Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/GDVMtivIlO0g23WfKvqOv3Y82uY.roa
File: GDVMtivIlO0g23WfKvqOv3Y82uY.roa (raw, json)
Hash identifier: UkplL1VdoahUr9sBe73Spp8/0Wyr3p4hzplYEuT0KkQ=
Subject key identifier: 18:35:4C:B6:2B:C8:94:ED:20:DB:75:9F:2A:FA:8E:BF:76:3C:DA:E6
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01975451D26878199948D3AC10B7164F800A
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/GDVMtivIlO0g23WfKvqOv3Y82uY.roa
Signing time: Mon 09 Jun 2025 10:52:17 +0000
ROA not before: Mon 09 Jun 2025 10:52:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.95.157.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 12:55:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:51:d2:68:78:19:99:48:d3:ac:10:b7:16:4f:80:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jun 9 10:52:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=18354cb62bc894ed20db759f2afa8ebf763cdae6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:6d:6a:27:bc:ed:b2:53:94:f5:9a:46:d3:51:
cd:7c:2e:65:1f:4f:49:b4:d2:b5:24:ed:6e:c6:ae:
9c:e8:f7:57:91:d6:fc:95:dd:99:e1:e2:02:6d:13:
77:9e:81:fc:63:6e:c1:7a:5d:71:ff:a7:e9:14:97:
b1:13:f6:f1:62:93:b7:f1:e1:1b:2d:7e:ff:db:8f:
c0:8b:c2:6f:5f:47:02:da:2f:c8:bb:a4:a2:f1:df:
86:e9:4d:16:f6:4a:b5:2e:73:a8:43:dc:28:09:dc:
d3:4f:93:10:1f:0f:aa:2c:32:45:b1:6e:7b:fb:da:
fb:3d:e5:5e:05:21:bb:63:c6:34:50:d8:3e:8a:6b:
16:ad:84:5f:61:bc:08:7c:f3:d8:76:e2:80:52:31:
49:be:be:1e:10:16:99:07:c4:27:21:4a:8c:54:cb:
19:0e:fc:43:de:1b:2c:ff:ba:f0:f1:6c:4e:cb:af:
ca:37:fd:c9:c0:44:49:bd:6b:b3:6c:af:4f:29:42:
a4:68:b4:88:2d:d7:78:1b:28:7f:39:e4:7d:84:f7:
76:9d:d6:9c:c6:23:3c:65:66:68:89:96:69:b4:47:
96:d1:52:fb:ac:7a:56:46:59:d5:7e:b3:ad:9d:59:
80:61:d3:2d:2a:e9:b5:7c:15:ec:0b:f3:0e:c3:7b:
9e:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:35:4C:B6:2B:C8:94:ED:20:DB:75:9F:2A:FA:8E:BF:76:3C:DA:E6
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/GDVMtivIlO0g23WfKvqOv3Y82uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.157.0-185.95.158.255
Signature Algorithm: sha256WithRSAEncryption
40:d6:4d:50:f4:5b:bd:34:0b:0b:9c:df:46:8e:b9:01:ce:db:
8c:1d:3d:75:1e:c6:13:ce:1b:4e:8f:05:10:04:fd:fb:39:af:
2e:49:0d:49:6c:30:09:c2:a0:97:db:2b:ec:a5:89:f7:53:ae:
d5:22:39:88:b2:9f:69:bf:3e:aa:01:a3:d4:3e:dc:f9:af:2c:
76:fb:a4:f8:bd:8a:4e:de:4d:ea:1d:dd:fd:cc:54:70:07:fa:
aa:81:1b:77:47:bc:f0:28:8e:33:bc:26:30:9a:6e:f3:91:80:
2d:20:33:2c:7b:ca:0d:e0:ff:ff:2b:38:10:a1:2f:1b:da:4c:
6d:ef:b4:5b:5f:03:a0:38:ed:70:68:ba:fb:da:be:15:34:77:
a9:86:15:6e:7c:df:a8:2c:07:b0:90:60:d8:cd:d0:f5:c2:82:
98:ad:6b:91:ea:8b:7f:71:d3:a8:f6:be:2e:55:e8:ab:26:34:
2a:2d:b0:2b:97:9c:d5:aa:31:6d:cc:34:78:ca:72:9b:99:23:
00:63:27:52:70:01:ce:01:c7:d8:80:e7:7f:d5:dd:d4:1a:61:
69:d2:c3:28:4b:fc:8e:fb:ed:55:d9:09:3a:85:e6:3b:07:7b:
d1:c6:55:64:08:63:66:4b:b3:c1:aa:a9:30:aa:7b:6d:db:6e:
64:a3:76:33
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZdUUdJoeBmZSNOsELcWT4AKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNjA5MTA1MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODM1NGNiNjJiYzg5NGVkMjBkYjc1OWYyYWZhOGViZjc2M2NkYWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx21qJ7ztslOU9ZpG01HNfC5lH09J
tNK1JO1uxq6c6PdXkdb8ld2Z4eICbRN3noH8Y27Bel1x/6fpFJexE/bxYpO38eEb
LX7/24/Ai8JvX0cC2i/Iu6Si8d+G6U0W9kq1LnOoQ9woCdzTT5MQHw+qLDJFsW57
+9r7PeVeBSG7Y8Y0UNg+imsWrYRfYbwIfPPYduKAUjFJvr4eEBaZB8QnIUqMVMsZ
DvxD3hss/7rw8WxOy6/KN/3JwERJvWuzbK9PKUKkaLSILdd4Gyh/OeR9hPd2ndac
xiM8ZWZoiZZptEeW0VL7rHpWRlnVfrOtnVmAYdMtKum1fBXsC/MOw3ueHQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBg1TLYryJTtINt1nyr6jr92PNrmMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvR0RWTXRpdklsTzBnMjNXZkt2cU92M1k4MnVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5X50D
BAC5X54wDQYJKoZIhvcNAQELBQADggEBAEDWTVD0W700Cwuc30aOuQHO24wdPXUe
xhPOG06PBRAE/fs5ry5JDUlsMAnCoJfbK+ylifdTrtUiOYiyn2m/PqoBo9Q+3Pmv
LHb7pPi9ik7eTeod3f3MVHAH+qqBG3dHvPAojjO8JjCabvORgC0gMyx7yg3g//8r
OBChLxvaTG3vtFtfA6A47XBouvvavhU0d6mGFW5836gsB7CQYNjN0PXCgpita5Hq
i39x06j2vi5V6KsmNCotsCuXnNWqMW3MNHjKcpuZIwBjJ1JwAc4Bx9iA53/V3dQa
YWnSwyhL/I777VXZCTqF5jsHe9HGVWQIY2ZLs8GqqTCqe23bbmSjdjM=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:48:08 2025 by rpki-client