Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/c7jIxx78OcxFNu01bgilUN4hPKs.roa
File: c7jIxx78OcxFNu01bgilUN4hPKs.roa (raw, json)
Hash identifier: KMtcM/t0vsLOvlxba0GJUVw08pwfi3ywy9Zkt7yb1Ak=
Subject key identifier: 73:B8:C8:C7:1E:FC:39:CC:45:36:ED:35:6E:08:A5:50:DE:21:3C:AB
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 0195251D281F31B37415AEFAA017C7627AAF
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/c7jIxx78OcxFNu01bgilUN4hPKs.roa
Signing time: Thu 20 Feb 2025 20:47:02 +0000
ROA not before: Thu 20 Feb 2025 20:47:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.100.0/22 maxlen: 24
64.188.120.0/22 maxlen: 24
64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.192.0/21 maxlen: 24
193.23.200.0/22 maxlen: 24
193.23.204.0/22 maxlen: 24
193.23.208.0/22 maxlen: 24
193.23.212.0/22 maxlen: 24
193.23.216.0/23 maxlen: 24
193.23.218.0/23 maxlen: 24
193.23.220.0/24 maxlen: 24
193.23.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 07 Mar 2025 18:02:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:25:1d:28:1f:31:b3:74:15:ae:fa:a0:17:c7:62:7a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Feb 20 20:47:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73b8c8c71efc39cc4536ed356e08a550de213cab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:06:38:5f:f1:a9:3a:3d:48:61:14:8a:13:15:
e5:b4:0d:91:d0:a9:85:b7:79:57:62:18:fc:d7:57:
61:e3:87:f2:23:78:b1:78:33:36:eb:ae:a9:e6:b5:
8f:47:4f:5c:82:3c:94:93:9c:a2:3d:73:80:a4:47:
2f:84:45:8c:68:f4:4f:71:13:55:7c:3b:5a:a4:aa:
33:4b:42:9d:74:f2:49:21:93:f4:b1:76:a9:aa:b5:
12:7c:bd:42:47:18:40:83:3c:bd:18:77:90:2d:87:
93:19:55:30:93:f1:e7:89:72:e8:4d:66:03:5b:97:
88:62:b1:8f:91:d3:de:aa:d8:bc:09:b8:c7:15:e6:
aa:b3:09:c5:f8:ff:5c:3e:c6:20:f0:33:94:93:0c:
06:66:83:54:fe:67:2b:c2:2f:f3:81:71:47:56:0d:
af:b4:53:7c:7d:e3:c7:b7:8e:6b:84:8d:f2:58:c6:
e7:1e:48:d2:3b:18:35:66:ae:fa:cc:63:72:22:4a:
9d:c0:f2:eb:e3:3a:22:bb:e4:25:65:c4:7b:37:f5:
12:2f:11:3d:c2:14:32:56:f5:d1:fd:a9:77:a4:6b:
32:5d:90:5b:94:c0:44:63:e9:33:66:20:85:95:54:
93:5b:cf:14:1c:ae:95:f1:b4:e8:36:9f:34:4a:08:
cc:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:B8:C8:C7:1E:FC:39:CC:45:36:ED:35:6E:08:A5:50:DE:21:3C:AB
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/c7jIxx78OcxFNu01bgilUN4hPKs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.100.0/22
64.188.120.0/21
185.216.104.0/22
193.23.192.0-193.23.221.255
Signature Algorithm: sha256WithRSAEncryption
7c:00:34:a9:e0:e0:1a:8f:ad:57:14:da:bf:78:1f:2c:6a:a8:
32:34:03:9b:3f:60:cc:c5:23:ad:5b:29:88:a4:12:bf:eb:7c:
e5:1c:3f:66:90:42:07:7f:2d:00:a7:61:a8:30:77:f9:42:9b:
3a:77:24:03:a7:5d:1c:3d:1d:20:e1:0c:ab:4a:e9:46:35:4d:
62:64:2d:45:5b:d5:1a:93:3f:1c:80:e8:03:ba:94:a8:48:9a:
fc:1b:53:30:29:e4:69:78:62:bc:ae:29:a2:83:52:ae:c5:6c:
7c:b0:ef:02:e4:6d:ef:e0:cd:ed:27:5d:0e:72:f3:4c:f6:9e:
c8:65:35:67:78:0a:0f:4d:51:98:a6:87:36:fe:9d:23:4d:53:
75:73:af:ba:17:2c:84:d2:02:f8:59:65:c7:c5:e3:7c:0d:8f:
96:02:42:30:66:43:e7:56:31:9b:13:ce:a8:d4:b6:f4:cc:93:
42:03:2b:bb:92:ac:c7:f7:79:56:e5:30:12:79:12:08:3c:aa:
54:df:99:95:2c:d5:ff:f4:77:29:28:b5:42:12:4c:4a:78:f8:
76:d9:90:ad:63:1a:2f:e2:db:85:81:7b:3c:2e:5e:3a:30:9c:
18:47:6f:2d:c7:4c:50:96:c8:0e:02:1e:fa:1a:a8:e3:73:94:
bf:30:28:1d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZUlHSgfMbN0Fa76oBfHYnqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMjIwMjA0NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2I4YzhjNzFlZmMzOWNjNDUzNmVkMzU2ZTA4YTU1MGRlMjEzY2FiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0QY4X/GpOj1IYRSKExXltA2R0KmF
t3lXYhj811dh44fyI3ixeDM2666p5rWPR09cgjyUk5yiPXOApEcvhEWMaPRPcRNV
fDtapKozS0KddPJJIZP0sXapqrUSfL1CRxhAgzy9GHeQLYeTGVUwk/HniXLoTWYD
W5eIYrGPkdPeqti8CbjHFeaqswnF+P9cPsYg8DOUkwwGZoNU/mcrwi/zgXFHVg2v
tFN8fePHt45rhI3yWMbnHkjSOxg1Zq76zGNyIkqdwPLr4zoiu+QlZcR7N/USLxE9
whQyVvXR/al3pGsyXZBblMBEY+kzZiCFlVSTW88UHK6V8bToNp80SgjMcQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHO4yMce/DnMRTbtNW4IpVDeITyrMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvYzdqSXh4NzhPY3hGTnUwMWJnaWxVTjRoUEtzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCQLxkAwQD
QLx4AwQCudhoMAwDBAbBF8ADBAHBF9wwDQYJKoZIhvcNAQELBQADggEBAHwANKng
4BqPrVcU2r94HyxqqDI0A5s/YMzFI61bKYikEr/rfOUcP2aQQgd/LQCnYagwd/lC
mzp3JAOnXRw9HSDhDKtK6UY1TWJkLUVb1RqTPxyA6AO6lKhImvwbUzAp5Gl4Yryu
KaKDUq7FbHyw7wLkbe/gze0nXQ5y80z2nshlNWd4Cg9NUZimhzb+nSNNU3Vzr7oX
LITSAvhZZcfF43wNj5YCQjBmQ+dWMZsTzqjUtvTMk0IDK7uSrMf3eVblMBJ5Egg8
qlTfmZUs1f/0dykotUISTEp4+HbZkK1jGi/i24WBezwuXjownBhHby3HTFCWyA4C
HvoaqONzlL8wKB0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:32:09 2025 by rpki-client