Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HN0-twX3A1HhAN71nYg7yR5khXw.roa
File: HN0-twX3A1HhAN71nYg7yR5khXw.roa (raw, json)
Hash identifier: lCSx4pvIE/brGfse3OFyE9MSeT6kdnxQL+ogKWUk/9I=
Subject key identifier: 1C:DD:3E:B7:05:F7:03:51:E1:00:DE:F5:9D:88:3B:C9:1E:64:85:7C
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019914DF06FA38FD48F9D744D0A726F34139
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HN0-twX3A1HhAN71nYg7yR5khXw.roa
Signing time: Thu 04 Sep 2025 13:16:24 +0000
ROA not before: Thu 04 Sep 2025 13:16:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 2.57.242.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
167.17.176.0/24 maxlen: 24
167.17.177.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.182.0/24 maxlen: 24
167.17.191.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
193.124.225.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.1.0/24 maxlen: 24
206.245.129.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
208.123.185.0/24 maxlen: 24
208.123.190.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Sep 2025 10:37:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:df:06:fa:38:fd:48:f9:d7:44:d0:a7:26:f3:41:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Sep 4 13:16:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1cdd3eb705f70351e100def59d883bc91e64857c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:d1:9a:53:54:e8:a2:ff:54:ae:75:78:5e:59:
f9:35:59:15:f9:94:41:99:1d:43:fb:b0:56:6a:74:
b4:59:de:30:2f:4b:0a:04:b4:7d:f3:48:7f:67:a2:
70:9d:f6:b2:03:65:40:88:c9:c7:72:81:fe:16:04:
6c:a3:b4:b0:ab:66:f9:5e:bc:07:e6:e6:a8:09:24:
21:0c:68:34:68:a2:b3:42:23:7b:35:b2:df:b0:73:
f7:6e:3e:fc:ca:cf:2b:03:7c:41:66:df:b5:4b:8b:
be:81:12:2f:e8:3f:db:71:3f:15:17:a8:42:61:6c:
35:a6:53:2c:51:c1:a2:4b:49:62:d2:05:22:67:8c:
b3:36:98:38:ed:7a:74:bc:7b:d5:7d:91:7c:25:2a:
17:a7:37:06:54:fa:fc:34:f9:8f:7b:72:df:a5:bb:
29:42:0b:ef:89:05:25:58:b0:0a:f3:b6:1d:28:fd:
53:17:e1:f1:99:90:d7:d8:10:24:ea:f2:cc:9d:87:
c6:84:26:e8:f0:0c:73:ee:85:d1:3d:17:2e:20:ce:
44:47:a5:9b:d3:0f:11:b5:b4:cd:92:24:bc:fb:f3:
04:1c:59:e7:a3:23:26:14:4b:6b:97:70:c2:87:67:
b1:be:1b:04:8b:d9:ef:ac:a8:31:14:22:74:5e:8c:
21:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:DD:3E:B7:05:F7:03:51:E1:00:DE:F5:9D:88:3B:C9:1E:64:85:7C
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/HN0-twX3A1HhAN71nYg7yR5khXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
89.35.119.0/24
89.35.129.0/24
94.177.145.0/24
103.56.84.0/24
167.17.176.0-167.17.178.255
167.17.180.0/24
167.17.182.0/24
167.17.191.0/24
188.208.103.0/24
188.213.0.0/24
188.214.107.0/24
193.124.225.0/24
194.85.249.0/24
194.85.251.0/24
202.71.12.0/23
202.71.15.0/24
204.77.1.0/24
206.245.129.0/24
206.245.131.0/24
206.245.133.0/24
208.123.185.0/24
208.123.190.0/24
212.192.212.0/24
Signature Algorithm: sha256WithRSAEncryption
64:5e:c4:02:58:8d:a8:ca:08:75:23:4b:21:16:97:82:6a:d9:
b9:59:5c:f3:db:d9:44:34:9a:a2:d5:dc:3a:25:64:18:69:1d:
e7:ae:c8:71:83:ac:31:bb:8d:53:17:87:49:81:c2:a1:dc:b3:
42:a4:99:fe:f9:d0:64:c5:d3:c0:ba:f8:e5:66:0e:83:d7:0c:
ab:ab:65:0e:c6:c1:ba:c5:c5:8f:c9:8b:cd:3a:1f:92:9b:7f:
f8:85:ea:94:c8:d6:13:21:d1:d4:52:af:ae:7a:31:2e:1b:a8:
ba:e1:04:2a:0e:7c:15:c5:ba:8e:de:07:57:b1:01:35:6a:02:
db:9d:17:0b:19:6e:06:73:d2:59:a7:87:c4:3c:a7:55:00:27:
54:08:f7:04:f9:d2:93:ce:83:55:c9:f4:c5:84:6f:e9:03:56:
fd:c0:76:67:87:f5:f6:a1:5b:a0:b2:ca:d2:28:22:f2:79:16:
1f:a2:6f:1d:9b:f3:a4:71:c9:9a:a3:cb:35:48:29:fe:79:46:
3e:50:2c:5f:3f:ee:bb:73:7c:91:54:c9:43:57:1e:a9:93:85:
1b:ba:49:d8:ae:28:00:3f:5b:81:ee:00:ad:22:33:b4:0e:49:
03:bf:e0:7d:f9:5d:a2:43:d7:d7:23:b0:a3:7b:17:aa:34:3a:
bf:0c:da:56
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAZkU3wb6OP1I+ddE0Kcm80E5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwOTA0MTMxNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxY2RkM2ViNzA1ZjcwMzUxZTEwMGRlZjU5ZDg4M2JjOTFlNjQ4NTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotGaU1Toov9UrnV4Xln5NVkV+ZRB
mR1D+7BWanS0Wd4wL0sKBLR980h/Z6JwnfayA2VAiMnHcoH+FgRso7Swq2b5XrwH
5uaoCSQhDGg0aKKzQiN7NbLfsHP3bj78ys8rA3xBZt+1S4u+gRIv6D/bcT8VF6hC
YWw1plMsUcGiS0li0gUiZ4yzNpg47Xp0vHvVfZF8JSoXpzcGVPr8NPmPe3Lfpbsp
QgvviQUlWLAK87YdKP1TF+HxmZDX2BAk6vLMnYfGhCbo8Axz7oXRPRcuIM5ER6Wb
0w8RtbTNkiS8+/MEHFnnoyMmFEtrl3DCh2exvhsEi9nvrKgxFCJ0XowhJQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFBzdPrcF9wNR4QDe9Z2IO8keZIV8MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvSE4wLXR3WDNBMUhoQU43MW5ZZzd5UjVraFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgDBAAC
OfIDBABZI3cDBABZI4EDBABesZEDBABnOFQwDAMEBKcRsAMEAKcRsgMEAKcRtAME
AKcRtgMEAKcRvwMEALzQZwMEALzVAAMEALzWawMEAMF84QMEAMJV+QMEAMJV+wME
AcpHDAMEAMpHDwMEAMxNAQMEAM71gQMEAM71gwMEAM71hQMEANB7uQMEANB7vgME
ANTA1DANBgkqhkiG9w0BAQsFAAOCAQEAZF7EAliNqMoIdSNLIRaXgmrZuVlc89vZ
RDSaotXcOiVkGGkd567IcYOsMbuNUxeHSYHCodyzQqSZ/vnQZMXTwLr45WYOg9cM
q6tlDsbBusXFj8mLzTofkpt/+IXqlMjWEyHR1FKvrnoxLhuouuEEKg58FcW6jt4H
V7EBNWoC250XCxluBnPSWaeHxDynVQAnVAj3BPnSk86DVcn0xYRv6QNW/cB2Z4f1
9qFboLLK0igi8nkWH6JvHZvzpHHJmqPLNUgp/nlGPlAsXz/uu3N8kVTJQ1ceqZOF
G7pJ2K4oAD9bge4ArSIztA5JA7/gffldokPX1yOwo3sXqjQ6vwzaVg==
-----END CERTIFICATE-----
Generated at Sun Sep 7 15:40:10 2025 by rpki-client