Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Y0wdzGKC_zcA6ezvWhJaytupRvw.roa
File: Y0wdzGKC_zcA6ezvWhJaytupRvw.roa (raw, json)
Hash identifier: 3p1J9i2z3HcXXq6FTNATFqsHWee/RVncyLmMTw46eWM=
Subject key identifier: 63:4C:1D:CC:62:82:FF:37:00:E9:EC:EF:5A:12:5A:CA:DB:A9:46:FC
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01965EB8CA7CEE8F7C6FF66F90B4AE026C8F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Y0wdzGKC_zcA6ezvWhJaytupRvw.roa
Signing time: Tue 22 Apr 2025 18:18:10 +0000
ROA not before: Tue 22 Apr 2025 18:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.208.0/24 maxlen: 24
193.23.209.0/24 maxlen: 24
193.23.210.0/24 maxlen: 24
193.23.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 19:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5e:b8:ca:7c:ee:8f:7c:6f:f6:6f:90:b4:ae:02:6c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 22 18:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=634c1dcc6282ff3700e9ecef5a125acadba946fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:63:33:e8:94:aa:b6:b7:6b:22:3f:11:2f:71:
32:77:53:12:d2:f7:e1:23:44:3a:bd:72:4e:85:67:
81:35:06:e2:45:1d:e5:2d:53:91:cd:2d:91:cb:26:
26:82:34:fc:f8:a0:e1:ec:3a:1d:11:6a:d0:59:f1:
8e:37:19:b6:8b:8a:09:8b:f3:e2:22:3c:3e:7e:af:
9e:c7:19:b4:7b:e5:f9:1c:ac:e1:fd:a3:09:72:47:
c3:91:1f:a4:6d:15:6b:a4:ae:12:b2:08:8d:f1:0e:
dc:b3:12:71:bf:d8:2b:9a:ba:73:e8:27:a9:f9:67:
5a:1a:0d:45:4c:84:ac:29:d1:df:5c:ca:aa:59:d2:
38:b5:0b:d5:d2:a9:d8:41:0e:a4:05:b0:ff:52:97:
75:34:f6:46:f9:cc:3c:dd:4d:4e:00:c2:7a:a8:00:
cd:13:85:08:4f:65:c9:3f:47:20:17:9b:54:74:05:
70:ea:41:fe:c4:ed:0e:ac:ca:57:81:4d:3d:70:a0:
4e:f1:2e:34:74:f0:c7:b8:7e:86:ac:fd:39:94:a4:
d5:d7:70:a6:94:ee:cc:2a:8b:30:f0:5f:74:b4:01:
f5:61:ba:8c:c3:6a:ff:7a:10:7f:97:a0:d7:b8:2b:
5c:a5:7d:c8:d4:d7:7a:19:d7:ba:9d:8f:98:c7:29:
ef:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:4C:1D:CC:62:82:FF:37:00:E9:EC:EF:5A:12:5A:CA:DB:A9:46:FC
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/Y0wdzGKC_zcA6ezvWhJaytupRvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.216.104.0/22
193.23.208.0/22
Signature Algorithm: sha256WithRSAEncryption
00:64:a6:b4:d8:86:1c:22:d7:6f:2f:e7:f9:9e:55:4e:e2:77:
6e:50:49:c4:83:37:cc:1d:c1:00:23:e5:41:01:8a:77:cb:3e:
92:42:d1:2a:4c:c0:71:79:f9:64:60:09:f8:84:a1:43:f3:96:
94:ef:d7:34:06:8f:ba:e6:5c:a6:18:77:c2:f6:46:6c:b1:ef:
c1:1d:d6:f5:20:d8:5d:ec:0f:cd:e5:de:ce:45:da:ca:f4:d3:
90:68:63:70:16:e7:cd:63:75:37:49:2d:ab:c2:53:4a:38:10:
cd:fd:52:79:cb:6e:b5:a5:1e:55:b5:26:75:7b:69:5b:41:5c:
a4:a6:80:2b:3b:eb:b2:28:b2:78:2c:bd:be:ab:7e:09:fb:89:
44:26:fc:44:3a:c6:6f:01:bd:42:50:5f:c7:32:1a:bb:d3:5a:
c4:3b:49:51:6c:fa:e6:d4:4d:da:32:33:db:a7:a4:a7:94:fb:
72:3c:34:32:a5:f8:6e:21:63:de:fb:61:8c:a3:f3:db:8f:a6:
43:80:bf:60:52:49:42:e2:e4:34:cd:37:95:b7:04:d0:f0:d7:
b8:f0:24:ee:ca:23:4c:d8:7f:79:23:79:e5:ac:b0:bf:fc:c7:
35:3c:57:c5:a5:82:24:59:22:5c:21:71:53:c0:8c:13:ba:95:
b1:5f:1f:7f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZeuMp87o98b/ZvkLSuAmyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNDIyMTgxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzRjMWRjYzYyODJmZjM3MDBlOWVjZWY1YTEyNWFjYWRiYTk0NmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimMz6JSqtrdrIj8RL3Eyd1MS0vfh
I0Q6vXJOhWeBNQbiRR3lLVORzS2RyyYmgjT8+KDh7DodEWrQWfGONxm2i4oJi/Pi
Ijw+fq+exxm0e+X5HKzh/aMJckfDkR+kbRVrpK4SsgiN8Q7csxJxv9grmrpz6Cep
+WdaGg1FTISsKdHfXMqqWdI4tQvV0qnYQQ6kBbD/Upd1NPZG+cw83U1OAMJ6qADN
E4UIT2XJP0cgF5tUdAVw6kH+xO0OrMpXgU09cKBO8S40dPDHuH6GrP05lKTV13Cm
lO7MKosw8F90tAH1YbqMw2r/ehB/l6DXuCtcpX3I1Nd6Gde6nY+YxynvoQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGNMHcxigv83AOns71oSWsrbqUb8MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvWTB3ZHpHS0NfemNBNmV6dldoSmF5dHVwUnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCQLx8AwQC
udhoAwQCwRfQMA0GCSqGSIb3DQEBCwUAA4IBAQAAZKa02IYcItdvL+f5nlVO4ndu
UEnEgzfMHcEAI+VBAYp3yz6SQtEqTMBxeflkYAn4hKFD85aU79c0Bo+65lymGHfC
9kZsse/BHdb1INhd7A/N5d7ORdrK9NOQaGNwFufNY3U3SS2rwlNKOBDN/VJ5y261
pR5VtSZ1e2lbQVykpoArO+uyKLJ4LL2+q34J+4lEJvxEOsZvAb1CUF/HMhq701rE
O0lRbPrm1E3aMjPbp6SnlPtyPDQypfhuIWPe+2GMo/Pbj6ZDgL9gUklC4uQ0zTeV
twTQ8Ne48CTuyiNM2H95I3nlrLC//Mc1PFfFpYIkWSJcIXFTwIwTupWxXx9/
-----END CERTIFICATE-----
Generated at Sun Jun 8 21:35:30 2025 by rpki-client