Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/mhQVRRHJ8xdFBtVqbV-qmvga04M.roa
File: mhQVRRHJ8xdFBtVqbV-qmvga04M.roa (raw, json)
Hash identifier: 5Pdu34qRhXc4ywFvkwAmpdVfAJgWThREaJ5L7jnKkRM=
Subject key identifier: 9A:14:15:45:11:C9:F3:17:45:06:D5:6A:6D:5F:AA:9A:F8:1A:D3:83
Certificate issuer: /CN=24c96d386d7cf59a990d3994f0df8493dfca49b3
Certificate serial: 019769775CF2E1F25CD82BF928226D4A503D
Authority key identifier: 24:C9:6D:38:6D:7C:F5:9A:99:0D:39:94:F0:DF:84:93:DF:CA:49:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMltOG189ZqZDTmU8N-Ek9_KSbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/mhQVRRHJ8xdFBtVqbV-qmvga04M.roa
Signing time: Fri 13 Jun 2025 13:25:19 +0000
ROA not before: Fri 13 Jun 2025 13:25:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8193
IP address blocks: 195.158.12.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jun 2025 05:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:69:77:5c:f2:e1:f2:5c:d8:2b:f9:28:22:6d:4a:50:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24c96d386d7cf59a990d3994f0df8493dfca49b3
Validity
Not Before: Jun 13 13:25:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a14154511c9f3174506d56a6d5faa9af81ad383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:8e:83:e5:6e:17:4c:97:99:66:4b:61:a9:63:
e5:01:23:e8:95:0b:e7:a4:3b:ac:26:5d:b3:aa:98:
ba:fc:2a:6e:19:be:ec:cb:15:4a:2c:e3:7f:68:a4:
b2:e6:e4:42:73:c7:48:e3:7b:26:c0:90:34:ef:12:
00:29:86:1c:78:a4:09:35:c6:e9:4a:18:c5:b7:04:
cf:b1:30:e4:8f:09:48:6c:13:f2:f6:be:c4:2f:4a:
13:3e:33:28:55:4a:ae:4f:3b:d8:01:75:67:b7:13:
df:3f:f5:30:28:c4:c5:25:04:7e:cf:4a:26:fa:ba:
73:b1:81:72:d7:eb:eb:79:aa:7a:d5:b1:a5:2d:83:
83:1c:52:9d:96:f1:d7:ac:02:79:84:16:22:bf:3a:
52:4b:53:83:16:b4:8a:c8:61:f8:d8:40:e2:b4:f4:
8a:73:af:84:60:6e:95:86:a0:c8:c6:70:ae:09:f0:
2c:91:9c:a7:87:40:82:17:d4:31:fc:08:1c:53:58:
56:a5:47:0a:ce:d6:a6:70:00:99:f9:8f:e2:23:b0:
dd:df:bc:cd:c4:bd:cf:1b:fe:82:f9:31:b0:46:3a:
fd:ef:89:84:e0:bb:19:e3:62:52:cc:fe:65:ef:7e:
03:0a:f9:4e:49:e6:e6:cd:81:e9:70:b1:a1:db:49:
a2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:14:15:45:11:C9:F3:17:45:06:D5:6A:6D:5F:AA:9A:F8:1A:D3:83
X509v3 Authority Key Identifier:
keyid:24:C9:6D:38:6D:7C:F5:9A:99:0D:39:94:F0:DF:84:93:DF:CA:49:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMltOG189ZqZDTmU8N-Ek9_KSbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/mhQVRRHJ8xdFBtVqbV-qmvga04M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7bed63-406e-405c-a7f0-7cd9c3baba25/1/JMltOG189ZqZDTmU8N-Ek9_KSbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.158.12.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:58:96:3c:e6:bf:7a:4f:7a:bd:1a:32:5e:4d:d9:f7:bf:72:
27:f6:0f:9b:d9:49:8f:5d:c0:f4:47:78:a2:05:3f:1c:44:04:
86:94:5b:30:2f:eb:ea:58:7a:3e:3f:36:6b:98:13:b4:62:fb:
47:05:b3:5a:a7:5f:6c:f0:99:84:a2:96:56:fd:30:57:fb:83:
d5:26:35:3a:0f:bd:8e:3d:86:2e:33:67:ef:3b:19:1f:23:16:
66:8d:4a:bc:d6:3c:78:76:17:4d:16:b9:e5:73:6a:ea:73:95:
96:ca:b3:a5:ae:8c:b6:fa:6f:b5:85:f6:9e:6e:2a:72:b3:9d:
18:89:28:65:43:97:ef:48:9e:63:98:f5:f3:db:94:b0:04:94:
c8:73:4e:2b:f3:ae:b2:0f:24:e0:27:d7:3d:f2:fe:0c:62:f3:
3d:3a:bf:6c:ee:d3:c1:49:81:20:69:23:71:35:06:ec:62:db:
a5:1a:b5:90:a7:68:39:e5:c1:8f:0a:b6:b9:f1:fd:03:fb:e0:
87:a2:a4:5b:24:aa:fa:a2:e1:68:90:5a:51:37:8b:f2:28:0c:
ec:32:7a:59:46:0a:4e:3c:72:4d:fa:ce:50:c8:9a:e2:86:38:
fb:60:81:eb:7c:42:34:3c:f9:a5:48:32:1d:76:84:f9:68:47:
a7:ce:2f:30
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdpd1zy4fJc2Cv5KCJtSlA9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Yzk2ZDM4NmQ3Y2Y1OWE5OTBkMzk5NGYwZGY4NDkzZGZj
YTQ5YjMwHhcNMjUwNjEzMTMyNTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTE0MTU0NTExYzlmMzE3NDUwNmQ1NmE2ZDVmYWE5YWY4MWFkMzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmo6D5W4XTJeZZkthqWPlASPolQvn
pDusJl2zqpi6/CpuGb7syxVKLON/aKSy5uRCc8dI43smwJA07xIAKYYceKQJNcbp
ShjFtwTPsTDkjwlIbBPy9r7EL0oTPjMoVUquTzvYAXVntxPfP/UwKMTFJQR+z0om
+rpzsYFy1+vreap61bGlLYODHFKdlvHXrAJ5hBYivzpSS1ODFrSKyGH42EDitPSK
c6+EYG6VhqDIxnCuCfAskZynh0CCF9Qx/AgcU1hWpUcKztamcACZ+Y/iI7Dd37zN
xL3PG/6C+TGwRjr974mE4LsZ42JSzP5l734DCvlOSebmzYHpcLGh20mipwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJoUFUURyfMXRQbVam1fqpr4GtODMB8GA1UdIwQY
MBaAFCTJbThtfPWamQ05lPDfhJPfykmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1sdE9HMTg5WnFaRFRtVThOLUVrOV9LU2JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83YmVkNjMtNDA2ZS00MDVjLWE3ZjAt
N2NkOWMzYmFiYTI1LzEvbWhRVlJSSEo4eGRGQnRWcWJWLXFtdmdhMDRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83YmVkNjMtNDA2ZS00MDVjLWE3ZjAtN2NkOWMzYmFiYTI1
LzEvSk1sdE9HMTg5WnFaRFRtVThOLUVrOV9LU2JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw54MMA0G
CSqGSIb3DQEBCwUAA4IBAQBOWJY85r96T3q9GjJeTdn3v3In9g+b2UmPXcD0R3ii
BT8cRASGlFswL+vqWHo+PzZrmBO0YvtHBbNap19s8JmEopZW/TBX+4PVJjU6D72O
PYYuM2fvOxkfIxZmjUq81jx4dhdNFrnlc2rqc5WWyrOlroy2+m+1hfaebipys50Y
iShlQ5fvSJ5jmPXz25SwBJTIc04r866yDyTgJ9c98v4MYvM9Or9s7tPBSYEgaSNx
NQbsYtulGrWQp2g55cGPCra58f0D++CHoqRbJKr6ouFokFpRN4vyKAzsMnpZRgpO
PHJN+s5QyJrihjj7YIHrfEI0PPmlSDIddoT5aEenzi8w
-----END CERTIFICATE-----
Generated at Thu Jul 3 09:29:38 2025 by rpki-client