Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gtK5b4n6T09cWRqMhLMnHeo4oPY.roa
File: gtK5b4n6T09cWRqMhLMnHeo4oPY.roa (raw, json)
Hash identifier: PQ2TkKFYy072mMjpjnr573qjQNjMHmRV6Pzixl1MEFE=
Subject key identifier: 82:D2:B9:6F:89:FA:4F:4F:5C:59:1A:8C:84:B3:27:1D:EA:38:A0:F6
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019687616A6722C28BFC617137BC2C22B1E3
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gtK5b4n6T09cWRqMhLMnHeo4oPY.roa
Signing time: Wed 30 Apr 2025 15:47:10 +0000
ROA not before: Wed 30 Apr 2025 15:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213520
IP address blocks: 193.23.197.0/24 maxlen: 24
193.23.218.0/23 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 16:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:61:6a:67:22:c2:8b:fc:61:71:37:bc:2c:22:b1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 30 15:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82d2b96f89fa4f4f5c591a8c84b3271dea38a0f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b9:f3:d2:1a:fe:d0:3d:7d:5c:f3:41:d9:ea:
50:34:e1:07:bb:98:3a:33:39:26:5b:4f:dd:e7:c4:
34:c7:fa:f1:75:b8:b0:2e:29:e9:a5:16:57:50:5d:
30:ae:ce:f4:af:55:5d:99:40:cd:db:fd:3e:e7:df:
0f:f8:ba:75:1e:5d:a0:2f:94:3b:56:c5:f5:9f:c6:
91:43:d5:fa:77:28:3f:eb:8f:fe:fc:e6:06:e3:56:
e4:26:3a:ac:25:7d:e8:46:f9:52:68:d7:b9:3f:d4:
08:f9:97:42:ef:66:13:e4:c1:d5:c3:f4:f3:4f:44:
5f:b6:f4:e4:3d:f5:75:3c:21:77:6d:94:29:71:83:
cd:89:28:84:6d:14:f8:f1:d8:37:76:9b:f3:39:a0:
d9:bc:b6:f5:11:76:24:96:6f:c8:c6:eb:ac:1a:36:
c0:84:74:96:52:45:66:22:30:57:c0:c7:a7:f2:3f:
53:0e:d0:cb:20:79:f1:62:20:7f:88:d5:8f:a1:10:
62:36:f6:5a:58:79:42:68:82:0a:cc:77:ee:00:70:
38:4a:b3:66:92:f7:a2:67:95:ae:12:73:af:1e:7e:
1b:c6:86:f5:41:79:da:bc:2d:95:c3:03:05:90:c6:
77:c1:79:0b:79:e6:2e:60:a6:47:2f:84:c3:c0:41:
d1:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:D2:B9:6F:89:FA:4F:4F:5C:59:1A:8C:84:B3:27:1D:EA:38:A0:F6
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/gtK5b4n6T09cWRqMhLMnHeo4oPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.23.197.0/24
193.23.218.0/23
Signature Algorithm: sha256WithRSAEncryption
44:9f:39:91:01:36:cc:ae:8a:cd:77:da:de:03:83:94:89:e3:
46:b6:40:57:13:06:cf:80:d5:d6:68:6a:92:23:85:2a:bc:ed:
13:8a:7a:f8:41:78:e8:d5:31:8e:80:cd:62:9e:af:fc:14:d5:
08:28:96:d9:38:a6:ab:49:65:28:39:e7:1c:4b:ad:a6:f6:5e:
dc:7f:08:c3:e1:12:9f:c5:81:81:3f:5f:09:58:61:6d:c3:f4:
53:8e:af:17:20:08:61:9c:24:36:8d:19:f0:da:7b:6f:d6:7a:
00:5c:a1:07:50:c4:43:5f:7f:42:5b:a4:c7:64:1b:fe:c2:56:
18:39:7b:73:b5:14:e0:ec:bc:4e:d0:a4:0c:45:17:e6:49:e5:
6e:1d:09:0d:60:3e:ed:7e:ee:c1:32:9e:6d:55:7d:0d:56:b2:
ab:ef:fd:4b:fe:db:df:3b:22:be:89:1a:c4:18:32:39:04:63:
26:f3:f3:f7:3e:52:eb:88:e0:80:5f:79:ac:8b:15:00:14:29:
b5:1d:c1:42:cf:de:09:ad:ae:16:27:b5:5e:6e:00:c7:0d:d6:
11:4c:92:6a:1e:9b:36:e3:79:f5:e3:ae:74:0e:95:d5:dd:72:
be:2d:c5:7c:39:b7:35:c5:4a:5c:68:e1:a6:08:db:8b:c3:ad:
09:72:e9:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZaHYWpnIsKL/GFxN7wsIrHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNDMwMTU0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmQyYjk2Zjg5ZmE0ZjRmNWM1OTFhOGM4NGIzMjcxZGVhMzhhMGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbnz0hr+0D19XPNB2epQNOEHu5g6
MzkmW0/d58Q0x/rxdbiwLinppRZXUF0wrs70r1VdmUDN2/0+598P+Lp1Hl2gL5Q7
VsX1n8aRQ9X6dyg/64/+/OYG41bkJjqsJX3oRvlSaNe5P9QI+ZdC72YT5MHVw/Tz
T0RftvTkPfV1PCF3bZQpcYPNiSiEbRT48dg3dpvzOaDZvLb1EXYklm/IxuusGjbA
hHSWUkVmIjBXwMen8j9TDtDLIHnxYiB/iNWPoRBiNvZaWHlCaIIKzHfuAHA4SrNm
kveiZ5WuEnOvHn4bxob1QXnavC2VwwMFkMZ3wXkLeeYuYKZHL4TDwEHR3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFILSuW+J+k9PXFkajISzJx3qOKD2MB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvZ3RLNWI0bjZUMDljV1JxTWhMTW5IZW80b1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRfFAwQB
wRfaMA0GCSqGSIb3DQEBCwUAA4IBAQBEnzmRATbMrorNd9reA4OUieNGtkBXEwbP
gNXWaGqSI4UqvO0Tinr4QXjo1TGOgM1inq/8FNUIKJbZOKarSWUoOeccS62m9l7c
fwjD4RKfxYGBP18JWGFtw/RTjq8XIAhhnCQ2jRnw2ntv1noAXKEHUMRDX39CW6TH
ZBv+wlYYOXtztRTg7LxO0KQMRRfmSeVuHQkNYD7tfu7BMp5tVX0NVrKr7/1L/tvf
OyK+iRrEGDI5BGMm8/P3PlLriOCAX3msixUAFCm1HcFCz94Jra4WJ7VebgDHDdYR
TJJqHps243n14650DpXV3XK+LcV8Obc1xUpcaOGmCNuLw60Jcun1
-----END CERTIFICATE-----
Generated at Mon May 5 02:57:59 2025 by rpki-client