e:df:c6:34:44:25:49:67:d8:a0:27:d5:bc:45:19:
93:af:44:c2:39:71:5b:ae:a6:1e:fa:7b:59:ef:dc:
68:d5:49:a9:2c:7e:36:d1:8d:15:f4:2c:ad:76:ea:
0a:97:d1:a1:7c:7d:ee:a9:8c:c0:a1:31:76:d0:ea:
5b:92:66:6a:08:5e:c0:42:10:ce:c3:5f:56:2a:67:
d0:c7:3f:af:9d:63:38:53:af:7b:ca:9f:5e:12:5f:
0d:9e:14:2c:40:f8:df:1e:88:99:8d:b6:85:57:90:
be:f8:74:4c:af:97:05:5a:cd:7c:51:cc:3c:32:b3:
03:7c:4e:49:61:dc:7e:6c:b5:46:3b:92:ee:d5:f8:
58:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:06:E7:F6:B9:4A:96:68:E7:FA:3C:28:04:2D:B7:A9:44:58:E2:AE
X509v3 Authority Key Identifier:
keyid:C1:05:AD:C5:C4:26:2D:FF:6B:3F:3E:60:68:30:C7:F9:71:D7:66:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wQWtxcQmLf9rPz5gaDDH-XHXZs4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/Hwbn9rlKlmjn-jwoBC23qURY4q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c49172-f8da-4128-8689-515845e6c317/1/wQWtxcQmLf9rPz5gaDDH-XHXZs4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.123.0.0/22
195.123.12.0/22
195.123.168.0/22
195.123.196.0/22
Signature Algorithm: sha256WithRSAEncryption
03:37:57:14:b6:ae:6e:ae:1e:a1:3c:7d:6c:d1:b8:cd:96:c9:
11:3a:ae:ff:aa:76:d0:df:5f:08:e6:eb:57:71:4a:c2:c1:85:
03:d5:b4:16:f9:60:2b:f1:3c:84:3c:a0:8d:c2:48:4a:a7:11:
32:74:51:e0:20:49:00:ef:72:52:00:b7:64:a7:c7:9b:48:d8:
12:f5:ea:9d:0e:4c:05:ae:b7:0a:8b:79:1a:1b:2c:fa:f6:d6:
f5:21:ce:16:af:8d:bb:76:0e:2b:66:b0:58:7e:00:bf:9f:85:
a2:31:c4:ca:46:90:40:1f:8c:82:a1:34:f4:2a:85:b4:81:e8:
e7:0e:02:18:b7:1a:eb:9c:29:ec:f6:20:b5:37:25:7d:d4:c2:
a4:4c:5c:f0:b4:b9:6b:3d:4e:38:9b:9a:5a:bc:f9:19:bb:c1:
b9:2a:c2:40:c1:72:4c:4b:34:80:bc:45:ac:e0:6a:ca:b0:05:
73:d2:96:9a:8b:90:19:d5:8d:93:de:dd:7d:0f:a2:0f:35:73:
68:cf:de:4c:9c:3b:10:a1:18:60:dc:72:06:aa:1b:f8:f1:88:
b9:9d:95:ed:47:cc:54:7d:69:5e:b9:50:e8:80:e7:7a:be:fe:
a9:dd:2b:1e:1e:bd:7f:7b:04:eb:a6:5b:16:36:9a:fc:89:92:
dc:76:81:ed
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZge0O3s4mrswA9Gg8bPCxHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMDVhZGM1YzQyNjJkZmY2YjNmM2U2MDY4MzBjN2Y5NzFk
NzY2Y2UwHhcNMjUwNzE4MTgzNDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjA2ZTdmNmI5NGE5NjY4ZTdmYTNjMjgwNDJkYjdhOTQ0NThlMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQ8VOHJldpxWThd+ydTlP3J7A3zG
7KsC2a2Ytl0PfWCAb6VSBqt19QfFuEMGt93Vv6LHp3vBdy47UBtnPLEDgAt24Fhv
tZ6qEKjZi3OBGLsFNwNXIk8BxwpvHgRTFCwl+b1nGOfhFrFAEtXr/SZECaaPWnMg
5Kae38Y0RCVJZ9igJ9W8RRmTr0TCOXFbrqYe+ntZ79xo1UmpLH420Y0V9CytduoK
l9GhfH3uqYzAoTF20OpbkmZqCF7AQhDOw19WKmfQxz+vnWM4U697yp9eEl8NnhQs
QPjfHoiZjbaFV5C++HRMr5cFWs18Ucw8MrMDfE5JYdx+bLVGO5Lu1fhYdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFB8G5/a5SpZo5/o8KAQtt6lEWOKuMB8GA1UdIwQY
MBaAFMEFrcXEJi3/az8+YGgwx/lx12bOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODkt
NTE1ODQ1ZTZjMzE3LzEvSHdibjlybEtsbWpuLWp3b0JDMjNxVVJZNHE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNDkxNzItZjhkYS00MTI4LTg2ODktNTE1ODQ1ZTZjMzE3
LzEvd1FXdHhjUW1MZjlyUHo1Z2FEREgtWEhYWnM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCw3sAAwQC
w3sMAwQCw3uoAwQCw3vEMA0GCSqGSIb3DQEBCwUAA4IBAQADN1cUtq5urh6hPH1s
0bjNlskROq7/qnbQ318I5utXcUrCwYUD1bQW+WAr8TyEPKCNwkhKpxEydFHgIEkA
73JSALdkp8ebSNgS9eqdDkwFrrcKi3kaGyz69tb1Ic4Wr427dg4rZrBYfgC/n4Wi
McTKRpBAH4yCoTT0KoW0gejnDgIYtxrrnCns9iC1NyV91MKkTFzwtLlrPU44m5pa
vPkZu8G5KsJAwXJMSzSAvEWs4GrKsAVz0paai5AZ1Y2T3t19D6IPNXNoz95MnDsQ
oRhg3HIGqhv48Yi5nZXtR8xUfWleuVDogOd6vv6p3SseHr1/ewTrplsWNpr8iZLc
doHt
-----END CERTIFICATE-----
Generated at Sat Jul 26 15:21:50 2025 by rpki-client