Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/HzzAR5xRl-StBf_GfkTtD5ydeuI.roa
File: HzzAR5xRl-StBf_GfkTtD5ydeuI.roa (raw, json)
Hash identifier: oS1MVVl48IS/+vrE4Wrf3XfqP7kUuMtbhLENTdGkAas=
Subject key identifier: 1F:3C:C0:47:9C:51:97:E4:AD:05:FF:C6:7E:44:ED:0F:9C:9D:7A:E2
Certificate issuer: /CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Certificate serial: 0196C14F214D7061CD41A2268E8B7ADF4C22
Authority key identifier: 02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/HzzAR5xRl-StBf_GfkTtD5ydeuI.roa
Signing time: Sun 11 May 2025 21:45:10 +0000
ROA not before: Sun 11 May 2025 21:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211619
IP address blocks: 45.95.168.0/22 maxlen: 22
150.40.96.0/19 maxlen: 19
203.31.217.0/24 maxlen: 24
2a0e:bfc0::/32 maxlen: 32
2a0e:bfc1::/32 maxlen: 32
2a0e:bfc2::/32 maxlen: 32
2a0e:bfc3::/32 maxlen: 32
2a0e:bfc4::/32 maxlen: 32
2a0e:bfc5::/32 maxlen: 32
2a0e:bfc6::/32 maxlen: 32
2a0e:bfc7::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 19 May 2025 13:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c1:4f:21:4d:70:61:cd:41:a2:26:8e:8b:7a:df:4c:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02a962c1fe8e2e12a35576fd62987a0cbba463d4
Validity
Not Before: May 11 21:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f3cc0479c5197e4ad05ffc67e44ed0f9c9d7ae2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:3b:7c:93:13:1c:5c:83:24:cf:cf:eb:d6:c5:
b4:ac:79:d0:9d:d9:6b:73:3f:6d:f5:c5:f6:80:75:
b0:d5:d1:5a:a7:68:d1:8e:bd:17:fc:47:03:29:82:
2d:06:2a:61:42:c5:a4:6d:74:ad:09:ac:60:84:9a:
d2:07:7a:bb:84:31:61:b1:b1:8d:52:7a:bd:67:e4:
ff:6e:75:c1:28:81:b9:fa:de:04:38:8b:9a:e5:2d:
02:f9:7a:cf:48:1c:ff:3b:13:be:e7:77:70:96:a2:
35:70:d1:54:66:f2:8b:2f:60:b7:19:2b:c4:e0:15:
85:ac:37:94:0f:69:44:df:a3:63:1e:e4:f2:b3:93:
51:75:33:14:0f:01:98:57:25:31:81:eb:a9:26:c7:
7f:e2:82:0e:c2:41:85:7f:a7:dd:04:16:2e:ec:6a:
e7:be:76:46:54:f7:ae:18:fc:2a:4a:58:2c:e3:1a:
d1:18:52:4c:f4:41:4e:d7:19:0c:37:3b:31:dc:f5:
11:4a:18:3f:01:aa:8b:41:a6:a2:20:8f:af:0e:1d:
49:cc:e5:ea:46:0f:a8:68:fa:df:0b:c1:dc:ef:12:
df:ec:ee:d7:f3:a9:1f:54:2b:48:49:00:49:c5:c4:
e3:f6:d1:42:db:8e:98:3c:04:08:ed:d6:8f:8a:6b:
ee:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:3C:C0:47:9C:51:97:E4:AD:05:FF:C6:7E:44:ED:0F:9C:9D:7A:E2
X509v3 Authority Key Identifier:
keyid:02:A9:62:C1:FE:8E:2E:12:A3:55:76:FD:62:98:7A:0C:BB:A4:63:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Aqliwf6OLhKjVXb9Yph6DLukY9Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/HzzAR5xRl-StBf_GfkTtD5ydeuI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/c6179a-160d-40e2-ae86-7d134980c5be/1/Aqliwf6OLhKjVXb9Yph6DLukY9Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.168.0/22
150.40.96.0/19
203.31.217.0/24
IPv6:
2a0e:bfc0::-2a0e:bfc7:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1e:d8:07:d3:34:7a:b6:f9:81:de:09:d7:be:75:00:ca:b0:3b:
e0:5c:3a:cb:87:5b:16:d4:a8:a5:68:80:39:21:f9:d1:8c:67:
02:fe:c0:b1:67:0a:65:ee:bc:ed:37:cb:da:4e:54:a9:48:4b:
38:c5:3f:9e:05:c9:3f:42:53:f7:03:9f:e8:1b:eb:e5:b9:66:
d2:10:45:44:55:ed:eb:1a:32:2f:5e:e2:ec:5e:8a:e0:e5:52:
ee:98:3d:55:33:57:4c:14:23:7f:f5:66:ce:e0:2d:9c:cf:5d:
18:18:b6:d4:90:4a:06:70:9e:4c:27:e1:5a:54:4d:4a:5a:41:
18:9d:25:c7:02:b3:fe:56:ae:e6:78:2a:d0:ad:85:f4:b4:1c:
5d:34:9d:bb:ad:65:a9:ae:b1:90:4f:d4:cf:62:cb:51:4c:5b:
6b:61:5f:53:3a:00:61:f1:5b:b2:99:69:51:71:5c:2f:7a:28:
ff:a4:df:d3:69:6e:9e:e0:21:51:95:50:07:63:ba:53:f4:ae:
7f:0b:66:57:6d:35:55:d0:51:7c:c3:53:8a:df:99:98:f3:3e:
f7:45:d3:8e:ff:96:51:15:14:52:6a:e4:a8:fc:6a:2c:de:ee:
83:84:25:ee:64:4b:93:33:35:9e:af:56:27:a8:d1:ed:d1:b3:
3a:11:40:ac
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZbBTyFNcGHNQaImjot630wiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYTk2MmMxZmU4ZTJlMTJhMzU1NzZmZDYyOTg3YTBjYmJh
NDYzZDQwHhcNMjUwNTExMjE0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjNjYzA0NzljNTE5N2U0YWQwNWZmYzY3ZTQ0ZWQwZjljOWQ3YWUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTt8kxMcXIMkz8/r1sW0rHnQndlr
cz9t9cX2gHWw1dFap2jRjr0X/EcDKYItBiphQsWkbXStCaxghJrSB3q7hDFhsbGN
Unq9Z+T/bnXBKIG5+t4EOIua5S0C+XrPSBz/OxO+53dwlqI1cNFUZvKLL2C3GSvE
4BWFrDeUD2lE36NjHuTys5NRdTMUDwGYVyUxgeupJsd/4oIOwkGFf6fdBBYu7Grn
vnZGVPeuGPwqSlgs4xrRGFJM9EFO1xkMNzsx3PURShg/AaqLQaaiII+vDh1JzOXq
Rg+oaPrfC8Hc7xLf7O7X86kfVCtISQBJxcTj9tFC246YPAQI7daPimvuoQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFB88wEecUZfkrQX/xn5E7Q+cnXriMB8GA1UdIwQY
MBaAFAKpYsH+ji4So1V2/WKYegy7pGPUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYt
N2QxMzQ5ODBjNWJlLzEvSHp6QVI1eFJsLVN0QmZfR2ZrVHRENXlkZXVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jNjE3OWEtMTYwZC00MGUyLWFlODYtN2QxMzQ5ODBjNWJl
LzEvQXFsaXdmNk9MaEtqVlhiOVlwaDZETHVrWTlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAYBAIAATASAwQCLV+oAwQF
lihgAwQAyx/ZMBcEAgACMBEwDwMFBioOv8ADBgAqDr/HADANBgkqhkiG9w0BAQsF
AAOCAQEAHtgH0zR6tvmB3gnXvnUAyrA74Fw6y4dbFtSopWiAOSH50YxnAv7AsWcK
Ze687TfL2k5UqUhLOMU/ngXJP0JT9wOf6Bvr5blm0hBFRFXt6xoyL17i7F6K4OVS
7pg9VTNXTBQjf/VmzuAtnM9dGBi21JBKBnCeTCfhWlRNSlpBGJ0lxwKz/lau5ngq
0K2F9LQcXTSdu61lqa6xkE/Uz2LLUUxba2FfUzoAYfFbsplpUXFcL3oo/6Tf02lu
nuAhUZVQB2O6U/SufwtmV201VdBRfMNTit+ZmPM+90XTjv+WURUUUmrkqPxqLN7u
g4Ql7mRLkzM1nq9WJ6jR7dGzOhFArA==
-----END CERTIFICATE-----
Generated at Wed Jun 18 20:00:11 2025 by rpki-client