Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/aPq_205BuVUIJlfKgkAJC3kVS-s.roa
File: aPq_205BuVUIJlfKgkAJC3kVS-s.roa (raw, json)
Hash identifier: CsQEK6cX5yXVtjt2Jap0cqZ0gJlw4YCKuNXFARkdT3k=
Subject key identifier: 68:FA:BF:DB:4E:41:B9:55:08:26:57:CA:82:40:09:0B:79:15:4B:EB
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 0196C4DC4077A4769BA6FA1B22F7BB68DB45
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/aPq_205BuVUIJlfKgkAJC3kVS-s.roa
Signing time: Mon 12 May 2025 14:18:10 +0000
ROA not before: Mon 12 May 2025 14:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135391
IP address blocks: 92.62.253.0/24 maxlen: 24
185.95.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jun 2025 10:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c4:dc:40:77:a4:76:9b:a6:fa:1b:22:f7:bb:68:db:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: May 12 14:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68fabfdb4e41b955082657ca8240090b79154beb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:0b:33:91:05:30:8e:60:e2:75:02:d5:18:1c:
a7:ff:a2:fc:c5:b5:d5:00:85:78:46:4f:5c:47:a5:
fc:9d:5c:c6:f9:68:77:9e:e6:9f:7c:61:ce:e4:7a:
a9:68:41:93:08:55:63:79:c5:99:8f:1f:94:f1:26:
9c:d1:4e:cc:0a:28:5e:89:0e:46:fe:7a:5b:1b:d5:
9c:89:5e:7b:ff:0c:bc:ef:e4:67:8a:cf:b8:ab:6f:
c5:ad:06:c5:d8:70:99:52:78:07:e1:1c:57:f6:a6:
9e:f2:dc:82:88:72:a0:bf:10:58:c3:33:8c:c1:d8:
49:ab:db:1e:a5:14:6c:18:01:62:66:40:50:23:ab:
43:eb:18:be:fd:51:7b:6f:ae:f8:55:ba:1b:30:bb:
73:cc:68:90:b6:93:91:20:74:2c:24:88:fe:ed:1f:
c5:6c:86:36:8b:90:5a:ac:7f:65:e4:20:d1:ac:2a:
66:cd:5a:30:52:7a:cc:fd:53:bb:79:6f:13:63:7e:
91:cc:61:70:25:fa:5f:15:dc:15:1c:01:c4:11:8c:
ca:a0:3c:5a:6b:c2:ad:5c:f0:35:2b:8f:e9:74:67:
f6:79:dd:28:0c:55:81:29:fb:67:c4:3f:c1:b4:d7:
c1:82:ec:d2:57:90:64:88:eb:56:3f:8a:68:23:10:
64:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:FA:BF:DB:4E:41:B9:55:08:26:57:CA:82:40:09:0B:79:15:4B:EB
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/aPq_205BuVUIJlfKgkAJC3kVS-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.62.253.0/24
185.95.158.0/24
Signature Algorithm: sha256WithRSAEncryption
79:25:7f:f7:d4:76:4f:4e:7c:87:43:49:b1:f4:ab:13:1c:e6:
be:e6:70:f2:8e:db:00:c9:13:48:61:4d:8a:7f:a2:0a:4f:87:
10:79:b4:21:01:0b:ef:ff:b0:44:4e:40:be:32:ae:e3:df:fb:
f3:26:08:2f:8e:ec:0e:e6:7c:26:b5:e6:bf:dd:aa:6e:83:60:
23:a2:76:e6:b3:74:01:c0:97:dc:1b:ae:cd:b0:69:4f:38:3a:
e5:a2:cc:57:e2:ee:e4:62:18:95:54:66:47:87:f2:9f:52:5d:
f7:7a:a9:18:22:7c:4c:52:8a:07:1b:4a:67:69:6a:74:5b:8c:
87:4d:67:0a:b0:5b:87:ff:f3:be:ba:8d:5c:59:8a:f4:8c:d9:
c4:f0:43:96:fb:73:d3:3a:d1:cf:0f:d2:7a:1a:cc:e2:36:de:
c2:45:81:b6:aa:b9:23:b5:2c:6b:74:f2:d2:ea:eb:fd:b0:d7:
6e:ec:2f:33:5f:59:4f:be:40:ab:fb:9a:a6:fe:fd:a6:aa:5c:
2d:75:2c:2f:f7:47:56:f9:f6:57:d0:32:f5:1d:d7:4c:32:f8:
cb:f9:bf:b0:e8:91:9c:ef:49:98:ec:c1:37:a1:4c:8f:24:3d:
6b:22:d8:8f:08:74:9e:4f:b1:be:8b:29:c9:c7:91:db:e1:cd:
c1:79:04:d7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbE3EB3pHabpvobIve7aNtFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNTEyMTQxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OGZhYmZkYjRlNDFiOTU1MDgyNjU3Y2E4MjQwMDkwYjc5MTU0YmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgszkQUwjmDidQLVGByn/6L8xbXV
AIV4Rk9cR6X8nVzG+Wh3nuaffGHO5HqpaEGTCFVjecWZjx+U8Sac0U7MCiheiQ5G
/npbG9WciV57/wy87+Rnis+4q2/FrQbF2HCZUngH4RxX9qae8tyCiHKgvxBYwzOM
wdhJq9sepRRsGAFiZkBQI6tD6xi+/VF7b674VbobMLtzzGiQtpORIHQsJIj+7R/F
bIY2i5BarH9l5CDRrCpmzVowUnrM/VO7eW8TY36RzGFwJfpfFdwVHAHEEYzKoDxa
a8KtXPA1K4/pdGf2ed0oDFWBKftnxD/BtNfBguzSV5BkiOtWP4poIxBk9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGj6v9tOQblVCCZXyoJACQt5FUvrMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvYVBxXzIwNUJ1VlVJSmxmS2drQUpDM2tWUy1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXD79AwQA
uV+eMA0GCSqGSIb3DQEBCwUAA4IBAQB5JX/31HZPTnyHQ0mx9KsTHOa+5nDyjtsA
yRNIYU2Kf6IKT4cQebQhAQvv/7BETkC+Mq7j3/vzJggvjuwO5nwmtea/3apug2Aj
onbms3QBwJfcG67NsGlPODrlosxX4u7kYhiVVGZHh/KfUl33eqkYInxMUooHG0pn
aWp0W4yHTWcKsFuH//O+uo1cWYr0jNnE8EOW+3PTOtHPD9J6GsziNt7CRYG2qrkj
tSxrdPLS6uv9sNdu7C8zX1lPvkCr+5qm/v2mqlwtdSwv90dW+fZX0DL1HddMMvjL
+b+w6JGc70mY7ME3oUyPJD1rItiPCHSeT7G+iynJx5Hb4c3BeQTX
-----END CERTIFICATE-----
Generated at Fri Jul 25 00:54:06 2025 by rpki-client