Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/h6kspy5D_YuUbnqxzfOvwA3RQdc.roa
File: h6kspy5D_YuUbnqxzfOvwA3RQdc.roa (raw, json)
Hash identifier: VXgw0Ha0oR214uTn0STztHjDQnpXsuL3dy3gMMM/YeM=
Subject key identifier: 87:A9:2C:A7:2E:43:FD:8B:94:6E:7A:B1:CD:F3:AF:C0:0D:D1:41:D7
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019687616B42767EB11C21C296304A0CCD52
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/h6kspy5D_YuUbnqxzfOvwA3RQdc.roa
Signing time: Wed 30 Apr 2025 15:47:10 +0000
ROA not before: Wed 30 Apr 2025 15:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.196.0/24 maxlen: 24
193.23.210.0/24 maxlen: 24
193.23.211.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 16:05:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:87:61:6b:42:76:7e:b1:1c:21:c2:96:30:4a:0c:cd:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 30 15:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87a92ca72e43fd8b946e7ab1cdf3afc00dd141d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:22:78:67:b0:83:5f:41:01:05:d9:07:9a:db:
92:2a:e1:f0:0a:57:7a:47:5a:84:fe:fc:c1:0d:74:
a7:8c:e9:7f:d7:36:a3:4f:23:22:24:df:8c:76:d4:
d9:8f:b8:0a:1c:4d:57:e1:ed:3e:5c:e9:ab:a1:d3:
64:a9:e9:d6:fe:4a:d2:1e:85:95:57:24:8c:d4:0f:
28:af:0f:3a:60:51:89:ce:03:af:58:fc:91:cb:ee:
20:de:c3:6c:13:35:3c:bd:29:79:48:60:20:0f:6b:
bf:05:67:df:a3:6b:ba:05:62:a3:2b:d3:9d:5c:f0:
0c:f2:a4:4b:be:20:01:7e:39:e8:bf:85:de:76:43:
e7:be:45:6b:5e:c9:04:b3:91:58:ad:2e:db:06:38:
51:25:4b:f3:37:65:20:51:23:ad:a1:13:e9:b5:d7:
00:d7:88:6a:45:f6:b9:eb:71:f6:f9:81:7f:57:62:
7c:10:28:32:25:d1:5a:57:cb:26:52:f5:06:69:eb:
d9:a0:0e:b8:cf:f5:ff:6d:e1:29:79:4c:f4:0a:12:
5d:c9:25:37:c6:7f:d9:7b:48:ac:94:fc:f0:af:59:
fc:97:86:2d:3c:c1:a1:79:ee:54:68:4f:13:08:b8:
92:2e:e9:e2:d4:82:d2:af:e3:ee:f1:cb:dc:58:5d:
82:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:A9:2C:A7:2E:43:FD:8B:94:6E:7A:B1:CD:F3:AF:C0:0D:D1:41:D7
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/h6kspy5D_YuUbnqxzfOvwA3RQdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.216.104.0/22
193.23.196.0/24
193.23.210.0/23
Signature Algorithm: sha256WithRSAEncryption
49:8a:11:0c:ed:a0:dc:73:e4:61:05:ff:39:b7:48:8b:11:5a:
57:76:11:f6:1d:ed:03:54:11:3a:a9:76:cf:6c:1c:51:01:fb:
9d:43:3f:50:ef:3e:1f:d9:ad:e2:73:32:97:60:2b:3e:bd:e9:
bd:4a:e4:9b:70:83:22:65:82:4b:b7:7f:1e:db:88:13:08:68:
d3:22:8a:11:83:eb:06:e2:1a:35:7b:e6:ab:f2:83:60:82:f6:
27:70:dc:fd:b7:22:f6:38:5e:a9:69:13:f3:b4:a9:3b:25:a8:
e2:45:74:8c:37:2a:a0:ef:df:65:85:ea:22:0c:5c:7b:cf:ae:
44:8b:95:1b:99:05:48:06:2c:bc:74:03:86:2e:ba:b2:df:a8:
aa:29:60:a6:f7:9f:d8:7d:72:ce:4b:44:77:84:b3:ae:06:ce:
75:9d:66:21:25:71:7a:bb:99:15:63:bb:da:5a:75:4e:3c:09:
af:62:ff:14:31:d7:d4:9e:ea:ec:7c:66:de:93:5b:f7:14:d9:
25:e2:dc:8b:bd:f8:b2:a2:02:8a:f3:c3:9f:b5:23:ca:81:24:
8d:26:b9:ac:cc:ec:69:9e:8c:eb:de:31:5e:15:c2:b1:e0:9d:
bc:27:ca:c9:34:ef:1e:1f:a2:4a:22:a1:f0:81:96:8f:3f:e8:
bf:48:f8:15
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZaHYWtCdn6xHCHCljBKDM1SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNDMwMTU0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2E5MmNhNzJlNDNmZDhiOTQ2ZTdhYjFjZGYzYWZjMDBkZDE0MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSJ4Z7CDX0EBBdkHmtuSKuHwCld6
R1qE/vzBDXSnjOl/1zajTyMiJN+MdtTZj7gKHE1X4e0+XOmrodNkqenW/krSHoWV
VySM1A8orw86YFGJzgOvWPyRy+4g3sNsEzU8vSl5SGAgD2u/BWffo2u6BWKjK9Od
XPAM8qRLviABfjnov4XedkPnvkVrXskEs5FYrS7bBjhRJUvzN2UgUSOtoRPptdcA
14hqRfa563H2+YF/V2J8ECgyJdFaV8smUvUGaevZoA64z/X/beEpeUz0ChJdySU3
xn/Ze0islPzwr1n8l4YtPMGhee5UaE8TCLiSLuni1ILSr+Pu8cvcWF2CZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIepLKcuQ/2LlG56sc3zr8AN0UHXMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvaDZrc3B5NURfWXVVYm5xeHpmT3Z3QTNSUWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQLx8AwQC
udhoAwQAwRfEAwQBwRfSMA0GCSqGSIb3DQEBCwUAA4IBAQBJihEM7aDcc+RhBf85
t0iLEVpXdhH2He0DVBE6qXbPbBxRAfudQz9Q7z4f2a3iczKXYCs+vem9SuSbcIMi
ZYJLt38e24gTCGjTIooRg+sG4ho1e+ar8oNggvYncNz9tyL2OF6paRPztKk7Jaji
RXSMNyqg799lheoiDFx7z65Ei5UbmQVIBiy8dAOGLrqy36iqKWCm95/YfXLOS0R3
hLOuBs51nWYhJXF6u5kVY7vaWnVOPAmvYv8UMdfUnursfGbek1v3FNkl4tyLvfiy
ogKK88OftSPKgSSNJrmszOxpnozr3jFeFcKx4J28J8rJNO8eH6JKIqHwgZaPP+i/
SPgV
-----END CERTIFICATE-----
Generated at Mon May 5 14:56:28 2025 by rpki-client