Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/Het9OB-ZByYYCByWjYlmatfQbBY.roa
File: Het9OB-ZByYYCByWjYlmatfQbBY.roa (raw, json)
Hash identifier: 2FNaSIYbHvwEcwUKtUvs2q7puG+dRk+Vy1+DCM2OEx8=
Subject key identifier: 1D:EB:7D:38:1F:99:07:26:18:08:1C:96:8D:89:66:6A:D7:D0:6C:16
Certificate issuer: /CN=9ca319ea51c8003aad94a8e27ce69492aa2e33a8
Certificate serial: 019663D168DEA2063D57410D6DDB5A06C836
Authority key identifier: 9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nKMZ6lHIADqtlKjifOaUkqouM6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/Het9OB-ZByYYCByWjYlmatfQbBY.roa
Signing time: Wed 23 Apr 2025 18:03:10 +0000
ROA not before: Wed 23 Apr 2025 18:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34578
IP address blocks: 192.112.254.0/24 maxlen: 24
2a00:9480::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 29 Apr 2025 18:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:63:d1:68:de:a2:06:3d:57:41:0d:6d:db:5a:06:c8:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ca319ea51c8003aad94a8e27ce69492aa2e33a8
Validity
Not Before: Apr 23 18:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1deb7d381f99072618081c968d89666ad7d06c16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:19:ff:6e:4a:01:f9:76:a5:5a:6e:22:e6:5d:
b8:44:58:e8:42:88:4c:53:9a:b7:0b:de:04:12:b2:
8f:e7:1e:77:a9:d9:e4:f1:b9:bf:d6:f3:7f:af:a1:
b4:1f:27:92:1a:d9:8f:e0:07:b0:96:10:f2:48:46:
08:e4:f4:73:1a:63:c2:f3:7d:96:0e:c2:47:08:aa:
bc:8e:ed:fe:b0:79:28:4c:50:c3:ab:92:70:c6:06:
bb:42:73:8a:4d:6b:06:4c:ec:ff:79:9c:b2:48:90:
63:c9:0c:28:94:45:c1:00:2c:55:fb:6f:29:40:20:
b7:c4:59:db:8b:68:07:b6:dd:e8:47:88:cd:09:ba:
40:8c:5d:b3:66:6a:87:a0:42:83:cc:f8:70:8e:bc:
e8:75:cb:39:3c:22:84:f9:12:d2:b5:e9:4b:ba:fb:
60:49:99:f4:7b:29:4c:ab:5a:7a:05:0f:7f:79:71:
b1:5d:2c:99:e8:3c:9e:13:6b:be:19:4d:94:e4:ec:
b1:88:1a:77:49:19:19:a1:5a:f8:cd:bf:51:ea:4a:
75:9d:71:bf:1d:d2:63:65:32:c3:2f:71:3e:bb:62:
99:72:8a:bf:e9:93:7f:ef:86:b9:bb:bf:3a:79:c8:
d9:17:99:d4:13:d8:98:21:fe:66:46:05:97:e6:ac:
2e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:EB:7D:38:1F:99:07:26:18:08:1C:96:8D:89:66:6A:D7:D0:6C:16
X509v3 Authority Key Identifier:
keyid:9C:A3:19:EA:51:C8:00:3A:AD:94:A8:E2:7C:E6:94:92:AA:2E:33:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nKMZ6lHIADqtlKjifOaUkqouM6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/Het9OB-ZByYYCByWjYlmatfQbBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/61494c-0744-4991-ab67-0ad3c7962c09/1/nKMZ6lHIADqtlKjifOaUkqouM6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.112.254.0/24
IPv6:
2a00:9480::/32
Signature Algorithm: sha256WithRSAEncryption
46:6a:a9:91:3f:95:b3:67:fc:1a:fc:c8:f5:ba:ec:7d:90:9b:
b5:02:cb:95:86:b1:90:56:0d:97:56:4a:a8:9a:36:bc:38:8f:
27:a1:21:fe:35:15:55:46:6e:a6:d7:cc:7c:45:ca:c9:dd:3a:
49:ac:85:88:c3:d6:c0:17:f5:9f:66:1d:ad:80:8f:70:85:ec:
a0:1c:74:03:27:58:f2:81:fe:45:5f:2c:3f:da:3f:68:65:89:
a0:cf:90:59:e6:3d:7f:bd:02:0f:3e:f8:7f:33:b0:f1:31:26:
0c:91:9e:3f:f6:82:e6:5e:f0:5f:a6:04:46:e2:6c:4b:9c:44:
8b:7c:ca:68:42:6a:19:93:5e:5e:b4:a5:7c:d0:e4:d3:55:73:
d8:3d:10:13:93:9a:18:ac:50:af:3d:91:d6:8d:6e:26:b2:08:
60:e1:34:58:d1:e2:59:41:31:f0:ad:68:b6:34:cf:ad:c1:46:
d8:fc:58:c7:fe:6f:c3:56:6a:ad:87:40:07:70:96:56:e6:16:
b3:ed:3c:0f:8f:81:a8:4d:e4:8d:a1:ac:ca:f4:a3:3c:96:a7:
f4:9e:82:9c:34:78:a7:45:77:41:ed:a4:6f:bc:bc:48:46:e9:
a8:ed:0f:8c:aa:41:64:9e:76:b1:f5:63:5a:d8:ab:80:ab:93:
ec:dc:04:fa
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZj0WjeogY9V0ENbdtaBsg2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljYTMxOWVhNTFjODAwM2FhZDk0YThlMjdjZTY5NDkyYWEy
ZTMzYTgwHhcNMjUwNDIzMTgwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGViN2QzODFmOTkwNzI2MTgwODFjOTY4ZDg5NjY2YWQ3ZDA2YzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxn/bkoB+XalWm4i5l24RFjoQohM
U5q3C94EErKP5x53qdnk8bm/1vN/r6G0HyeSGtmP4AewlhDySEYI5PRzGmPC832W
DsJHCKq8ju3+sHkoTFDDq5Jwxga7QnOKTWsGTOz/eZyySJBjyQwolEXBACxV+28p
QCC3xFnbi2gHtt3oR4jNCbpAjF2zZmqHoEKDzPhwjrzodcs5PCKE+RLStelLuvtg
SZn0eylMq1p6BQ9/eXGxXSyZ6DyeE2u+GU2U5OyxiBp3SRkZoVr4zb9R6kp1nXG/
HdJjZTLDL3E+u2KZcoq/6ZN/74a5u786ecjZF5nUE9iYIf5mRgWX5qwuBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFB3rfTgfmQcmGAgclo2JZmrX0GwWMB8GA1UdIwQY
MBaAFJyjGepRyAA6rZSo4nzmlJKqLjOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbktNWjZsSElBRHF0bEtqaWZPYVVrcW91TTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82MTQ5NGMtMDc0NC00OTkxLWFiNjct
MGFkM2M3OTYyYzA5LzEvSGV0OU9CLVpCeVlZQ0J5V2pZbG1hdGZRYkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82MTQ5NGMtMDc0NC00OTkxLWFiNjctMGFkM2M3OTYyYzA5
LzEvbktNWjZsSElBRHF0bEtqaWZPYVVrcW91TTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwHD+MA0E
AgACMAcDBQAqAJSAMA0GCSqGSIb3DQEBCwUAA4IBAQBGaqmRP5WzZ/wa/Mj1uux9
kJu1AsuVhrGQVg2XVkqomja8OI8noSH+NRVVRm6m18x8RcrJ3TpJrIWIw9bAF/Wf
Zh2tgI9wheygHHQDJ1jygf5FXyw/2j9oZYmgz5BZ5j1/vQIPPvh/M7DxMSYMkZ4/
9oLmXvBfpgRG4mxLnESLfMpoQmoZk15etKV80OTTVXPYPRATk5oYrFCvPZHWjW4m
sghg4TRY0eJZQTHwrWi2NM+twUbY/FjH/m/DVmqth0AHcJZW5haz7TwPj4GoTeSN
oazK9KM8lqf0noKcNHinRXdB7aRvvLxIRumo7Q+MqkFknnax9WNa2KuAq5Ps3AT6
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:36:05 2025 by rpki-client