Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/98uEzd3YVdO8tvxYtiTvIXqBPUU.roa
File: 98uEzd3YVdO8tvxYtiTvIXqBPUU.roa (raw, json)
Hash identifier: /vK9avwjBUJ4Sdkd/RSvqOM4awiRVshuLvdPg+Pi3mA=
Subject key identifier: F7:CB:84:CD:DD:D8:55:D3:BC:B6:FC:58:B6:24:EF:21:7A:81:3D:45
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 01980A173203364DAF1173D11562E7069D30
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/98uEzd3YVdO8tvxYtiTvIXqBPUU.roa
Signing time: Mon 14 Jul 2025 17:59:08 +0000
ROA not before: Mon 14 Jul 2025 17:59:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5431
IP address blocks: 193.233.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 16 Jul 2025 08:12:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0a:17:32:03:36:4d:af:11:73:d1:15:62:e7:06:9d:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 14 17:59:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f7cb84cdddd855d3bcb6fc58b624ef217a813d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3f:23:92:d1:e3:e5:01:a1:c1:b0:79:d5:10:
82:48:25:39:3d:08:da:bb:d2:93:ab:65:6d:36:37:
ab:eb:80:82:07:e5:39:0f:eb:3d:20:16:1f:9e:99:
e4:8d:e6:ad:73:da:68:c0:b8:02:02:54:b2:15:22:
7c:71:70:f9:af:ed:23:82:ba:ac:e2:11:c5:cc:52:
d9:b1:eb:84:6b:51:99:67:76:11:51:e1:c2:a0:4c:
34:de:50:b3:43:b2:ab:30:01:47:13:11:78:4c:eb:
fe:4d:d5:34:30:51:8d:f0:bf:20:b4:c1:49:a6:72:
ff:5d:f2:25:5c:bf:e8:ce:bb:2e:b5:6f:fa:1f:3c:
a7:0f:82:26:e6:51:d1:da:58:81:34:d6:67:12:47:
c8:62:f9:36:14:ca:24:ae:ea:13:a3:8f:45:3e:0f:
65:18:26:c7:8f:12:35:8c:8f:26:66:7c:d7:8b:87:
80:f4:79:47:39:ae:61:47:66:2e:00:cc:51:f6:46:
a7:19:df:58:e1:26:7a:91:fa:28:d6:fc:5c:fa:ad:
61:55:f1:52:57:8f:d1:9c:30:6f:68:6d:dc:34:84:
0c:02:4a:54:f7:27:6d:80:71:6c:3d:80:70:83:0f:
1e:c2:10:97:96:bc:17:37:f6:a2:08:b0:2b:79:41:
4b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:CB:84:CD:DD:D8:55:D3:BC:B6:FC:58:B6:24:EF:21:7A:81:3D:45
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/98uEzd3YVdO8tvxYtiTvIXqBPUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.173.0/24
Signature Algorithm: sha256WithRSAEncryption
54:8c:66:ca:ba:25:2c:32:e2:16:49:49:48:d5:ec:f7:55:4c:
21:e6:e6:7c:9e:f8:e4:a1:0b:8b:95:2a:44:ad:a5:2d:19:11:
a2:4a:de:28:5c:1d:86:7e:28:4c:b1:74:e2:39:f0:b8:57:83:
78:d9:e6:ae:1d:fe:1f:ab:31:35:2b:07:6d:ca:2a:ed:61:a4:
82:9d:e0:0b:cf:61:f8:e8:ba:9d:7d:dd:4f:37:36:3d:bc:f1:
4f:88:84:20:b3:d4:fa:bd:8d:7e:4f:4c:07:f0:2e:46:c2:81:
85:94:cc:0d:4a:16:03:6d:d0:d6:5f:ed:2b:41:dd:d8:5e:21:
fd:70:ea:2d:96:cf:2c:51:44:aa:99:5c:73:53:a0:1a:4a:03:
82:fb:0a:89:e2:fd:68:5f:05:86:de:3a:c0:c2:17:83:cd:ae:
2a:0b:9e:2b:39:b4:9f:71:27:c2:3c:37:74:f1:d5:a1:95:94:
b7:73:85:92:85:5c:24:9f:83:9d:9b:d4:6c:63:1e:9e:0e:bf:
84:9c:b5:ea:2e:43:d9:48:05:1a:6c:b0:16:09:1e:b8:e5:b0:
d1:35:49:bd:52:3d:2c:24:39:76:68:5e:db:f3:2c:57:65:e4:
50:d5:ae:60:f3:b4:a3:4c:5e:4d:18:cd:c9:fe:e8:dc:a4:74:
8a:42:ae:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgKFzIDNk2vEXPRFWLnBp0wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwNzE0MTc1OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2NiODRjZGRkZDg1NWQzYmNiNmZjNThiNjI0ZWYyMTdhODEzZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqj8jktHj5QGhwbB51RCCSCU5PQja
u9KTq2VtNjer64CCB+U5D+s9IBYfnpnkjeatc9powLgCAlSyFSJ8cXD5r+0jgrqs
4hHFzFLZseuEa1GZZ3YRUeHCoEw03lCzQ7KrMAFHExF4TOv+TdU0MFGN8L8gtMFJ
pnL/XfIlXL/ozrsutW/6HzynD4Im5lHR2liBNNZnEkfIYvk2FMokruoTo49FPg9l
GCbHjxI1jI8mZnzXi4eA9HlHOa5hR2YuAMxR9kanGd9Y4SZ6kfoo1vxc+q1hVfFS
V4/RnDBvaG3cNIQMAkpU9ydtgHFsPYBwgw8ewhCXlrwXN/aiCLAreUFLAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPfLhM3d2FXTvLb8WLYk7yF6gT1FMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvOTh1RXpkM1lWZE84dHZ4WXRpVHZJWHFCUFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwemtMA0G
CSqGSIb3DQEBCwUAA4IBAQBUjGbKuiUsMuIWSUlI1ez3VUwh5uZ8nvjkoQuLlSpE
raUtGRGiSt4oXB2GfihMsXTiOfC4V4N42eauHf4fqzE1KwdtyirtYaSCneALz2H4
6Lqdfd1PNzY9vPFPiIQgs9T6vY1+T0wH8C5GwoGFlMwNShYDbdDWX+0rQd3YXiH9
cOotls8sUUSqmVxzU6AaSgOC+wqJ4v1oXwWG3jrAwheDza4qC54rObSfcSfCPDd0
8dWhlZS3c4WShVwkn4Odm9RsYx6eDr+EnLXqLkPZSAUabLAWCR645bDRNUm9Uj0s
JDl2aF7b8yxXZeRQ1a5g87SjTF5NGM3J/ujcpHSKQq5U
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:43:14 2025 by rpki-client