Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/hmJwfjrW4Hjg3CEvEwAXun7lMEc.roa
File: hmJwfjrW4Hjg3CEvEwAXun7lMEc.roa (raw, json)
Hash identifier: f3kG0YIhM3J+8MvQ/aFkkEI9vollQ+fAwbFOiCqazRw=
Subject key identifier: 86:62:70:7E:3A:D6:E0:78:E0:DC:21:2F:13:00:17:BA:7E:E5:30:47
Certificate issuer: /CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Certificate serial: 0196810CEFA13CFD199BC993C14EC34069EA
Authority key identifier: 8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/hmJwfjrW4Hjg3CEvEwAXun7lMEc.roa
Signing time: Tue 29 Apr 2025 10:17:10 +0000
ROA not before: Tue 29 Apr 2025 10:17:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40994
IP address blocks: 194.150.73.0/24 maxlen: 24
194.150.74.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 11:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:0c:ef:a1:3c:fd:19:9b:c9:93:c1:4e:c3:40:69:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8a6024b2c27a67dff5b654efa06bf7bfc1222625
Validity
Not Before: Apr 29 10:17:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8662707e3ad6e078e0dc212f130017ba7ee53047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:39:6f:26:3d:38:d8:8d:b4:50:d9:1f:59:db:
24:3b:f0:1a:7c:cc:10:2d:22:71:8c:bc:72:78:fa:
82:a2:ea:be:b8:51:91:c6:47:a6:72:cf:ee:08:a9:
15:c4:72:46:e3:cb:b6:8b:7e:4d:18:9e:49:82:bc:
11:25:b8:aa:a0:5b:6c:df:28:9c:a6:31:9a:dd:50:
6b:70:3f:64:d3:37:ae:84:ce:56:75:91:a7:8b:f1:
6f:2d:17:9f:fa:92:12:55:4a:32:2a:ff:cd:06:8a:
02:34:03:a0:04:78:48:f5:49:44:b3:c1:45:13:5d:
69:bc:cb:da:80:3a:01:86:1e:2c:ae:55:54:bf:39:
32:7c:c1:1d:c2:7b:1c:7f:88:af:c4:87:aa:a8:3c:
2e:ad:e9:b7:50:2e:90:b2:51:3f:df:75:fe:ef:51:
91:14:47:08:3d:40:13:22:cd:ec:ed:d5:6d:6d:4b:
38:25:dd:59:6d:08:5c:e2:65:ec:44:65:7d:e4:aa:
0c:2a:2f:06:4a:49:61:1c:bd:55:c7:1f:48:bc:92:
f3:8d:a0:29:06:cf:9d:6c:3a:14:33:88:24:67:72:
3a:80:7e:98:34:26:f3:d9:15:a8:09:e8:63:fa:9a:
7c:bb:ca:72:f9:cf:fe:5a:5e:cc:12:a0:c6:cd:d8:
c1:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:62:70:7E:3A:D6:E0:78:E0:DC:21:2F:13:00:17:BA:7E:E5:30:47
X509v3 Authority Key Identifier:
keyid:8A:60:24:B2:C2:7A:67:DF:F5:B6:54:EF:A0:6B:F7:BF:C1:22:26:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/imAkssJ6Z9_1tlTvoGv3v8EiJiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/hmJwfjrW4Hjg3CEvEwAXun7lMEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/33eccf-0ae3-4c7e-a441-08e8f0cbb840/1/imAkssJ6Z9_1tlTvoGv3v8EiJiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.150.73.0-194.150.74.255
Signature Algorithm: sha256WithRSAEncryption
1a:4f:2d:2a:c9:aa:32:47:2a:d3:c3:2f:3a:5f:7b:a3:02:46:
98:be:a5:80:44:48:56:77:8c:21:6e:9d:e4:8a:be:c0:28:61:
6f:f0:35:5c:bc:f7:bf:f3:1d:03:ce:10:5c:da:4f:05:28:23:
a0:d2:28:0f:e7:54:ae:13:1a:45:4f:70:5e:f8:2f:59:33:eb:
3f:dd:74:1c:e1:a8:4a:f4:03:c4:0b:0d:b6:bd:96:92:1b:67:
29:a9:e6:64:a4:46:7d:fe:84:59:88:01:83:47:4a:fd:33:97:
8a:dc:ab:5a:59:44:67:7e:ad:3f:0e:5e:22:b9:1e:39:bd:fe:
13:2f:1d:16:0a:bb:24:3a:91:d0:87:0e:bf:37:3b:99:0b:04:
10:6f:a1:e9:cc:a8:11:53:90:34:3b:9e:21:8c:3e:fc:62:5d:
9a:fd:9e:f9:6d:64:f0:fe:09:e5:5a:f9:52:3b:da:a8:6d:74:
f1:e9:12:74:f2:f8:59:73:cf:13:64:db:4d:37:4a:01:0a:34:
b4:30:e9:82:4b:ef:4c:82:d7:8f:bd:13:b7:22:df:89:5a:2d:
0a:05:6d:f5:3c:68:aa:93:39:4f:0f:b6:f0:e9:3c:34:89:17:
3e:7d:e7:aa:aa:8b:13:b7:e7:4c:24:9e:ea:df:0f:bd:99:e8:
f2:13:e1:dc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZaBDO+hPP0Zm8mTwU7DQGnqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhNjAyNGIyYzI3YTY3ZGZmNWI2NTRlZmEwNmJmN2JmYzEy
MjI2MjUwHhcNMjUwNDI5MTAxNzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjYyNzA3ZTNhZDZlMDc4ZTBkYzIxMmYxMzAwMTdiYTdlZTUzMDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDlvJj042I20UNkfWdskO/AafMwQ
LSJxjLxyePqCouq+uFGRxkemcs/uCKkVxHJG48u2i35NGJ5JgrwRJbiqoFts3yic
pjGa3VBrcD9k0zeuhM5WdZGni/FvLRef+pISVUoyKv/NBooCNAOgBHhI9UlEs8FF
E11pvMvagDoBhh4srlVUvzkyfMEdwnscf4ivxIeqqDwurem3UC6QslE/33X+71GR
FEcIPUATIs3s7dVtbUs4Jd1ZbQhc4mXsRGV95KoMKi8GSklhHL1Vxx9IvJLzjaAp
Bs+dbDoUM4gkZ3I6gH6YNCbz2RWoCehj+pp8u8py+c/+Wl7MEqDGzdjBMQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIZicH461uB44NwhLxMAF7p+5TBHMB8GA1UdIwQY
MBaAFIpgJLLCemff9bZU76Br97/BIiYlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEt
MDhlOGYwY2JiODQwLzEvaG1Kd2Zqclc0SGpnM0NFdkV3QVh1bjdsTUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zM2VjY2YtMGFlMy00YzdlLWE0NDEtMDhlOGYwY2JiODQw
LzEvaW1Ba3NzSjZaOV8xdGxUdm9HdjN2OEVpSmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADClkkD
BADClkowDQYJKoZIhvcNAQELBQADggEBABpPLSrJqjJHKtPDLzpfe6MCRpi+pYBE
SFZ3jCFuneSKvsAoYW/wNVy897/zHQPOEFzaTwUoI6DSKA/nVK4TGkVPcF74L1kz
6z/ddBzhqEr0A8QLDba9lpIbZymp5mSkRn3+hFmIAYNHSv0zl4rcq1pZRGd+rT8O
XiK5Hjm9/hMvHRYKuyQ6kdCHDr83O5kLBBBvoenMqBFTkDQ7niGMPvxiXZr9nvlt
ZPD+CeVa+VI72qhtdPHpEnTy+FlzzxNk2003SgEKNLQw6YJL70yC14+9E7ci34la
LQoFbfU8aKqTOU8PtvDpPDSJFz5956qqixO350wknurfD72Z6PIT4dw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:39:11 2025 by rpki-client