Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/HXZUY6gfR_EZk77zndCEvMgUx80.roa
File: HXZUY6gfR_EZk77zndCEvMgUx80.roa (raw, json)
Hash identifier: ri8KXo6oL2+4GblqM3EiOBxt3BOPmrPVqooO9JeRj58=
Subject key identifier: 1D:76:54:63:A8:1F:47:F1:19:93:BE:F3:9D:D0:84:BC:C8:14:C7:CD
Certificate issuer: /CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Certificate serial: 01973682E708FFA82875D17D9344E1A64FFF
Authority key identifier: 06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/HXZUY6gfR_EZk77zndCEvMgUx80.roa
Signing time: Tue 03 Jun 2025 15:57:17 +0000
ROA not before: Tue 03 Jun 2025 15:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206110
IP address blocks: 185.196.68.0/22 maxlen: 22
185.196.68.0/24 maxlen: 24
185.196.69.0/24 maxlen: 24
185.196.70.0/24 maxlen: 24
185.196.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:03:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:36:82:e7:08:ff:a8:28:75:d1:7d:93:44:e1:a6:4f:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=06e4bbdab896e66113f351b4d9c82df50e66a712
Validity
Not Before: Jun 3 15:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d765463a81f47f11993bef39dd084bcc814c7cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:27:93:78:99:cf:48:e6:5c:89:d1:7d:21:b1:
8b:3a:c8:c5:f5:3b:57:21:cf:b5:bf:54:78:3a:32:
46:ff:78:11:45:a9:2a:3b:f7:2a:4a:a7:91:ed:79:
e2:fa:77:91:fd:5d:da:db:42:b6:12:50:f0:35:56:
fd:71:f5:03:78:6b:b2:e8:8c:04:26:6f:43:6e:a7:
89:59:04:35:87:8c:cd:75:4b:24:a2:5d:b9:f4:c4:
7b:48:a3:c5:37:4d:3b:d9:01:55:b3:8f:ad:e0:a6:
f3:0a:92:ff:e3:b8:4c:42:cf:19:af:85:e5:2f:32:
b7:53:24:c4:97:73:96:36:d4:bb:f3:92:f9:16:b0:
8e:3e:50:6d:01:c7:86:65:fc:00:1c:45:95:21:2c:
85:23:e8:8e:4f:69:6f:96:81:1b:59:ba:9c:25:fb:
e2:6e:e5:4c:f5:56:7b:8b:cb:18:af:f0:b7:e4:89:
95:bb:41:8e:2b:f2:fd:64:17:e9:04:f8:fa:e4:75:
c2:0e:0e:39:8b:8e:c6:1e:51:98:57:a0:de:0e:58:
19:f6:fe:8e:59:5f:16:f4:4d:86:95:1d:b2:0a:79:
de:b9:56:b7:25:63:ee:bc:5a:b1:db:ea:6e:b2:ef:
c5:44:bf:5b:10:21:01:5f:b2:8b:0a:34:07:cf:5f:
85:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:76:54:63:A8:1F:47:F1:19:93:BE:F3:9D:D0:84:BC:C8:14:C7:CD
X509v3 Authority Key Identifier:
keyid:06:E4:BB:DA:B8:96:E6:61:13:F3:51:B4:D9:C8:2D:F5:0E:66:A7:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BuS72riW5mET81G02cgt9Q5mpxI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/HXZUY6gfR_EZk77zndCEvMgUx80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/d99947-2298-422f-9da0-fe0d28b68cd5/1/BuS72riW5mET81G02cgt9Q5mpxI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.196.68.0/22
Signature Algorithm: sha256WithRSAEncryption
04:98:98:7d:77:77:ba:98:86:f7:c7:6a:8e:3f:e7:a9:b1:fc:
91:0b:3b:e0:80:71:aa:89:5d:8b:92:82:20:e4:c7:09:c6:67:
09:99:7b:08:3a:a7:ce:4d:d8:9f:b3:16:83:54:c4:f5:84:fd:
a6:cf:4a:7b:ae:be:37:d6:4c:ec:0d:1b:2d:62:d9:29:21:8f:
e9:bd:20:3d:90:7d:60:f6:e8:ca:e9:46:11:7d:01:9d:d3:3b:
2f:ee:d3:6c:11:b3:52:05:47:8d:69:2e:ca:80:3e:89:ae:6a:
4a:13:fd:74:15:44:88:9f:33:c1:3c:c3:51:e3:0c:e4:2f:dd:
fb:4d:30:19:20:93:87:06:f9:a7:8b:ff:c2:04:bc:e2:e8:9c:
c9:74:38:a5:61:bd:17:a0:17:43:d4:78:a5:8f:3c:c0:b3:8d:
9d:db:44:5e:b4:5e:34:c6:d1:b0:bb:6d:5d:47:43:38:9c:c4:
10:15:40:7a:1c:b3:3b:5a:f1:77:76:2b:a0:81:0d:fb:a2:76:
39:a9:1d:37:e7:7d:f4:eb:21:19:99:6f:76:53:dc:ab:91:8e:
4d:e5:f7:dd:70:e7:07:32:5c:53:ad:94:ef:6e:76:42:06:cd:
e6:ba:90:47:94:1c:24:bb:cd:27:54:e7:37:ed:6f:5a:9c:e5:
f2:f1:0e:d1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZc2gucI/6goddF9k0Thpk//MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2ZTRiYmRhYjg5NmU2NjExM2YzNTFiNGQ5YzgyZGY1MGU2
NmE3MTIwHhcNMjUwNjAzMTU1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDc2NTQ2M2E4MWY0N2YxMTk5M2JlZjM5ZGQwODRiY2M4MTRjN2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArCeTeJnPSOZcidF9IbGLOsjF9TtX
Ic+1v1R4OjJG/3gRRakqO/cqSqeR7Xni+neR/V3a20K2ElDwNVb9cfUDeGuy6IwE
Jm9DbqeJWQQ1h4zNdUskol259MR7SKPFN0072QFVs4+t4KbzCpL/47hMQs8Zr4Xl
LzK3UyTEl3OWNtS785L5FrCOPlBtAceGZfwAHEWVISyFI+iOT2lvloEbWbqcJfvi
buVM9VZ7i8sYr/C35ImVu0GOK/L9ZBfpBPj65HXCDg45i47GHlGYV6DeDlgZ9v6O
WV8W9E2GlR2yCnneuVa3JWPuvFqx2+pusu/FRL9bECEBX7KLCjQHz1+F4wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB12VGOoH0fxGZO+853QhLzIFMfNMB8GA1UdIwQY
MBaAFAbku9q4luZhE/NRtNnILfUOZqcSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAt
ZmUwZDI4YjY4Y2Q1LzEvSFhaVVk2Z2ZSX0Vaazc3em5kQ0V2TWdVeDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kOTk5NDctMjI5OC00MjJmLTlkYTAtZmUwZDI4YjY4Y2Q1
LzEvQnVTNzJyaVc1bUVUODFHMDJjZ3Q5UTVtcHhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucREMA0G
CSqGSIb3DQEBCwUAA4IBAQAEmJh9d3e6mIb3x2qOP+epsfyRCzvggHGqiV2LkoIg
5McJxmcJmXsIOqfOTdifsxaDVMT1hP2mz0p7rr431kzsDRstYtkpIY/pvSA9kH1g
9ujK6UYRfQGd0zsv7tNsEbNSBUeNaS7KgD6JrmpKE/10FUSInzPBPMNR4wzkL937
TTAZIJOHBvmni//CBLzi6JzJdDilYb0XoBdD1HiljzzAs42d20RetF40xtGwu21d
R0M4nMQQFUB6HLM7WvF3diuggQ37onY5qR0353306yEZmW92U9yrkY5N5ffdcOcH
MlxTrZTvbnZCBs3mupBHlBwku80nVOc37W9anOXy8Q7R
-----END CERTIFICATE-----
Generated at Mon Jun 9 17:30:17 2025 by rpki-client