Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/tAhNxathuRLJ_nFnls8LZMe-ti0.roa
File: tAhNxathuRLJ_nFnls8LZMe-ti0.roa (raw, json)
Hash identifier: pSlVF3ZH9CTbj41xA5+0Ylzmza5xa+pQQGif49oAZI4=
Subject key identifier: B4:08:4D:C5:AB:61:B9:12:C9:FE:71:67:96:CF:0B:64:C7:BE:B6:2D
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 01974E2B1E35378A554B2BD5F232F3931F1E
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/tAhNxathuRLJ_nFnls8LZMe-ti0.roa
Signing time: Sun 08 Jun 2025 06:12:17 +0000
ROA not before: Sun 08 Jun 2025 06:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.95.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jun 2025 10:52:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4e:2b:1e:35:37:8a:55:4b:2b:d5:f2:32:f3:93:1f:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Jun 8 06:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4084dc5ab61b912c9fe716796cf0b64c7beb62d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a2:b6:19:c9:8b:ad:2c:ee:f3:6f:ed:e0:bc:
96:6c:91:3a:5b:85:d3:d1:8d:92:61:68:5c:e5:e7:
64:91:ec:84:ca:e0:a0:bc:c7:cb:99:6d:9f:cc:9c:
48:3f:2d:96:62:64:a8:2d:26:b7:9f:b6:bb:ba:da:
7a:6a:ad:8a:77:b7:cd:e5:25:45:73:f4:35:af:27:
28:fe:50:ac:b1:f9:23:09:00:8f:cd:ec:6a:f0:8d:
28:6b:58:2f:cb:ff:62:b0:1c:35:96:a2:c6:ee:b3:
9b:50:29:2d:f0:18:58:12:82:dd:ce:d1:7d:8b:91:
9a:81:42:ca:60:2c:31:96:d8:ee:0a:52:21:dc:12:
1c:13:0a:62:c4:14:c6:f4:4c:f4:97:ad:2c:c4:e7:
71:b6:ac:79:08:dc:fb:f3:cc:eb:fd:00:53:81:0f:
ff:55:e5:0f:df:e7:1b:7e:7d:be:09:98:b2:d7:ca:
39:b6:37:c4:6f:1c:78:16:0e:15:56:c3:8d:c5:43:
2d:aa:a8:6c:2e:db:02:23:6a:ee:25:4e:b2:f4:5d:
12:dc:40:2a:4b:cc:d4:8b:eb:c5:55:c4:7d:dc:b7:
01:f1:c5:0d:fe:b7:d5:db:67:32:c2:29:70:f7:db:
ab:47:f3:b5:3e:f8:58:e0:9a:b0:c5:27:04:2b:f6:
c2:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:08:4D:C5:AB:61:B9:12:C9:FE:71:67:96:CF:0B:64:C7:BE:B6:2D
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/tAhNxathuRLJ_nFnls8LZMe-ti0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.157.0/24
Signature Algorithm: sha256WithRSAEncryption
19:bb:8c:48:6d:04:ac:c2:b1:1c:28:b1:76:1a:84:0e:ef:bb:
4b:6b:03:f8:b4:b1:49:54:d6:ff:96:23:76:3d:c7:8f:4c:14:
86:a9:98:a2:46:32:38:e7:83:17:b0:6f:a9:b7:30:2e:b3:10:
77:88:5e:4f:60:f0:82:52:b9:3d:58:17:be:1e:61:7a:b9:cf:
89:ae:71:bc:c4:07:02:5f:e1:e7:e1:b9:c4:b4:c0:86:51:ea:
dd:57:57:d4:84:ef:80:40:ff:9c:5d:b1:88:ad:d1:6b:44:20:
09:bd:23:37:f0:2f:30:8b:e3:6e:1a:c1:f8:3d:cf:5c:4c:d8:
17:85:46:cb:74:e7:67:74:6b:5c:66:75:04:2e:d1:52:b2:dd:
28:ea:1e:ad:55:06:1f:3b:fe:2b:4b:6c:e4:7b:57:5a:68:b5:
72:32:20:5f:d3:de:48:d4:4f:3d:da:07:dc:d8:9f:9e:a8:c7:
81:f1:23:0d:3d:08:f5:8e:90:17:59:a2:ed:b9:d7:76:e4:fd:
92:1e:a3:4b:c9:76:22:84:95:a2:06:9e:9f:21:89:52:82:ab:
a5:34:bc:54:e3:10:6c:20:72:e3:98:19:d2:aa:5b:ca:09:a1:
92:6e:77:ea:bf:f3:87:01:6d:d1:d8:0c:07:83:23:12:89:56:
56:84:e4:ea
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdOKx41N4pVSyvV8jLzkx8eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwNjA4MDYxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDA4NGRjNWFiNjFiOTEyYzlmZTcxNjc5NmNmMGI2NGM3YmViNjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqK2GcmLrSzu82/t4LyWbJE6W4XT
0Y2SYWhc5edkkeyEyuCgvMfLmW2fzJxIPy2WYmSoLSa3n7a7utp6aq2Kd7fN5SVF
c/Q1ryco/lCssfkjCQCPzexq8I0oa1gvy/9isBw1lqLG7rObUCkt8BhYEoLdztF9
i5GagULKYCwxltjuClIh3BIcEwpixBTG9Ez0l60sxOdxtqx5CNz788zr/QBTgQ//
VeUP3+cbfn2+CZiy18o5tjfEbxx4Fg4VVsONxUMtqqhsLtsCI2ruJU6y9F0S3EAq
S8zUi+vFVcR93LcB8cUN/rfV22cywilw99urR/O1PvhY4JqwxScEK/bCMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLQITcWrYbkSyf5xZ5bPC2THvrYtMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvdEFoTnhhdGh1UkxKX25GbmxzOExaTWUtdGkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuV+dMA0G
CSqGSIb3DQEBCwUAA4IBAQAZu4xIbQSswrEcKLF2GoQO77tLawP4tLFJVNb/liN2
PcePTBSGqZiiRjI454MXsG+ptzAusxB3iF5PYPCCUrk9WBe+HmF6uc+JrnG8xAcC
X+Hn4bnEtMCGUerdV1fUhO+AQP+cXbGIrdFrRCAJvSM38C8wi+NuGsH4Pc9cTNgX
hUbLdOdndGtcZnUELtFSst0o6h6tVQYfO/4rS2zke1daaLVyMiBf095I1E892gfc
2J+eqMeB8SMNPQj1jpAXWaLtudd25P2SHqNLyXYihJWiBp6fIYlSgqulNLxU4xBs
IHLjmBnSqlvKCaGSbnfqv/OHAW3R2AwHgyMSiVZWhOTq
-----END CERTIFICATE-----
Generated at Fri Jul 25 00:55:34 2025 by rpki-client