Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/O7VqiNbj7hNYkYz1XzVc2b_uY9A.roa
File: O7VqiNbj7hNYkYz1XzVc2b_uY9A.roa (raw, json)
Hash identifier: eP6+XpxaIwf4WzDqYLJbn+qmF2ckkdQGYrdNy1Nfff8=
Subject key identifier: 3B:B5:6A:88:D6:E3:EE:13:58:91:8C:F5:5F:35:5C:D9:BF:EE:63:D0
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019759E908AFB3A0E4B279FC19E3D54C67A1
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/O7VqiNbj7hNYkYz1XzVc2b_uY9A.roa
Signing time: Tue 10 Jun 2025 12:55:33 +0000
ROA not before: Tue 10 Jun 2025 12:55:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 92.62.240.0/24 maxlen: 24
185.95.157.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jun 2025 05:20:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:59:e9:08:af:b3:a0:e4:b2:79:fc:19:e3:d5:4c:67:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jun 10 12:55:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bb56a88d6e3ee1358918cf55f355cd9bfee63d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c3:e3:11:47:2d:65:75:fa:1f:31:9a:08:67:
bb:16:2d:32:28:99:1d:e9:1c:21:58:81:c8:26:2e:
29:9a:1f:47:a4:3f:fd:af:39:8c:a2:f4:b8:cb:b7:
e4:33:ba:8a:75:e9:6b:ae:04:42:a3:b7:69:25:ec:
01:6f:2a:b3:f7:35:e5:93:71:fd:ad:48:0c:d7:90:
ab:de:a9:52:d8:96:85:fc:d9:f8:e0:eb:a9:21:df:
01:55:77:41:e5:b9:cc:85:24:2d:b3:0b:0d:dd:79:
53:2b:17:d7:6b:f3:a6:07:41:0e:9e:9b:48:34:2a:
6e:d8:49:dd:8a:0a:27:9b:00:10:cd:37:71:c7:80:
3f:75:fc:68:e3:51:73:fc:86:a8:07:8b:f4:8c:72:
b0:e0:15:d5:f2:55:5a:d9:5f:97:2b:4b:af:75:98:
c8:ce:8e:cf:92:ac:7e:56:ee:83:61:04:41:bc:b7:
d0:1e:3f:91:f8:31:86:bc:72:f2:e7:9e:fb:7b:47:
e2:4c:41:82:df:05:2b:40:a5:56:38:05:08:25:cf:
20:67:41:23:bc:1f:05:86:b3:04:86:f9:50:78:76:
f3:f7:a6:aa:07:8b:b1:7f:cb:de:c3:37:ec:b4:7a:
13:b9:26:32:d5:20:5f:13:98:03:a2:f1:67:99:cd:
89:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:B5:6A:88:D6:E3:EE:13:58:91:8C:F5:5F:35:5C:D9:BF:EE:63:D0
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/O7VqiNbj7hNYkYz1XzVc2b_uY9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.240.0/24
185.95.157.0-185.95.158.255
Signature Algorithm: sha256WithRSAEncryption
ca:73:88:19:98:90:13:81:dd:f0:c1:4a:6e:58:49:1b:10:01:
88:cc:85:fd:0f:27:7a:ae:ad:4b:22:de:47:06:59:f5:5e:a8:
38:4b:22:a4:12:ad:9b:05:e6:27:6c:dc:2f:47:dc:9c:2d:6e:
3d:35:f1:cf:b7:35:fd:7b:90:b4:f5:52:65:a9:a8:9f:e0:9b:
8b:69:fe:23:e5:bb:fa:f9:6d:ec:99:02:d3:89:92:22:5e:32:
c4:ac:bc:e4:80:66:10:36:84:62:dd:e0:7c:62:0b:d4:ab:85:
15:d5:8d:5c:e8:ef:a2:8c:70:62:cf:1d:02:e2:22:a4:e4:55:
d4:af:9f:5e:9c:41:57:2e:1e:e2:4c:99:6e:4a:06:b8:e0:96:
8b:00:df:50:c3:35:47:45:84:85:a1:5e:8d:09:8c:32:cc:1e:
1b:4f:16:8a:00:2e:9a:58:b0:ba:93:e8:08:bc:3e:e2:8a:ee:
87:49:43:0a:65:de:5e:c2:81:28:72:a9:6a:bd:b8:6a:52:72:
53:3d:c2:f1:d4:d8:c4:2c:ff:c9:ff:70:46:33:c1:c4:39:0b:
f2:d0:b5:e2:82:a6:dc:3f:b3:c7:3a:08:14:16:fe:f5:6b:d6:
44:5a:96:51:83:28:cc:fd:f7:3e:c6:11:e1:0f:06:0d:91:a9:
43:c0:50:88
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZdZ6Qivs6Dksnn8GePVTGehMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNjEwMTI1NTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmI1NmE4OGQ2ZTNlZTEzNTg5MThjZjU1ZjM1NWNkOWJmZWU2M2QwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MPjEUctZXX6HzGaCGe7Fi0yKJkd
6RwhWIHIJi4pmh9HpD/9rzmMovS4y7fkM7qKdelrrgRCo7dpJewBbyqz9zXlk3H9
rUgM15Cr3qlS2JaF/Nn44OupId8BVXdB5bnMhSQtswsN3XlTKxfXa/OmB0EOnptI
NCpu2EndigonmwAQzTdxx4A/dfxo41Fz/IaoB4v0jHKw4BXV8lVa2V+XK0uvdZjI
zo7Pkqx+Vu6DYQRBvLfQHj+R+DGGvHLy5577e0fiTEGC3wUrQKVWOAUIJc8gZ0Ej
vB8FhrMEhvlQeHbz96aqB4uxf8vewzfstHoTuSYy1SBfE5gDovFnmc2JdwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDu1aojW4+4TWJGM9V81XNm/7mPQMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvTzdWcWlOYmo3aE5Za1l6MVh6VmMyYl91WTlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAXD7wMAwD
BAC5X50DBAC5X54wDQYJKoZIhvcNAQELBQADggEBAMpziBmYkBOB3fDBSm5YSRsQ
AYjMhf0PJ3qurUsi3kcGWfVeqDhLIqQSrZsF5ids3C9H3Jwtbj018c+3Nf17kLT1
UmWpqJ/gm4tp/iPlu/r5beyZAtOJkiJeMsSsvOSAZhA2hGLd4HxiC9SrhRXVjVzo
76KMcGLPHQLiIqTkVdSvn16cQVcuHuJMmW5KBrjglosA31DDNUdFhIWhXo0JjDLM
HhtPFooALppYsLqT6Ai8PuKK7odJQwpl3l7CgShyqWq9uGpSclM9wvHU2MQs/8n/
cEYzwcQ5C/LQteKCptw/s8c6CBQW/vVr1kRallGDKMz99z7GEeEPBg2RqUPAUIg=
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:49:39 2025 by rpki-client