Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gGomFV4yrDewSG5wuTS12P-q38E.roa
File: gGomFV4yrDewSG5wuTS12P-q38E.roa (raw, json)
Hash identifier: UkuCiTev5VCZ4VEbaZKGxWoBQvfse4FlA67xc1WBuyk=
Subject key identifier: 80:6A:26:15:5E:32:AC:37:B0:48:6E:70:B9:34:B5:D8:FF:AA:DF:C1
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019A031F21ADC0BDB1977FC04D53EB200C42
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gGomFV4yrDewSG5wuTS12P-q38E.roa
Signing time: Mon 20 Oct 2025 19:36:03 +0000
ROA not before: Mon 20 Oct 2025 19:36:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 5.181.180.0/24 maxlen: 24
64.188.112.0/22 maxlen: 24
77.239.100.0/22 maxlen: 24
77.239.112.0/22 maxlen: 24
144.31.8.0/21 maxlen: 21
144.31.28.0/24 maxlen: 24
144.31.29.0/24 maxlen: 24
144.31.32.0/19 maxlen: 19
144.31.64.0/19 maxlen: 24
144.31.96.0/20 maxlen: 24
144.31.112.0/20 maxlen: 24
144.31.128.0/21 maxlen: 24
144.31.144.0/20 maxlen: 24
144.31.160.0/22 maxlen: 22
144.31.172.0/22 maxlen: 22
144.31.184.0/22 maxlen: 22
144.31.202.0/23 maxlen: 24
144.31.204.0/23 maxlen: 24
144.31.206.0/23 maxlen: 24
144.31.224.0/19 maxlen: 24
150.241.64.0/19 maxlen: 24
150.241.124.0/24 maxlen: 24
185.229.222.0/24 maxlen: 24
185.229.223.0/24 maxlen: 24
193.23.192.0/22 maxlen: 24
193.23.196.0/24 maxlen: 24
193.23.204.0/22 maxlen: 22
193.23.212.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 21 Oct 2025 16:28:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:03:1f:21:ad:c0:bd:b1:97:7f:c0:4d:53:eb:20:0c:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Oct 20 19:36:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=806a26155e32ac37b0486e70b934b5d8ffaadfc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:16:24:1f:71:2e:d9:49:60:4c:75:3c:e7:80:
fe:f5:ef:dc:a9:e7:d5:73:3e:66:53:fd:d9:d1:43:
4c:91:ba:85:5a:ff:de:e5:63:e2:ad:6d:3c:81:06:
27:1d:bd:62:ad:f3:d3:bb:8c:ed:82:9d:89:b3:ab:
52:b8:23:48:80:bf:ec:1e:17:9a:8d:1e:17:40:48:
83:47:59:9b:a2:71:af:07:fe:55:b9:f4:02:b2:7d:
ca:16:f4:e6:6a:9c:69:d8:7a:fd:4d:59:22:ef:dd:
9a:93:0f:80:24:fe:8a:0a:30:d4:5e:c0:60:3d:ae:
27:8e:d8:a4:f4:f5:ca:dc:6b:a0:80:f2:9a:cb:83:
36:d6:bc:ba:25:27:83:e3:f1:ce:1c:63:a4:12:9b:
c6:9a:14:68:2b:5b:ac:ce:0f:f1:49:d8:d8:85:a6:
d7:7c:34:dd:48:e3:e1:86:15:d3:7a:12:e8:d3:cd:
f9:e5:9c:17:c5:71:c6:73:b8:f1:8a:cf:17:a1:6a:
0f:cf:1d:ec:ce:c5:de:64:75:75:30:d8:00:c3:d9:
93:3a:3a:0f:d9:cc:5f:bc:66:5c:9e:30:f7:b6:39:
6e:91:f8:a4:f4:c6:dc:f4:66:86:1d:d2:29:b7:02:
b4:01:53:2f:37:7e:db:06:f9:24:76:3b:76:65:da:
c9:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:6A:26:15:5E:32:AC:37:B0:48:6E:70:B9:34:B5:D8:FF:AA:DF:C1
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gGomFV4yrDewSG5wuTS12P-q38E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.180.0/24
64.188.112.0/22
77.239.100.0/22
77.239.112.0/22
144.31.8.0/21
144.31.28.0/23
144.31.32.0-144.31.135.255
144.31.144.0-144.31.163.255
144.31.172.0/22
144.31.184.0/22
144.31.202.0-144.31.207.255
144.31.224.0/19
150.241.64.0/19
150.241.124.0/24
185.229.222.0/23
193.23.192.0-193.23.196.255
193.23.204.0/22
193.23.212.0/22
Signature Algorithm: sha256WithRSAEncryption
b7:f1:df:18:5f:8b:01:81:10:9f:dd:cc:89:d5:06:14:ea:fd:
1a:58:ed:3d:39:e7:61:d6:8f:aa:30:7e:b7:5e:a8:52:44:c1:
91:ce:5d:23:57:ed:a0:f4:9d:82:2b:dd:26:14:ca:54:be:7a:
ed:21:69:c8:d2:ab:0c:cf:eb:d1:0c:6b:8a:60:5b:37:67:a4:
ac:4c:30:4e:8d:4d:26:29:35:47:36:8c:1f:fc:99:55:84:ef:
70:fe:5f:a7:ff:b8:0e:f3:fd:07:b6:5f:00:df:92:cb:f6:4b:
d8:bb:43:7e:97:a0:8c:d7:60:24:c0:cf:51:99:36:23:8d:c1:
a5:ff:93:17:94:fd:d4:55:46:ef:d2:12:0d:38:66:71:29:55:
e2:cf:b4:bb:ab:49:de:49:3e:2c:ff:60:09:63:47:c3:99:bf:
77:08:12:b6:fc:7b:1c:37:12:cc:9b:1b:5d:a4:31:91:1f:42:
9f:37:7e:d7:df:3e:29:37:24:ce:b8:92:9d:51:23:e9:57:09:
67:7c:4c:9d:48:c3:2d:17:1b:02:03:ae:e8:c0:fb:a7:5b:ec:
24:b6:28:32:4a:33:69:4d:e5:56:ae:83:03:3e:8b:55:84:fc:
2a:5c:cf:ad:3b:2e:97:42:66:cc:11:b6:e5:8c:1c:1d:c9:0f:
aa:5a:47:b8
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZoDHyGtwL2xl3/ATVPrIAxCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUxMDIwMTkzNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MDZhMjYxNTVlMzJhYzM3YjA0ODZlNzBiOTM0YjVkOGZmYWFkZmMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsRYkH3Eu2UlgTHU854D+9e/cqefV
cz5mU/3Z0UNMkbqFWv/e5WPirW08gQYnHb1irfPTu4ztgp2Js6tSuCNIgL/sHhea
jR4XQEiDR1mbonGvB/5VufQCsn3KFvTmapxp2Hr9TVki792akw+AJP6KCjDUXsBg
Pa4njtik9PXK3GuggPKay4M21ry6JSeD4/HOHGOkEpvGmhRoK1uszg/xSdjYhabX
fDTdSOPhhhXTehLo08355ZwXxXHGc7jxis8XoWoPzx3szsXeZHV1MNgAw9mTOjoP
2cxfvGZcnjD3tjlukfik9Mbc9GaGHdIptwK0AVMvN37bBvkkdjt2ZdrJ8wIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFIBqJhVeMqw3sEhucLk0tdj/qt/BMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZ0dvbUZWNHlyRGV3U0c1d3VUUzEyUC1xMzhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAF
tbQDBAJAvHADBAJN72QDBAJN73ADBAOQHwgDBAGQHxwwDAMEBZAfIAMEA5AfgDAM
AwQEkB+QAwQCkB+gAwQCkB+sAwQCkB+4MAwDBAGQH8oDBASQH8ADBAWQH+ADBAWW
8UADBACW8XwDBAG55d4wDAMEBsEXwAMEAMEXxAMEAsEXzAMEAsEX1DANBgkqhkiG
9w0BAQsFAAOCAQEAt/HfGF+LAYEQn93MidUGFOr9GljtPTnnYdaPqjB+t16oUkTB
kc5dI1ftoPSdgivdJhTKVL567SFpyNKrDM/r0QxrimBbN2ekrEwwTo1NJik1RzaM
H/yZVYTvcP5fp/+4DvP9B7ZfAN+Sy/ZL2LtDfpegjNdgJMDPUZk2I43Bpf+TF5T9
1FVG79ISDThmcSlV4s+0u6tJ3kk+LP9gCWNHw5m/dwgStvx7HDcSzJsbXaQxkR9C
nzd+198+KTckzriSnVEj6VcJZ3xMnUjDLRcbAgOu6MD7p1vsJLYoMkozaU3lVq6D
Az6LVYT8KlzPrTsul0JmzBG25YwcHckPqlpHuA==
-----END CERTIFICATE-----
Generated at Tue Oct 21 21:01:07 2025 by rpki-client