Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/HJknGICAViX72Z6Wc4fIOw-_RRo.roa
File: HJknGICAViX72Z6Wc4fIOw-_RRo.roa (raw, json)
Hash identifier: DGS7Rjco+E8bsz79eaFTZUa+OzTB+tkADiCC8+TtoZA=
Subject key identifier: 1C:99:27:18:80:80:56:25:FB:D9:9E:96:73:87:C8:3B:0F:BF:45:1A
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 01965DE0B8510E8E6075720296410FC52562
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/HJknGICAViX72Z6Wc4fIOw-_RRo.roa
Signing time: Tue 22 Apr 2025 14:22:10 +0000
ROA not before: Tue 22 Apr 2025 14:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 31.187.0.0/18 maxlen: 18
31.187.0.0/19 maxlen: 19
31.187.32.0/19 maxlen: 19
85.222.0.0/17 maxlen: 17
87.206.0.0/15 maxlen: 15
89.64.0.0/12 maxlen: 12
92.244.32.0/19 maxlen: 19
94.75.64.0/18 maxlen: 18
94.172.0.0/16 maxlen: 16
95.158.64.0/18 maxlen: 18
178.73.0.0/18 maxlen: 18
188.93.160.0/21 maxlen: 21
193.47.158.0/23 maxlen: 23
194.187.40.0/22 maxlen: 22
195.34.208.0/22 maxlen: 22
212.76.32.0/19 maxlen: 19
213.134.160.0/19 maxlen: 19
2001:4050::/32 maxlen: 32
2a02:a300::/27 maxlen: 27
Validation: Failed, certificate revoked on Wed 23 Apr 2025 06:51:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:5d:e0:b8:51:0e:8e:60:75:72:02:96:41:0f:c5:25:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Apr 22 14:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c99271880805625fbd99e967387c83b0fbf451a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:c6:e4:1e:7e:01:c5:bf:fb:26:74:c8:b4:13:
cf:06:ad:7b:ea:5f:a9:bb:7a:a3:04:7b:56:04:24:
35:09:f2:ce:79:da:b9:c9:8e:20:42:3a:ec:19:92:
60:3d:ac:cc:cb:06:62:7d:b4:85:7b:30:d5:99:e5:
a5:37:56:4a:12:d0:8d:c2:7e:bd:87:a8:7b:c1:48:
e3:a8:17:7c:af:b2:6f:50:61:08:01:a1:eb:2d:c4:
10:9d:d4:09:62:2e:1c:cd:1d:47:c3:be:d4:57:6b:
9e:cd:b4:11:d4:77:f3:0a:e2:f0:50:5e:e7:bf:b6:
46:8c:a7:c5:37:20:34:f5:5c:ef:13:97:e5:f9:de:
0a:c5:78:dd:eb:bc:42:be:2c:08:7a:ef:7f:ba:a0:
f7:24:40:05:1a:93:61:b5:21:7a:4b:55:ef:f4:f5:
62:2a:ef:d2:43:57:f0:66:4a:91:66:3a:53:c3:42:
ad:ac:c1:c4:e8:7c:56:cb:12:ec:f8:2f:31:cc:19:
51:3f:95:35:2e:0a:2c:f8:ab:a2:eb:d6:68:3d:87:
b3:4c:81:d1:c9:91:d5:ab:c1:0b:38:6e:35:e5:74:
83:c9:00:1b:e6:37:75:3e:90:f5:22:6a:05:6c:20:
27:d9:b6:b9:47:bf:65:95:19:d7:62:6b:2d:89:f5:
b4:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:99:27:18:80:80:56:25:FB:D9:9E:96:73:87:C8:3B:0F:BF:45:1A
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/HJknGICAViX72Z6Wc4fIOw-_RRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.187.0.0/18
85.222.0.0/17
87.206.0.0/15
89.64.0.0/12
92.244.32.0/19
94.75.64.0/18
94.172.0.0/16
95.158.64.0/18
178.73.0.0/18
188.93.160.0/21
193.47.158.0/23
194.187.40.0/22
195.34.208.0/22
212.76.32.0/19
213.134.160.0/19
IPv6:
2001:4050::/32
2a02:a300::/27
Signature Algorithm: sha256WithRSAEncryption
0a:75:5a:38:99:87:88:ec:44:92:30:ea:f3:d3:3d:1b:22:bc:
a4:11:65:f0:47:73:62:77:27:d2:81:af:56:a1:a0:cb:0e:88:
65:ae:a9:ee:0b:92:2d:6f:ea:66:bd:10:1a:44:c1:35:57:91:
61:c7:0d:34:74:ff:38:4c:6d:87:a1:c1:70:7d:fe:99:40:e2:
10:14:bf:83:2d:51:29:7d:5c:bd:52:5c:5d:1e:2d:44:74:79:
db:c1:d2:b0:22:7d:71:7f:62:db:e3:12:7f:98:95:63:24:4e:
e3:c3:07:fb:da:be:d0:64:24:91:bb:4c:67:4b:af:84:90:1a:
87:b6:86:29:d0:56:75:00:26:0c:53:b9:ca:87:69:44:7d:0a:
ba:f9:b7:cc:63:e2:24:91:9a:4f:ea:c1:02:74:25:c7:91:ad:
2f:eb:d2:8b:69:16:5c:1f:c6:b9:98:e7:0c:8f:fa:68:90:45:
6b:21:f7:98:3e:5a:71:47:9b:44:91:35:db:43:e3:c7:1a:05:
67:ec:d3:ae:e2:af:29:82:74:74:d0:47:c4:33:59:82:62:18:
79:af:7f:e7:25:a4:49:c6:ce:53:aa:04:0f:a5:df:bb:33:5c:
62:12:b8:0d:c6:4d:50:52:c4:a2:ac:ce:9e:a9:51:b6:ee:91:
0c:5c:fa:bd
-----BEGIN CERTIFICATE-----
MIIFZTCCBE2gAwIBAgISAZZd4LhRDo5gdXIClkEPxSViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwNDIyMTQyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzk5MjcxODgwODA1NjI1ZmJkOTllOTY3Mzg3YzgzYjBmYmY0NTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwsbkHn4Bxb/7JnTItBPPBq176l+p
u3qjBHtWBCQ1CfLOedq5yY4gQjrsGZJgPazMywZifbSFezDVmeWlN1ZKEtCNwn69
h6h7wUjjqBd8r7JvUGEIAaHrLcQQndQJYi4czR1Hw77UV2uezbQR1HfzCuLwUF7n
v7ZGjKfFNyA09VzvE5fl+d4KxXjd67xCviwIeu9/uqD3JEAFGpNhtSF6S1Xv9PVi
Ku/SQ1fwZkqRZjpTw0KtrMHE6HxWyxLs+C8xzBlRP5U1Lgos+Kui69ZoPYezTIHR
yZHVq8ELOG415XSDyQAb5jd1PpD1ImoFbCAn2ba5R79llRnXYmstifW01wIDAQAB
o4ICcTCCAm0wHQYDVR0OBBYEFByZJxiAgFYl+9melnOHyDsPv0UaMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvSEprbkdJQ0FWaVg3Mlo2V2M0ZklPdy1fUlJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGGBggrBgEFBQcBBwEB/wR3MHUwXQQCAAEwVwMEBh+7AAME
B1XeAAMDAVfOAwMEWUADBAVc9CADBAZeS0ADAwBerAMEBl+eQAMEBrJJAAMEA7xd
oAMEAcEvngMEAsK7KAMEAsMi0AMEBdRMIAMEBdWGoDAUBAIAAjAOAwUAIAFAUAMF
BSoCowAwDQYJKoZIhvcNAQELBQADggEBAAp1WjiZh4jsRJIw6vPTPRsivKQRZfBH
c2J3J9KBr1ahoMsOiGWuqe4Lki1v6ma9EBpEwTVXkWHHDTR0/zhMbYehwXB9/plA
4hAUv4MtUSl9XL1SXF0eLUR0edvB0rAifXF/YtvjEn+YlWMkTuPDB/vavtBkJJG7
TGdLr4SQGoe2hinQVnUAJgxTucqHaUR9Crr5t8xj4iSRmk/qwQJ0JceRrS/r0otp
FlwfxrmY5wyP+miQRWsh95g+WnFHm0SRNdtD48caBWfs067irymCdHTQR8QzWYJi
GHmvf+clpEnGzlOqBA+l37szXGISuA3GTVBSxKKszp6pUbbukQxc+r0=
-----END CERTIFICATE-----
Generated at Sun Apr 27 20:56:02 2025 by rpki-client