Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/OqBfUR4Y6DWuZibtI6HLCGjSZs8.roa
File: OqBfUR4Y6DWuZibtI6HLCGjSZs8.roa (raw, json)
Hash identifier: Dbhd9w9ZsZZQ/dcux+AwK4zwc4mn9pbDn7WViv0aQ1I=
Subject key identifier: 3A:A0:5F:51:1E:18:E8:35:AE:66:26:ED:23:A1:CB:08:68:D2:66:CF
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01975D6E95DA41A7CC1084E10F8FA76959E7
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/OqBfUR4Y6DWuZibtI6HLCGjSZs8.roa
Signing time: Wed 11 Jun 2025 05:20:17 +0000
ROA not before: Wed 11 Jun 2025 05:20:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.95.157.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jun 2025 19:24:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5d:6e:95:da:41:a7:cc:10:84:e1:0f:8f:a7:69:59:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jun 11 05:20:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3aa05f511e18e835ae6626ed23a1cb0868d266cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:df:a4:fc:d5:64:c1:7b:37:bf:49:bd:0e:17:
f2:60:83:3e:dc:e9:96:78:bf:b2:49:5f:87:5f:8b:
da:1d:38:13:4c:ce:b6:93:1b:e7:1a:6b:a5:88:93:
95:94:47:6e:ea:7f:1d:e3:40:da:cb:61:56:60:7f:
42:c1:09:4f:e3:8e:50:3b:37:d7:0d:e2:af:3a:b1:
4d:d8:97:74:dd:6d:e3:6d:73:30:63:29:e5:26:aa:
a8:76:55:ce:1e:3c:34:ec:23:69:03:3b:15:6e:14:
05:a4:9a:e1:23:19:28:47:56:47:2e:f4:92:6b:f7:
5a:87:e3:f2:eb:d2:b3:c4:d1:dd:1f:6f:e4:0f:01:
6e:64:bf:4b:b1:93:36:1e:0b:00:7a:2d:2a:a4:09:
45:97:f3:4b:88:8e:88:b9:1d:e2:a4:1b:f3:04:e0:
50:97:ea:71:19:ed:a0:a8:75:89:42:4e:80:00:d7:
df:29:c6:31:97:92:88:12:0e:34:03:9b:76:aa:f5:
5c:6c:4e:df:2f:53:17:0e:fc:05:69:38:19:16:b2:
5a:24:0f:3f:b5:08:35:78:23:c7:0e:04:24:50:80:
56:b5:29:e9:48:b8:d4:8e:15:77:6d:4c:de:d2:90:
cc:f9:d5:cb:d4:c5:1b:d6:60:ab:3c:95:6d:a2:75:
53:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:A0:5F:51:1E:18:E8:35:AE:66:26:ED:23:A1:CB:08:68:D2:66:CF
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/OqBfUR4Y6DWuZibtI6HLCGjSZs8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.157.0-185.95.158.255
Signature Algorithm: sha256WithRSAEncryption
68:1e:af:97:f9:84:fa:79:54:97:43:29:da:9a:0a:e3:5a:1d:
b4:bb:9d:c6:33:b1:47:5d:f4:c9:88:44:93:a9:7d:5c:b2:41:
64:c7:e2:e9:56:37:01:cd:2c:9d:5d:4b:f5:aa:21:64:1b:ea:
89:ae:a9:6d:78:38:3c:f0:7b:89:d1:79:cc:66:52:e5:9b:d8:
22:ff:21:3e:25:16:9d:2c:9d:04:c2:a9:07:b0:7f:fd:c9:52:
64:8b:ba:40:2f:ef:13:28:01:4e:48:16:87:24:69:17:71:c1:
47:f0:21:0d:5a:80:5b:32:bf:24:99:38:fb:01:20:b5:ef:68:
00:ff:59:f0:64:35:73:04:ea:ac:02:86:22:ec:2e:dd:fe:af:
09:3a:8d:20:bd:9a:fa:e2:36:4b:aa:ef:59:2e:cc:00:2f:a6:
b9:63:80:c3:5d:28:8f:48:cd:6a:9d:68:11:aa:7c:7b:19:82:
11:4b:a7:98:51:13:90:1d:d2:4c:fa:c0:29:a1:84:40:23:59:
7b:78:0e:61:87:65:ab:30:b8:9f:61:4c:e2:4d:cc:39:c3:b7:
19:9a:6e:c2:40:ab:81:91:f5:ad:bb:23:99:4d:25:65:ab:8e:
cb:cf:fc:85:2e:7a:e4:66:97:1b:83:07:9f:f7:62:91:a6:c8:
21:b2:06:ce
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZddbpXaQafMEIThD4+naVnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNjExMDUyMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWEwNWY1MTFlMThlODM1YWU2NjI2ZWQyM2ExY2IwODY4ZDI2NmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxd+k/NVkwXs3v0m9DhfyYIM+3OmW
eL+ySV+HX4vaHTgTTM62kxvnGmuliJOVlEdu6n8d40Day2FWYH9CwQlP445QOzfX
DeKvOrFN2Jd03W3jbXMwYynlJqqodlXOHjw07CNpAzsVbhQFpJrhIxkoR1ZHLvSS
a/dah+Py69KzxNHdH2/kDwFuZL9LsZM2HgsAei0qpAlFl/NLiI6IuR3ipBvzBOBQ
l+pxGe2gqHWJQk6AANffKcYxl5KIEg40A5t2qvVcbE7fL1MXDvwFaTgZFrJaJA8/
tQg1eCPHDgQkUIBWtSnpSLjUjhV3bUze0pDM+dXL1MUb1mCrPJVtonVTlQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDqgX1EeGOg1rmYm7SOhywho0mbPMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvT3FCZlVSNFk2RFd1WmlidEk2SExDR2pTWnM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5X50D
BAC5X54wDQYJKoZIhvcNAQELBQADggEBAGger5f5hPp5VJdDKdqaCuNaHbS7ncYz
sUdd9MmIRJOpfVyyQWTH4ulWNwHNLJ1dS/WqIWQb6omuqW14ODzwe4nRecxmUuWb
2CL/IT4lFp0snQTCqQewf/3JUmSLukAv7xMoAU5IFockaRdxwUfwIQ1agFsyvySZ
OPsBILXvaAD/WfBkNXME6qwChiLsLt3+rwk6jSC9mvriNkuq71kuzAAvprljgMNd
KI9IzWqdaBGqfHsZghFLp5hRE5Ad0kz6wCmhhEAjWXt4DmGHZaswuJ9hTOJNzDnD
txmabsJAq4GR9a27I5lNJWWrjsvP/IUueuRmlxuDB5/3YpGmyCGyBs4=
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:31:05 2025 by rpki-client