Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/HOu5wmSXajGWOICNHvlkbrTN3ms.roa
File: HOu5wmSXajGWOICNHvlkbrTN3ms.roa (raw, json)
Hash identifier: J0zMSZc16AJM2RbJGwM+/AiZRkVae6Q9nHkORMXGqAk=
Subject key identifier: 1C:EB:B9:C2:64:97:6A:31:96:38:80:8D:1E:F9:64:6E:B4:CD:DE:6B
Certificate issuer: /CN=bbffd123cb93e24e025f952842108402958d4a4c
Certificate serial: 0196C9E464BAF1589278DC9C3E5BCB582902
Authority key identifier: BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/HOu5wmSXajGWOICNHvlkbrTN3ms.roa
Signing time: Tue 13 May 2025 13:45:10 +0000
ROA not before: Tue 13 May 2025 13:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15830
IP address blocks: 147.28.138.0/23 maxlen: 23
147.28.164.0/23 maxlen: 23
147.28.176.0/23 maxlen: 23
147.28.222.0/23 maxlen: 23
147.28.241.0/24 maxlen: 24
147.75.40.0/23 maxlen: 23
147.75.206.0/24 maxlen: 24
147.75.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 15 May 2025 21:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:e4:64:ba:f1:58:92:78:dc:9c:3e:5b:cb:58:29:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbffd123cb93e24e025f952842108402958d4a4c
Validity
Not Before: May 13 13:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cebb9c264976a319638808d1ef9646eb4cdde6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7c:ff:4c:88:70:7f:fc:50:3b:e0:96:0f:70:
40:7f:0b:a1:55:30:dd:de:e6:6f:ee:47:63:89:0b:
c4:d3:11:28:b4:32:e1:6e:2d:8f:ea:e6:fd:36:e9:
76:bc:a2:3e:0e:bb:54:dc:c7:65:54:de:79:8d:e1:
83:ed:fe:14:90:39:68:ce:19:32:56:7b:95:40:3a:
16:82:99:7c:31:32:03:de:4c:c3:46:59:df:6c:75:
32:ab:cc:50:07:b2:3e:96:0f:e7:24:e3:52:d9:75:
de:f0:f8:c5:13:82:9c:80:ef:ac:da:ca:1e:b5:df:
de:ec:4e:49:ab:b6:d5:cd:03:78:fc:0b:19:9a:f9:
17:2e:45:6a:45:a7:78:b9:bb:25:0d:17:52:c1:83:
24:71:64:a5:09:66:95:cc:78:72:6f:88:05:f0:51:
de:ce:09:35:9d:54:8d:04:92:65:a1:e7:f6:01:ad:
dc:9b:38:d3:1b:8e:c5:6e:d2:58:ca:3b:3f:ec:27:
e7:93:28:9f:59:03:de:b4:68:61:26:7e:23:2b:9c:
9c:8c:2e:58:41:4e:f1:d1:fe:04:77:55:a4:2d:b2:
94:2e:15:5d:e5:79:80:c1:6c:f6:a7:62:9f:02:95:
68:73:cc:05:b4:4a:3c:67:3d:c0:64:87:8a:40:84:
8c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:EB:B9:C2:64:97:6A:31:96:38:80:8D:1E:F9:64:6E:B4:CD:DE:6B
X509v3 Authority Key Identifier:
keyid:BB:FF:D1:23:CB:93:E2:4E:02:5F:95:28:42:10:84:02:95:8D:4A:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u__RI8uT4k4CX5UoQhCEApWNSkw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/HOu5wmSXajGWOICNHvlkbrTN3ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/5dcfc9-57da-407f-a6b2-ac4a4061746d/1/u__RI8uT4k4CX5UoQhCEApWNSkw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.28.138.0/23
147.28.164.0/23
147.28.176.0/23
147.28.222.0/23
147.28.241.0/24
147.75.40.0/23
147.75.206.0/23
Signature Algorithm: sha256WithRSAEncryption
50:ab:31:4a:19:11:f1:1b:fe:99:7b:97:ab:77:4b:cf:6c:9f:
df:11:9c:c5:52:aa:28:93:af:bc:01:33:10:ac:e4:53:1c:e6:
d0:05:7b:34:74:69:20:cd:21:3c:d8:fb:26:6d:f0:3b:69:7f:
3e:70:3d:95:ab:10:fa:dc:d3:e5:70:54:10:1f:d4:a0:44:cf:
97:d5:96:15:02:b7:1a:8f:5c:98:c6:d0:15:9d:95:12:29:ec:
9d:7b:d4:2d:96:eb:30:c3:b6:d6:85:8f:e0:6c:87:61:72:81:
3b:80:a5:70:66:94:c0:3a:d2:5d:3e:ea:31:95:a5:ed:d7:bd:
a2:3c:4b:66:0e:2e:7d:20:e6:f1:79:c0:a4:a3:af:61:06:67:
e5:e3:33:04:3e:f3:6f:fa:92:b4:71:b0:77:8f:1f:bc:7c:3c:
cb:2e:ab:62:5d:74:74:45:96:cf:09:c8:97:2f:ac:f0:36:8e:
46:7d:8c:f4:ea:c6:82:75:ec:23:58:56:c4:1b:57:cc:24:a0:
66:72:3b:21:d1:26:fb:dc:1e:61:d7:c9:c5:d0:89:c2:3e:c9:
3a:94:52:a8:8b:32:72:7f:f7:fc:8c:56:0c:34:98:b9:b1:ad:
d6:a9:9d:f7:0d:0d:19:19:eb:ad:6c:19:22:98:f1:1d:4b:c3:
67:3e:f5:ed
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZbJ5GS68ViSeNycPlvLWCkCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZmZkMTIzY2I5M2UyNGUwMjVmOTUyODQyMTA4NDAyOTU4
ZDRhNGMwHhcNMjUwNTEzMTM0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2ViYjljMjY0OTc2YTMxOTYzODgwOGQxZWY5NjQ2ZWI0Y2RkZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnz/TIhwf/xQO+CWD3BAfwuhVTDd
3uZv7kdjiQvE0xEotDLhbi2P6ub9Nul2vKI+DrtU3MdlVN55jeGD7f4UkDlozhky
VnuVQDoWgpl8MTID3kzDRlnfbHUyq8xQB7I+lg/nJONS2XXe8PjFE4KcgO+s2soe
td/e7E5Jq7bVzQN4/AsZmvkXLkVqRad4ubslDRdSwYMkcWSlCWaVzHhyb4gF8FHe
zgk1nVSNBJJloef2Aa3cmzjTG47FbtJYyjs/7CfnkyifWQPetGhhJn4jK5ycjC5Y
QU7x0f4Ed1WkLbKULhVd5XmAwWz2p2KfApVoc8wFtEo8Zz3AZIeKQISMowIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBzrucJkl2oxljiAjR75ZG60zd5rMB8GA1UdIwQY
MBaAFLv/0SPLk+JOAl+VKEIQhAKVjUpMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjIt
YWM0YTQwNjE3NDZkLzEvSE91NXdtU1hhakdXT0lDTkh2bGticlROM21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC81ZGNmYzktNTdkYS00MDdmLWE2YjItYWM0YTQwNjE3NDZk
LzEvdV9fUkk4dVQ0azRDWDVVb1FoQ0VBcFdOU2t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBkxyKAwQB
kxykAwQBkxywAwQBkxzeAwQAkxzxAwQBk0soAwQBk0vOMA0GCSqGSIb3DQEBCwUA
A4IBAQBQqzFKGRHxG/6Ze5erd0vPbJ/fEZzFUqook6+8ATMQrORTHObQBXs0dGkg
zSE82PsmbfA7aX8+cD2VqxD63NPlcFQQH9SgRM+X1ZYVArcaj1yYxtAVnZUSKeyd
e9Qtlusww7bWhY/gbIdhcoE7gKVwZpTAOtJdPuoxlaXt172iPEtmDi59IObxecCk
o69hBmfl4zMEPvNv+pK0cbB3jx+8fDzLLqtiXXR0RZbPCciXL6zwNo5GfYz06saC
dewjWFbEG1fMJKBmcjsh0Sb73B5h18nF0InCPsk6lFKoizJyf/f8jFYMNJi5sa3W
qZ33DQ0ZGeutbBkimPEdS8NnPvXt
-----END CERTIFICATE-----
Generated at Mon Jun 9 13:22:40 2025 by rpki-client