Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4FEYxxQbvFc-e9qItQ0TSV8d2Xg.roa
File: 4FEYxxQbvFc-e9qItQ0TSV8d2Xg.roa (raw, json)
Hash identifier: 9lE2CXb9v+Tv5DgQIkMOLD9F6Op0J1MHhmPQ1qtFYIY=
Subject key identifier: E0:51:18:C7:14:1B:BC:57:3E:7B:DA:88:B5:0D:13:49:5F:1D:D9:78
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0196563A68522E01DF98576DF90D4A73D439
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4FEYxxQbvFc-e9qItQ0TSV8d2Xg.roa
Signing time: Mon 21 Apr 2025 02:43:10 +0000
ROA not before: Mon 21 Apr 2025 02:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.196.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 19:31:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:56:3a:68:52:2e:01:df:98:57:6d:f9:0d:4a:73:d4:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 21 02:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e05118c7141bbc573e7bda88b50d13495f1dd978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5c:c4:25:2e:a0:7c:f9:39:27:7d:a7:10:01:
36:9c:96:8f:44:72:20:0b:a5:fc:f7:89:f7:8f:5c:
00:ce:b3:8d:95:52:59:a6:9c:5a:65:03:f5:7e:4a:
ba:81:57:3a:0a:58:ae:5e:a1:3a:fa:db:d5:80:db:
f5:65:55:28:e1:51:53:46:e4:4c:2f:8d:f0:12:f5:
f3:f0:de:4d:e4:74:72:7e:ae:9e:df:28:56:90:5f:
65:8c:92:c3:67:aa:de:71:f9:2b:3b:74:ea:d9:03:
f9:ff:f9:a0:95:bf:4e:80:e3:44:84:a2:03:af:10:
1f:8c:85:1f:c9:52:b2:c2:a2:f2:13:eb:f6:07:ce:
93:09:9d:7b:c7:04:53:09:79:d3:e8:ff:c5:74:3c:
1c:b6:5d:11:9f:81:4e:4c:d9:d3:e8:7b:16:c8:e1:
17:a9:be:41:2f:d9:0c:b3:66:2b:54:41:a7:18:43:
0c:de:10:47:da:be:b0:31:f5:50:76:4a:c4:15:41:
ff:d6:4e:04:0c:d3:0f:92:0a:ce:20:38:4f:fe:3e:
52:5e:7d:c8:6a:5f:ca:6e:87:c5:f7:b1:ed:2b:5f:
43:67:1c:cb:11:9c:bf:f7:4b:94:02:d1:0b:9b:12:
88:97:7a:93:b3:b4:2c:c1:77:56:35:37:8e:38:ad:
b9:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:51:18:C7:14:1B:BC:57:3E:7B:DA:88:B5:0D:13:49:5F:1D:D9:78
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/4FEYxxQbvFc-e9qItQ0TSV8d2Xg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.216.104.0/22
193.23.196.0/23
Signature Algorithm: sha256WithRSAEncryption
88:72:5e:34:a9:02:ca:5b:04:f9:74:9a:e5:2d:91:a0:1b:e6:
39:cf:e5:05:79:55:35:89:49:a0:c1:69:eb:54:57:00:ce:4d:
a7:7b:6d:8f:5d:5d:49:a6:1f:df:b8:1b:66:d2:38:a1:01:e7:
84:75:7a:30:f3:c7:7f:c8:2b:0d:9c:10:dc:0a:3b:bb:cf:f7:
1e:3b:55:43:73:67:92:ca:ca:8d:be:de:0b:be:7e:3a:8c:1e:
ce:b4:80:6b:bb:24:89:ad:cd:0a:83:7e:3d:0c:51:d7:4a:e1:
47:69:06:5f:f0:9d:0d:aa:b6:ca:f7:76:4e:92:81:57:e7:94:
62:13:56:61:ae:77:ed:aa:72:de:01:d8:ce:43:d1:94:85:b3:
55:5d:81:bb:45:b8:7b:9f:9f:61:e4:0f:e6:87:72:04:c4:1c:
81:e9:bc:57:93:a0:87:90:f5:01:ec:bf:0b:aa:be:a3:32:51:
48:a6:22:52:75:93:80:6f:41:86:c0:99:b9:6b:7d:81:b4:f5:
73:a5:23:6a:a0:60:96:4f:75:15:8a:5b:a9:c2:05:5a:43:21:
f0:7b:91:ad:f2:ca:d3:7f:a9:4e:82:22:9a:0d:0a:8e:f5:98:
a5:00:b5:83:c4:c5:cb:ae:1a:9a:fe:5a:63:7c:64:68:f7:b7:
be:33:cf:67
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZWOmhSLgHfmFdt+Q1Kc9Q5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNDIxMDI0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDUxMThjNzE0MWJiYzU3M2U3YmRhODhiNTBkMTM0OTVmMWRkOTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFzEJS6gfPk5J32nEAE2nJaPRHIg
C6X894n3j1wAzrONlVJZppxaZQP1fkq6gVc6CliuXqE6+tvVgNv1ZVUo4VFTRuRM
L43wEvXz8N5N5HRyfq6e3yhWkF9ljJLDZ6recfkrO3Tq2QP5//mglb9OgONEhKID
rxAfjIUfyVKywqLyE+v2B86TCZ17xwRTCXnT6P/FdDwctl0Rn4FOTNnT6HsWyOEX
qb5BL9kMs2YrVEGnGEMM3hBH2r6wMfVQdkrEFUH/1k4EDNMPkgrOIDhP/j5SXn3I
al/KbofF97HtK19DZxzLEZy/90uUAtELmxKIl3qTs7QswXdWNTeOOK25ewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOBRGMcUG7xXPnvaiLUNE0lfHdl4MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvNEZFWXh4UWJ2RmMtZTlxSXRRMFRTVjhkMlhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCQLx8AwQC
udhoAwQBwRfEMA0GCSqGSIb3DQEBCwUAA4IBAQCIcl40qQLKWwT5dJrlLZGgG+Y5
z+UFeVU1iUmgwWnrVFcAzk2ne22PXV1Jph/fuBtm0jihAeeEdXow88d/yCsNnBDc
Cju7z/ceO1VDc2eSysqNvt4Lvn46jB7OtIBruySJrc0Kg349DFHXSuFHaQZf8J0N
qrbK93ZOkoFX55RiE1ZhrnftqnLeAdjOQ9GUhbNVXYG7Rbh7n59h5A/mh3IExByB
6bxXk6CHkPUB7L8Lqr6jMlFIpiJSdZOAb0GGwJm5a32BtPVzpSNqoGCWT3UVilup
wgVaQyHwe5Gt8srTf6lOgiKaDQqO9ZilALWDxMXLrhqa/lpjfGRo97e+M89n
-----END CERTIFICATE-----
Generated at Sun Jun 8 14:49:15 2025 by rpki-client