Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2eacgzOfubtPEvDYHkGlgU6fcjA.roa
File: 2eacgzOfubtPEvDYHkGlgU6fcjA.roa (raw, json)
Hash identifier: AcWoZStBCap+f1FiqsPT0UtkIIOPZThr1cKWjfRJhZQ=
Subject key identifier: D9:E6:9C:83:33:9F:B9:BB:4F:12:F0:D8:1E:41:A5:81:4E:9F:72:30
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0194DC9F79E5AFF6441C02FE1AEFC4136A7A
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2eacgzOfubtPEvDYHkGlgU6fcjA.roa
Signing time: Thu 06 Feb 2025 18:57:06 +0000
ROA not before: Thu 06 Feb 2025 18:57:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.64.0/20 maxlen: 24
64.188.80.0/21 maxlen: 24
64.188.88.0/22 maxlen: 24
64.188.92.0/22 maxlen: 24
64.188.100.0/22 maxlen: 24
64.188.104.0/22 maxlen: 24
64.188.108.0/22 maxlen: 24
64.188.112.0/23 maxlen: 24
64.188.114.0/23 maxlen: 24
64.188.116.0/23 maxlen: 24
64.188.118.0/23 maxlen: 24
64.188.120.0/24 maxlen: 24
64.188.121.0/24 maxlen: 24
64.188.122.0/24 maxlen: 24
64.188.123.0/24 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.192.0/19 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Feb 2025 20:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:dc:9f:79:e5:af:f6:44:1c:02:fe:1a:ef:c4:13:6a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 6 18:57:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9e69c83339fb9bb4f12f0d81e41a5814e9f7230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cf:b0:93:d6:09:40:2a:a7:3c:af:f5:f4:a0:
1a:b3:90:14:0a:55:a0:2f:b4:a9:e5:91:7a:b4:86:
0f:97:ca:49:8d:ec:2b:85:76:e9:36:ab:49:e9:d0:
40:e2:38:88:bc:37:db:01:af:79:77:72:6d:51:17:
33:2a:d2:fe:b5:f9:38:cc:94:09:71:85:f4:9a:bd:
b1:0a:c4:ae:31:13:fd:81:c1:2c:22:fa:ea:e2:e9:
a9:dd:ef:7f:1b:f2:b7:1d:31:81:fe:13:94:88:66:
a1:90:10:e2:f3:96:8a:4e:47:20:33:95:f6:35:8c:
3a:16:0c:f7:4b:f9:0f:d8:bb:96:eb:9a:2f:2e:a7:
84:1b:32:16:18:c5:17:4d:31:18:65:13:8b:d5:55:
b5:18:43:28:42:71:90:81:56:83:cf:80:34:20:18:
3d:6e:77:78:8e:01:eb:a5:ee:9f:fe:f5:04:54:61:
ff:22:13:53:7f:8f:e4:29:14:aa:ff:62:ac:32:05:
ee:3f:01:61:42:f8:f7:a2:7e:50:c1:dd:a9:bc:62:
70:55:d0:df:ce:ff:8c:57:42:94:f9:a9:4d:87:4c:
3f:42:5f:6e:76:8e:a5:5e:3c:a6:f8:17:bb:7a:05:
c2:f9:08:59:42:a1:2f:0e:5b:93:39:77:d6:43:c5:
28:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E6:9C:83:33:9F:B9:BB:4F:12:F0:D8:1E:41:A5:81:4E:9F:72:30
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/2eacgzOfubtPEvDYHkGlgU6fcjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.64.0/19
64.188.100.0-64.188.127.255
185.216.104.0/22
193.23.192.0/19
Signature Algorithm: sha256WithRSAEncryption
86:37:d1:0a:53:88:91:f8:e6:62:f4:34:89:1e:07:86:ef:4b:
2e:28:b4:3f:13:29:83:19:e3:5f:72:b2:57:62:fa:f1:54:4d:
fe:81:cc:2d:ed:f5:db:81:d8:6c:3a:c0:03:0f:51:8b:3b:51:
88:06:8a:00:34:5f:d7:6b:e6:58:ae:03:de:1a:a3:b3:25:dd:
42:3c:9f:fc:e0:2d:8f:ba:fb:72:c0:ce:7f:b0:ff:20:7f:2b:
ae:a0:12:26:69:bd:9a:c6:d3:e5:b1:c4:29:2c:a3:01:92:53:
b8:68:a2:78:38:92:56:c1:32:68:5d:46:d6:61:0d:8a:4b:06:
6c:18:cc:ad:4f:5b:be:c9:d4:e1:50:a5:c9:f4:00:cd:a7:5f:
e3:a8:a0:92:75:70:33:6d:40:4c:91:bc:28:a0:ea:e7:3b:96:
99:b1:49:ee:3d:2a:a7:fd:da:d3:e9:47:1a:9b:e2:06:e5:0a:
24:06:98:ea:c7:76:78:5e:b7:61:36:0f:ef:ca:c0:f0:bb:1a:
51:d5:c6:17:4f:4f:c9:7d:b1:e1:bb:16:fe:73:70:67:d3:47:
73:aa:f6:55:bc:ae:1f:68:03:c8:c6:0a:ba:bd:e5:5f:4c:b0:
23:c2:ab:bd:d9:23:8a:2d:da:61:e7:a5:62:73:a3:3b:da:5a:
bd:a3:0e:49
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZTcn3nlr/ZEHAL+Gu/EE2p6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjA2MTg1NzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU2OWM4MzMzOWZiOWJiNGYxMmYwZDgxZTQxYTU4MTRlOWY3MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8+wk9YJQCqnPK/19KAas5AUClWg
L7Sp5ZF6tIYPl8pJjewrhXbpNqtJ6dBA4jiIvDfbAa95d3JtURczKtL+tfk4zJQJ
cYX0mr2xCsSuMRP9gcEsIvrq4ump3e9/G/K3HTGB/hOUiGahkBDi85aKTkcgM5X2
NYw6Fgz3S/kP2LuW65ovLqeEGzIWGMUXTTEYZROL1VW1GEMoQnGQgVaDz4A0IBg9
bnd4jgHrpe6f/vUEVGH/IhNTf4/kKRSq/2KsMgXuPwFhQvj3on5Qwd2pvGJwVdDf
zv+MV0KU+alNh0w/Ql9udo6lXjym+Be7egXC+QhZQqEvDluTOXfWQ8UoDwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNnmnIMzn7m7TxLw2B5BpYFOn3IwMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvMmVhY2d6T2Z1YnRQRXZEWUhrR2xnVTZmY2pBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQFQLxAMAwD
BAJAvGQDBAdAvAADBAK52GgDBAXBF8AwDQYJKoZIhvcNAQELBQADggEBAIY30QpT
iJH45mL0NIkeB4bvSy4otD8TKYMZ419ysldi+vFUTf6BzC3t9duB2Gw6wAMPUYs7
UYgGigA0X9dr5liuA94ao7Ml3UI8n/zgLY+6+3LAzn+w/yB/K66gEiZpvZrG0+Wx
xCksowGSU7hoong4klbBMmhdRtZhDYpLBmwYzK1PW77J1OFQpcn0AM2nX+OooJJ1
cDNtQEyRvCig6uc7lpmxSe49Kqf92tPpRxqb4gblCiQGmOrHdnhet2E2D+/KwPC7
GlHVxhdPT8l9seG7Fv5zcGfTR3Oq9lW8rh9oA8jGCrq95V9MsCPCq73ZI4ot2mHn
pWJzozvaWr2jDkk=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:49 2025 by rpki-client