Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/IoSAeZHdm4RK6q9kOtzGMZ9R7Gs.roa
File: IoSAeZHdm4RK6q9kOtzGMZ9R7Gs.roa (raw, json)
Hash identifier: u+J3wCHsS/VXE3jlJ9OwLtsCaTqcfjASgPl451dFWq8=
Subject key identifier: 22:84:80:79:91:DD:9B:84:4A:EA:AF:64:3A:DC:C6:31:9F:51:EC:6B
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0196DA00D892415314029E4C2656A29B8571
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/IoSAeZHdm4RK6q9kOtzGMZ9R7Gs.roa
Signing time: Fri 16 May 2025 16:50:10 +0000
ROA not before: Fri 16 May 2025 16:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 16 May 2025 20:15:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:da:00:d8:92:41:53:14:02:9e:4c:26:56:a2:9b:85:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 16 16:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2284807991dd9b844aeaaf643adcc6319f51ec6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:51:87:87:61:b8:60:ca:d7:8d:d1:87:1f:46:
8d:d3:6a:10:54:60:a2:8a:cc:4c:88:44:db:d5:85:
eb:78:7d:3e:78:07:b5:cf:f0:ab:6a:22:5f:ae:da:
48:0e:fc:32:41:55:48:ac:da:b4:dc:5e:69:a6:fb:
f2:20:20:68:cf:f5:c3:61:40:79:42:ff:be:ea:7c:
8d:08:e5:75:f5:d5:d9:7e:7b:dc:0e:cf:85:1b:54:
66:45:68:6c:1f:8e:29:a3:de:a4:73:50:d8:4d:f8:
1d:d6:64:54:c0:00:1b:f3:ba:bc:15:7c:9a:22:df:
88:24:86:a3:c8:b7:1f:09:03:8d:e1:94:b1:ec:ff:
d2:74:3e:aa:01:7e:7e:b3:85:12:8a:92:bb:76:98:
91:ac:70:93:27:64:f0:9b:3c:3b:81:d1:5e:c3:3b:
d6:47:f1:59:29:39:46:9f:fe:70:09:4b:00:61:66:
64:8a:f9:80:6f:91:92:9c:0f:59:ed:6b:ff:5d:66:
01:6c:f9:4c:0a:d7:bc:a8:5a:1e:26:2f:78:66:14:
bf:63:56:dc:4c:14:fc:9b:8f:b8:44:32:7c:cf:e8:
ce:66:c5:b5:6a:f0:13:87:8b:1e:2a:64:40:41:06:
44:a9:7a:7f:7a:51:0d:51:9e:54:9f:a1:b5:0e:34:
c5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:84:80:79:91:DD:9B:84:4A:EA:AF:64:3A:DC:C6:31:9F:51:EC:6B
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/IoSAeZHdm4RK6q9kOtzGMZ9R7Gs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.216.104.0/22
193.23.196.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:72:90:72:e1:ab:44:6f:3e:bf:b1:f8:41:a5:86:47:db:22:
f6:09:82:85:90:ff:e8:6e:9a:28:50:da:ec:10:25:77:7b:c4:
e0:51:36:bd:24:86:52:8a:fc:00:54:76:30:b0:f0:8c:30:51:
a8:45:6c:8f:8b:c7:75:5f:3e:da:a7:06:d1:5a:bb:77:d4:0f:
e8:d6:a6:c7:1b:bc:51:7d:e3:bd:59:7a:38:32:3b:ce:f1:81:
68:c2:fe:f1:02:4b:c0:8e:4e:57:32:69:e3:c1:d5:4c:35:92:
c7:99:cd:2a:f4:94:7c:dd:9f:ff:de:f8:5f:d8:c1:23:04:0b:
30:8b:9f:a0:1e:10:43:24:cd:11:91:1a:5f:50:eb:b0:e1:44:
d0:c1:ea:03:91:35:52:18:a5:d6:63:39:74:55:6c:ac:d7:b1:
4e:18:8e:6a:c5:67:9d:54:8f:a8:87:61:06:2e:90:44:64:dc:
dd:e3:df:ad:30:b9:53:9f:09:a8:b0:c7:c0:31:62:81:ef:22:
93:ad:ad:dd:7e:8e:4c:17:a8:03:d8:f8:9c:0d:cb:29:90:ac:
b0:da:40:42:98:1a:3c:9e:f2:c8:50:cc:8f:48:8c:69:60:a6:
8e:99:4e:0a:34:53:80:14:ca:83:1b:dd:ba:13:df:44:19:60:
80:70:38:1d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbaANiSQVMUAp5MJlaim4VxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNTE2MTY1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg0ODA3OTkxZGQ5Yjg0NGFlYWFmNjQzYWRjYzYzMTlmNTFlYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFGHh2G4YMrXjdGHH0aN02oQVGCi
isxMiETb1YXreH0+eAe1z/CraiJfrtpIDvwyQVVIrNq03F5ppvvyICBoz/XDYUB5
Qv++6nyNCOV19dXZfnvcDs+FG1RmRWhsH44po96kc1DYTfgd1mRUwAAb87q8FXya
It+IJIajyLcfCQON4ZSx7P/SdD6qAX5+s4USipK7dpiRrHCTJ2Twmzw7gdFewzvW
R/FZKTlGn/5wCUsAYWZkivmAb5GSnA9Z7Wv/XWYBbPlMCte8qFoeJi94ZhS/Y1bc
TBT8m4+4RDJ8z+jOZsW1avATh4seKmRAQQZEqXp/elENUZ5Un6G1DjTFmwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCKEgHmR3ZuESuqvZDrcxjGfUexrMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvSW9TQWVaSGRtNFJLNnE5a090ekdNWjlSN0dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCQLx8AwQC
udhoAwQAwRfEMA0GCSqGSIb3DQEBCwUAA4IBAQAKcpBy4atEbz6/sfhBpYZH2yL2
CYKFkP/obpooUNrsECV3e8TgUTa9JIZSivwAVHYwsPCMMFGoRWyPi8d1Xz7apwbR
Wrt31A/o1qbHG7xRfeO9WXo4MjvO8YFowv7xAkvAjk5XMmnjwdVMNZLHmc0q9JR8
3Z//3vhf2MEjBAswi5+gHhBDJM0RkRpfUOuw4UTQweoDkTVSGKXWYzl0VWys17FO
GI5qxWedVI+oh2EGLpBEZNzd49+tMLlTnwmosMfAMWKB7yKTra3dfo5MF6gD2Pic
DcspkKyw2kBCmBo8nvLIUMyPSIxpYKaOmU4KNFOAFMqDG926E99EGWCAcDgd
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:21:26 2025 by rpki-client