Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1qhWtwcbep3tLa2NjZFtalNTgnk.roa
File: 1qhWtwcbep3tLa2NjZFtalNTgnk.roa (raw, json)
Hash identifier: vGS/heMSaE8jZFjTl3y/kMLCVjv9QPhwsmWrUK5YNxs=
Subject key identifier: D6:A8:56:B7:07:1B:7A:9D:ED:2D:AD:8D:8D:91:6D:6A:53:53:82:79
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01968DBE2503E27B7D05900A49F245EDBBED
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1qhWtwcbep3tLa2NjZFtalNTgnk.roa
Signing time: Thu 01 May 2025 21:26:10 +0000
ROA not before: Thu 01 May 2025 21:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.176.94.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 07 May 2025 16:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8d:be:25:03:e2:7b:7d:05:90:0a:49:f2:45:ed:bb:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 1 21:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6a856b7071b7a9ded2dad8d8d916d6a53538279
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:78:b0:a4:99:12:a5:36:64:b0:61:a3:47:6a:
ac:10:e2:41:8e:12:b8:dd:6e:07:15:58:4b:0c:d5:
7e:48:f0:f2:9d:d5:5d:8c:d5:7a:78:e5:7e:80:f0:
44:1a:2a:c4:66:a2:00:39:f4:28:e2:f3:8e:ab:ce:
34:c5:d6:30:0f:a2:a2:cc:77:84:5e:b6:67:a7:32:
e2:ae:8e:80:c8:94:89:98:08:d6:48:49:9b:24:11:
ae:ec:48:17:4d:5c:8c:44:e3:60:70:e4:87:43:e4:
88:2b:bd:d7:e5:ee:b1:3a:ae:57:0e:40:bc:89:c2:
b9:c3:19:6e:e0:99:13:26:1b:04:8e:6d:5b:b7:f5:
9e:ce:c4:bd:da:ce:d6:b3:e3:f4:58:bb:aa:64:48:
81:65:ee:24:5b:b3:68:cf:8b:30:80:48:4e:f3:2d:
d5:51:a5:cc:35:51:8d:63:00:5a:b6:97:f5:95:0b:
fb:5b:87:08:be:c2:d3:55:61:26:7b:de:e2:91:c0:
22:e0:af:83:b0:65:85:38:92:03:eb:07:a0:51:9f:
da:1f:d9:56:20:79:af:6d:37:44:86:cb:45:75:bc:
16:d1:d7:dc:b2:f7:be:25:f5:c0:54:31:0f:70:a7:
9c:ce:34:91:b9:82:52:e5:8b:42:e8:45:2a:36:81:
e2:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:A8:56:B7:07:1B:7A:9D:ED:2D:AD:8D:8D:91:6D:6A:53:53:82:79
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/1qhWtwcbep3tLa2NjZFtalNTgnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.176.94.0/24
185.216.104.0/22
193.23.196.0/24
Signature Algorithm: sha256WithRSAEncryption
46:6f:ee:09:5e:fd:7b:95:27:53:4a:45:e7:d4:d6:dd:f2:1e:
32:9f:b2:60:48:b2:74:4d:05:a0:6e:68:e0:da:c3:fc:52:16:
2c:1c:74:6b:52:08:bb:e6:39:f9:4e:f5:6d:68:a2:7e:2d:30:
76:4f:5c:2a:63:7b:53:87:40:c6:b0:86:66:30:d8:59:47:8a:
02:9c:ef:86:98:b4:ff:1f:a4:eb:21:4d:83:75:f6:76:a3:8b:
3d:70:d3:b8:23:4e:bb:f7:06:21:c8:59:7f:ed:cd:dc:26:e0:
4d:13:ba:7b:0a:fb:8e:e0:e5:14:9e:17:e1:b5:1d:91:99:56:
56:89:a2:3b:c8:c7:50:1f:92:b5:c2:22:6c:bf:e4:00:40:05:
47:2b:0b:64:89:d4:55:b6:da:ac:80:e9:0a:4f:20:08:29:a9:
6d:a7:a4:d8:85:d0:42:b4:92:c2:d3:c2:c1:05:f7:72:13:e0:
02:b5:ac:bf:75:55:f3:4c:bc:d8:02:58:e0:15:8c:01:e2:22:
e2:79:c5:43:2e:8b:d1:2b:2a:4a:54:a5:0b:4f:07:6d:f9:57:
35:6f:c6:ac:f2:cf:62:6c:60:b6:1e:f7:2c:ec:51:81:d2:62:
82:79:2e:b5:79:5a:53:09:b0:44:13:1d:a4:2f:c3:c1:68:ea:
68:fb:70:98
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaNviUD4nt9BZAKSfJF7bvtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNTAxMjEyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmE4NTZiNzA3MWI3YTlkZWQyZGFkOGQ4ZDkxNmQ2YTUzNTM4Mjc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxHiwpJkSpTZksGGjR2qsEOJBjhK4
3W4HFVhLDNV+SPDyndVdjNV6eOV+gPBEGirEZqIAOfQo4vOOq840xdYwD6KizHeE
XrZnpzLiro6AyJSJmAjWSEmbJBGu7EgXTVyMRONgcOSHQ+SIK73X5e6xOq5XDkC8
icK5wxlu4JkTJhsEjm1bt/WezsS92s7Ws+P0WLuqZEiBZe4kW7Noz4swgEhO8y3V
UaXMNVGNYwBatpf1lQv7W4cIvsLTVWEme97ikcAi4K+DsGWFOJID6wegUZ/aH9lW
IHmvbTdEhstFdbwW0dfcsve+JfXAVDEPcKeczjSRuYJS5YtC6EUqNoHisQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNaoVrcHG3qd7S2tjY2RbWpTU4J5MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMXFoV3R3Y2JlcDN0TGEyTmpaRnRhbE5UZ25rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQLx8AwQA
ubBeAwQCudhoAwQAwRfEMA0GCSqGSIb3DQEBCwUAA4IBAQBGb+4JXv17lSdTSkXn
1Nbd8h4yn7JgSLJ0TQWgbmjg2sP8UhYsHHRrUgi75jn5TvVtaKJ+LTB2T1wqY3tT
h0DGsIZmMNhZR4oCnO+GmLT/H6TrIU2DdfZ2o4s9cNO4I0679wYhyFl/7c3cJuBN
E7p7CvuO4OUUnhfhtR2RmVZWiaI7yMdQH5K1wiJsv+QAQAVHKwtkidRVttqsgOkK
TyAIKaltp6TYhdBCtJLC08LBBfdyE+ACtay/dVXzTLzYAljgFYwB4iLiecVDLovR
KypKVKULTwdt+Vc1b8as8s9ibGC2Hvcs7FGB0mKCeS61eVpTCbBEEx2kL8PBaOpo
+3CY
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:25:59 2025 by rpki-client