Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/kH1QhAz62ATmO3iucuyOB2ylmlA.roa
File: kH1QhAz62ATmO3iucuyOB2ylmlA.roa (raw, json)
Hash identifier: mEz6RtIjo33V45kTBpsr54yVWOAmk2t1TpxkKa9wBJk=
Subject key identifier: 90:7D:50:84:0C:FA:D8:04:E6:3B:78:AE:72:EC:8E:07:6C:A5:9A:50
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 01968C9842DFD40455F5EFE257EE7AC64679
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/kH1QhAz62ATmO3iucuyOB2ylmlA.roa
Signing time: Thu 01 May 2025 16:05:10 +0000
ROA not before: Thu 01 May 2025 16:05:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 21:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8c:98:42:df:d4:04:55:f5:ef:e2:57:ee:7a:c6:46:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: May 1 16:05:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=907d50840cfad804e63b78ae72ec8e076ca59a50
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:29:5a:2e:b4:c9:0e:57:fd:e9:0c:ea:7f:43:
e0:74:25:6f:bb:2c:3b:25:9d:bc:50:45:38:cc:3e:
b3:ed:94:95:eb:66:74:95:87:2e:31:11:4f:a3:4a:
e8:93:cb:5d:77:5a:69:2c:0d:59:55:ee:cb:6e:d8:
cf:cf:38:56:ac:f2:50:f9:8a:2f:a4:70:b0:c4:73:
9e:45:c3:56:7a:16:a7:90:4a:fb:7c:81:b5:e9:2d:
03:d8:70:82:35:4a:59:7d:ae:53:cd:5c:61:bb:13:
0d:ac:2b:01:63:57:ca:1f:c3:d6:e4:ba:55:4c:ec:
f4:83:b4:13:e8:da:c6:41:e0:0f:12:18:4d:55:86:
e5:b6:57:25:72:0e:d8:d0:84:00:53:69:3e:d7:d3:
84:61:9e:11:3a:44:80:1e:94:b2:c2:46:7f:3d:08:
e8:9f:b6:e4:f5:b5:da:2b:07:48:81:6c:c3:ba:67:
fc:94:b3:5f:5b:22:4e:bb:6a:5b:84:2b:3d:15:13:
be:7e:8a:a1:b2:21:3b:21:90:ab:20:69:97:a3:22:
7e:f6:dc:6a:30:6b:70:0c:59:a1:28:21:74:dc:fc:
c7:63:a7:78:48:25:c6:a8:12:cd:c2:a6:ec:8b:55:
a4:b4:b5:c8:0d:43:58:ae:90:ac:e6:fb:a1:24:33:
57:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7D:50:84:0C:FA:D8:04:E6:3B:78:AE:72:EC:8E:07:6C:A5:9A:50
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/kH1QhAz62ATmO3iucuyOB2ylmlA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.216.104.0/22
193.23.196.0/24
Signature Algorithm: sha256WithRSAEncryption
89:4b:59:f5:58:15:e9:b0:dd:4d:1a:b2:f1:98:a6:e9:66:bb:
0e:81:a9:24:f4:a8:d6:29:47:4d:92:5f:c7:1c:dc:3a:0a:9b:
a8:eb:4a:da:db:63:da:5a:61:f7:16:13:09:59:6d:ae:71:ca:
20:04:9f:d2:ca:f4:5d:05:57:eb:40:6d:a4:91:0c:01:7f:36:
58:06:23:26:8e:8d:ac:ca:85:32:54:65:1b:be:fd:f5:10:f2:
fc:fd:76:07:73:16:d8:58:db:33:8f:4f:a7:86:6c:81:1e:96:
da:1a:c6:c0:bc:96:c6:6b:d8:0d:7d:02:b9:09:3a:61:50:af:
1f:35:97:18:dc:33:16:b9:bb:b3:1f:3b:81:45:e9:6b:ed:eb:
24:d6:1f:b2:48:df:f3:34:ec:6f:69:1a:49:0e:7f:d3:d1:ba:
d9:60:8c:a5:76:fd:cf:bc:70:f7:54:d0:35:47:0e:e0:f9:5c:
14:fa:95:f4:55:45:3e:1a:10:27:b3:31:fb:9f:ab:7e:e2:87:
65:92:17:cf:70:f9:84:bb:26:00:ce:07:87:82:9c:28:a5:2f:
00:98:63:4c:15:a7:84:77:0c:78:28:ff:5f:08:2b:48:04:16:
47:77:4c:60:69:4b:20:0c:86:66:7c:05:97:34:20:e2:41:9a:
65:53:ce:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZaMmELf1ARV9e/iV+56xkZ5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNTAxMTYwNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdkNTA4NDBjZmFkODA0ZTYzYjc4YWU3MmVjOGUwNzZjYTU5YTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmilaLrTJDlf96Qzqf0PgdCVvuyw7
JZ28UEU4zD6z7ZSV62Z0lYcuMRFPo0rok8tdd1ppLA1ZVe7LbtjPzzhWrPJQ+Yov
pHCwxHOeRcNWehankEr7fIG16S0D2HCCNUpZfa5TzVxhuxMNrCsBY1fKH8PW5LpV
TOz0g7QT6NrGQeAPEhhNVYbltlclcg7Y0IQAU2k+19OEYZ4ROkSAHpSywkZ/PQjo
n7bk9bXaKwdIgWzDumf8lLNfWyJOu2pbhCs9FRO+foqhsiE7IZCrIGmXoyJ+9txq
MGtwDFmhKCF03PzHY6d4SCXGqBLNwqbsi1WktLXIDUNYrpCs5vuhJDNXMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJB9UIQM+tgE5jt4rnLsjgdspZpQMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEva0gxUWhBejYyQVRtTzNpdWN1eU9CMnlsbWxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCQLx8AwQC
udhoAwQAwRfEMA0GCSqGSIb3DQEBCwUAA4IBAQCJS1n1WBXpsN1NGrLxmKbpZrsO
gakk9KjWKUdNkl/HHNw6Cpuo60ra22PaWmH3FhMJWW2uccogBJ/SyvRdBVfrQG2k
kQwBfzZYBiMmjo2syoUyVGUbvv31EPL8/XYHcxbYWNszj0+nhmyBHpbaGsbAvJbG
a9gNfQK5CTphUK8fNZcY3DMWubuzHzuBRelr7esk1h+ySN/zNOxvaRpJDn/T0brZ
YIyldv3PvHD3VNA1Rw7g+VwU+pX0VUU+GhAnszH7n6t+4odlkhfPcPmEuyYAzgeH
gpwopS8AmGNMFaeEdwx4KP9fCCtIBBZHd0xgaUsgDIZmfAWXNCDiQZplU861
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:17:53 2025 by rpki-client