Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HPv0IDFfwOgw7_-qORlJYcl-sIE.roa
File: HPv0IDFfwOgw7_-qORlJYcl-sIE.roa (raw, json)
Hash identifier: Ulx7NodM9t7rJXHXMWcukGAa0uHBxMKFQScBg9vXAUQ=
Subject key identifier: 1C:FB:F4:20:31:5F:C0:E8:30:EF:FF:AA:39:19:49:61:C9:7E:B0:81
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 01970DB463263ABE4A3255036B68D47D5EF9
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HPv0IDFfwOgw7_-qORlJYcl-sIE.roa
Signing time: Mon 26 May 2025 17:46:55 +0000
ROA not before: Mon 26 May 2025 17:46:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213896
IP address blocks: 195.211.188.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 15:28:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:b4:63:26:3a:be:4a:32:55:03:6b:68:d4:7d:5e:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: May 26 17:46:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cfbf420315fc0e830efffaa39194961c97eb081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:7e:f2:0f:f8:34:be:b7:c8:ed:74:85:21:de:
b0:ba:b5:64:f8:e3:3b:30:a2:c0:bb:79:49:e4:62:
04:44:ea:80:5b:bd:a9:ac:89:45:13:cb:aa:46:8d:
ca:e5:03:e5:09:bf:43:3c:c8:84:88:b8:3a:71:e3:
08:31:7e:56:a3:f4:d3:b8:cc:14:03:d7:88:0f:4e:
73:12:53:af:70:91:19:96:8b:1b:df:d0:39:4c:43:
b8:d0:3a:3a:b7:d4:81:54:84:7f:0c:23:fb:01:1e:
36:60:89:1a:92:9d:03:75:c0:fd:a4:d6:9e:a8:53:
a1:f5:1a:d2:e9:8a:77:b3:2e:12:62:cf:32:69:1d:
a4:93:9f:e1:ac:cc:80:26:e7:fb:0d:a7:81:97:5e:
81:4f:1a:e8:12:1b:ac:b4:e0:d2:0e:ca:70:bf:99:
11:43:2a:d5:48:84:f8:3b:e5:7b:c7:17:0f:4b:28:
13:ed:8f:e9:7a:6d:7a:ce:cf:e5:71:dc:1b:c0:51:
f7:aa:e5:a7:bb:bf:40:16:e5:9e:42:d1:28:90:57:
cb:22:56:ea:27:dc:e4:ae:8f:d4:fa:7b:fe:ea:0b:
19:45:ef:3b:84:36:9a:cd:dd:23:81:1a:59:0c:5c:
73:83:a5:88:bc:2f:8d:c4:46:ad:15:f0:86:9e:38:
4d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:FB:F4:20:31:5F:C0:E8:30:EF:FF:AA:39:19:49:61:C9:7E:B0:81
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/HPv0IDFfwOgw7_-qORlJYcl-sIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.188.0/24
195.211.190.0/24
Signature Algorithm: sha256WithRSAEncryption
76:45:03:39:15:b9:0f:eb:b1:e1:7e:24:cc:af:70:a3:e2:c6:
40:01:e5:37:91:6f:7c:d1:1f:ce:57:b2:8d:c3:ff:52:67:91:
a2:b4:8c:e0:98:57:b5:cb:cc:e1:71:54:5a:c1:7f:14:b1:4c:
aa:e8:b2:26:3f:0f:ea:ce:ec:42:52:ba:1e:1d:8e:29:c9:ca:
a1:ac:ee:29:b7:03:7e:75:ef:13:9d:02:4d:4a:44:80:51:c8:
06:4b:29:6c:fa:fe:2c:4b:00:a8:d8:0b:d9:f5:25:14:eb:61:
0a:34:06:9f:e3:0d:54:08:36:5e:85:0f:5a:a9:b2:0e:ce:ed:
99:f4:d6:cb:41:c0:74:0e:5e:f5:f8:57:a6:d1:3b:3f:64:db:
a0:42:ab:bb:aa:5c:b4:de:ac:c5:7b:9c:eb:2d:32:66:c7:80:
a3:f6:ba:64:62:84:95:5a:9c:ad:23:b8:23:18:78:5f:da:b1:
57:d1:4c:93:3e:b3:1d:80:ca:12:94:81:ae:cb:f9:cd:05:6a:
77:67:61:89:65:4b:5e:44:5d:17:4f:de:ac:7c:45:b0:52:46:
fd:cc:b3:24:d6:7c:0f:3b:d3:71:a1:76:1b:8f:b0:da:46:29:
84:8d:74:b8:15:64:b6:60:82:82:44:da:64:27:7c:10:b6:0b:
5c:93:8a:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcNtGMmOr5KMlUDa2jUfV75MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwNTI2MTc0NjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ZiZjQyMDMxNWZjMGU4MzBlZmZmYWEzOTE5NDk2MWM5N2ViMDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz37yD/g0vrfI7XSFId6wurVk+OM7
MKLAu3lJ5GIEROqAW72prIlFE8uqRo3K5QPlCb9DPMiEiLg6ceMIMX5Wo/TTuMwU
A9eID05zElOvcJEZlosb39A5TEO40Do6t9SBVIR/DCP7AR42YIkakp0DdcD9pNae
qFOh9RrS6Yp3sy4SYs8yaR2kk5/hrMyAJuf7DaeBl16BTxroEhustODSDspwv5kR
QyrVSIT4O+V7xxcPSygT7Y/pem16zs/lcdwbwFH3quWnu79AFuWeQtEokFfLIlbq
J9zkro/U+nv+6gsZRe87hDaazd0jgRpZDFxzg6WIvC+NxEatFfCGnjhNQwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBz79CAxX8DoMO//qjkZSWHJfrCBMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvSFB2MElERmZ3T2d3N18tcU9SbEpZY2wtc0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw9O8AwQA
w9O+MA0GCSqGSIb3DQEBCwUAA4IBAQB2RQM5FbkP67HhfiTMr3Cj4sZAAeU3kW98
0R/OV7KNw/9SZ5GitIzgmFe1y8zhcVRawX8UsUyq6LImPw/qzuxCUroeHY4pycqh
rO4ptwN+de8TnQJNSkSAUcgGSyls+v4sSwCo2AvZ9SUU62EKNAaf4w1UCDZehQ9a
qbIOzu2Z9NbLQcB0Dl71+Fem0Ts/ZNugQqu7qly03qzFe5zrLTJmx4Cj9rpkYoSV
WpytI7gjGHhf2rFX0UyTPrMdgMoSlIGuy/nNBWp3Z2GJZUteRF0XT96sfEWwUkb9
zLMk1nwPO9NxoXYbj7DaRimEjXS4FWS2YIKCRNpkJ3wQtgtck4qz
-----END CERTIFICATE-----
Generated at Sat Jun 7 22:22:11 2025 by rpki-client