Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iiPAmvJNRy8GpNxpi3WV6uP9m5g.roa
File: iiPAmvJNRy8GpNxpi3WV6uP9m5g.roa (raw, json)
Hash identifier: L7AT/UU2SNIZvqvv/j8E4dnq/TD9U2Y6iBhUCbPx8is=
Subject key identifier: 8A:23:C0:9A:F2:4D:47:2F:06:A4:DC:69:8B:75:95:EA:E3:FD:9B:98
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019651AC0606C900D684C0157D6760044C8F
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iiPAmvJNRy8GpNxpi3WV6uP9m5g.roa
Signing time: Sun 20 Apr 2025 05:29:10 +0000
ROA not before: Sun 20 Apr 2025 05:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401152
IP address blocks: 64.188.124.0/24 maxlen: 24
64.188.125.0/24 maxlen: 24
64.188.126.0/24 maxlen: 24
64.188.127.0/24 maxlen: 24
185.216.104.0/22 maxlen: 24
193.23.196.0/23 maxlen: 24
193.23.216.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 02:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:ac:06:06:c9:00:d6:84:c0:15:7d:67:60:04:4c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Apr 20 05:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a23c09af24d472f06a4dc698b7595eae3fd9b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9c:d4:a9:2a:be:0d:d8:4c:ec:b7:13:d6:9e:
e1:ac:e5:05:bc:97:ed:fd:06:02:43:a2:7c:e5:33:
91:a2:ce:a7:ca:5c:46:fc:96:e9:ac:58:c6:2f:94:
6a:a1:b3:3a:e6:4e:99:1c:3f:3f:68:ff:7f:a1:f6:
43:7d:31:cf:b2:c4:7f:df:c7:7a:f8:07:d8:54:77:
88:c8:17:c3:8e:62:63:e9:28:9d:a2:c0:7c:65:d7:
2f:d7:1a:7a:80:4e:b8:1b:39:2a:79:2c:90:0a:c5:
4c:5a:8f:92:eb:59:7a:d7:d7:4e:94:73:52:60:9f:
45:b9:cc:a3:b4:f0:00:c4:64:38:0d:b9:89:0b:87:
2a:6b:72:6f:73:5f:b1:62:f5:c1:7c:fc:4f:b2:ee:
be:0b:21:51:79:a6:00:22:6d:5c:47:9b:ca:2b:ab:
76:4b:1a:f0:c0:25:c9:d4:2b:06:73:bf:4f:ac:6b:
4b:12:66:04:63:15:e0:94:2e:18:63:7c:35:50:3d:
b4:3c:95:6c:93:f6:68:5b:8f:4d:5f:2b:e8:1b:14:
5e:f7:5f:f9:30:1c:b3:32:6c:d6:2b:38:e6:4e:69:
3d:e6:5e:6c:bb:c2:00:9f:40:07:da:98:57:04:a1:
ff:40:b9:64:48:33:57:3c:30:92:81:d3:30:d9:8d:
70:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:23:C0:9A:F2:4D:47:2F:06:A4:DC:69:8B:75:95:EA:E3:FD:9B:98
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/iiPAmvJNRy8GpNxpi3WV6uP9m5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.188.124.0/22
185.216.104.0/22
193.23.196.0/23
193.23.216.0/24
Signature Algorithm: sha256WithRSAEncryption
45:ac:86:33:23:c9:53:4f:43:0f:15:74:94:88:d4:82:f9:01:
c6:ff:db:62:cc:b5:8e:b2:10:c1:d7:bc:81:11:00:9a:7e:1a:
e9:6d:83:55:28:8b:b8:ed:b6:45:98:c3:79:75:bc:27:55:40:
12:69:fe:bd:da:fe:ec:5c:ac:10:ed:17:47:54:15:f3:79:e8:
49:cf:e3:82:14:fd:07:62:12:20:21:1a:d0:48:4e:67:66:8e:
e5:14:91:d2:3f:fd:12:9b:c4:6a:30:75:a1:b4:0f:be:20:ba:
39:8a:dc:cd:72:0e:ec:78:f3:e0:94:f0:24:c0:7d:ab:e7:8f:
cd:58:b3:b7:a5:7b:68:f9:ad:ae:1c:8e:94:7f:c2:14:9f:8b:
32:f7:ba:d2:9e:4b:0c:3a:5e:d8:a8:91:42:69:41:8e:be:36:
6a:f3:e1:61:db:67:7b:73:0f:09:f4:88:8f:93:3d:1d:db:ea:
08:d8:4c:d2:2e:d6:b6:57:2d:87:71:5f:77:c8:26:ea:e5:da:
13:ef:d7:e7:32:48:ec:0b:f9:db:6d:f2:b6:b9:55:18:c2:cd:
18:92:72:46:59:ff:c9:60:ed:2f:f0:e5:0b:be:f4:9e:92:8b:
9a:a3:04:24:8f:e9:d7:a3:91:a4:2a:0f:bf:57:05:14:fa:e9:
ef:67:68:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZRrAYGyQDWhMAVfWdgBEyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwNDIwMDUyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTIzYzA5YWYyNGQ0NzJmMDZhNGRjNjk4Yjc1OTVlYWUzZmQ5Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZzUqSq+DdhM7LcT1p7hrOUFvJft
/QYCQ6J85TORos6nylxG/JbprFjGL5RqobM65k6ZHD8/aP9/ofZDfTHPssR/38d6
+AfYVHeIyBfDjmJj6SidosB8Zdcv1xp6gE64GzkqeSyQCsVMWo+S61l619dOlHNS
YJ9FucyjtPAAxGQ4DbmJC4cqa3Jvc1+xYvXBfPxPsu6+CyFReaYAIm1cR5vKK6t2
SxrwwCXJ1CsGc79PrGtLEmYEYxXglC4YY3w1UD20PJVsk/ZoW49NXyvoGxRe91/5
MByzMmzWKzjmTmk95l5su8IAn0AH2phXBKH/QLlkSDNXPDCSgdMw2Y1wVwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIojwJryTUcvBqTcaYt1lerj/ZuYMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvaWlQQW12Sk5SeThHcE54cGkzV1Y2dVA5bTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCQLx8AwQC
udhoAwQBwRfEAwQAwRfYMA0GCSqGSIb3DQEBCwUAA4IBAQBFrIYzI8lTT0MPFXSU
iNSC+QHG/9tizLWOshDB17yBEQCafhrpbYNVKIu47bZFmMN5dbwnVUASaf692v7s
XKwQ7RdHVBXzeehJz+OCFP0HYhIgIRrQSE5nZo7lFJHSP/0Sm8RqMHWhtA++ILo5
itzNcg7sePPglPAkwH2r54/NWLO3pXto+a2uHI6Uf8IUn4sy97rSnksMOl7YqJFC
aUGOvjZq8+Fh22d7cw8J9IiPkz0d2+oI2EzSLta2Vy2HcV93yCbq5doT79fnMkjs
C/nbbfK2uVUYws0YknJGWf/JYO0v8OULvvSekouaowQkj+nXo5GkKg+/VwUU+unv
Z2hK
-----END CERTIFICATE-----
Generated at Tue May 6 08:55:34 2025 by rpki-client