Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/P0uzqFn6uAAwNTQcRJdUa6Oi-pU.roa
File: P0uzqFn6uAAwNTQcRJdUa6Oi-pU.roa (raw, json)
Hash identifier: jxBbwR4K6lXD6SMTjtBAt0PvG/UgjQALqVj4Reulf1w=
Subject key identifier: 3F:4B:B3:A8:59:FA:B8:00:30:35:34:1C:44:97:54:6B:A3:A2:FA:95
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 01977F646EB65B7284D32B8104705D435D8C
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/P0uzqFn6uAAwNTQcRJdUa6Oi-pU.roa
Signing time: Tue 17 Jun 2025 19:36:17 +0000
ROA not before: Tue 17 Jun 2025 19:36:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.15.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Jun 2025 20:20:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:7f:64:6e:b6:5b:72:84:d3:2b:81:04:70:5d:43:5d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Jun 17 19:36:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f4bb3a859fab8003035341c4497546ba3a2fa95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a5:22:45:2e:b5:42:cf:59:c0:71:dc:16:f8:
68:9d:12:5c:4e:88:62:1b:ea:c8:23:2b:17:16:23:
0e:a7:a0:28:36:2c:df:90:d9:e3:55:f2:95:08:ff:
20:1a:0b:0a:40:80:0f:46:4e:00:25:e9:6e:53:d7:
1f:c9:2b:38:83:68:91:63:a0:0f:9a:e8:04:90:6e:
05:d4:64:f1:e9:af:02:eb:ae:6d:a6:1a:f2:6a:53:
65:bf:5b:ed:c5:9a:a4:30:56:04:db:ce:9e:cc:7f:
22:2d:2c:11:6e:82:2e:82:7a:a2:a4:03:72:52:36:
4e:34:5f:f9:d6:76:a6:5c:82:76:9e:e6:29:fe:1c:
30:df:da:bc:bb:01:f7:d8:71:ec:55:84:84:99:0e:
18:da:a9:7d:5e:79:7a:88:b8:8a:27:34:da:99:e6:
a2:80:5f:7a:0f:c5:58:11:22:e5:c7:de:b4:84:a5:
81:f6:bb:6f:fb:59:f6:d4:a0:9b:16:c4:e9:fc:3c:
38:79:7a:40:23:10:9f:ae:61:f0:3a:cf:f8:e0:75:
1b:8b:66:12:43:20:b3:05:fa:48:46:9f:94:c8:9f:
97:05:c6:eb:ee:bd:2c:1a:03:d1:58:7a:d2:8b:6d:
bf:1a:35:c0:4b:c3:07:a0:dc:f5:ad:65:18:9f:07:
2c:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:4B:B3:A8:59:FA:B8:00:30:35:34:1C:44:97:54:6B:A3:A2:FA:95
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/P0uzqFn6uAAwNTQcRJdUa6Oi-pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.15.98.0/24
Signature Algorithm: sha256WithRSAEncryption
17:e0:48:5a:56:87:58:85:25:fa:71:3a:11:2e:1a:e0:c0:78:
b7:4c:e0:68:f2:dd:2f:f3:70:8d:67:3c:ed:81:9b:b0:5c:0c:
17:46:e2:ab:a6:4e:11:b5:95:9f:8d:aa:de:a2:f9:40:2f:b1:
48:d8:a1:14:5a:77:96:61:5a:9f:56:f9:5b:ab:f8:cd:cd:aa:
0d:2c:77:6c:4b:6c:59:a3:f9:50:29:d8:9a:30:cd:92:32:85:
e3:e8:d6:b5:8e:be:55:ff:3c:2e:f6:c6:65:5d:65:4d:a0:a3:
40:8a:76:e1:76:92:e0:f8:2b:79:61:99:9e:c7:73:e5:3a:d4:
78:16:4c:c3:eb:68:2f:25:ec:7d:33:e2:a4:16:84:91:4c:62:
cc:18:13:f0:22:c8:33:06:05:30:19:10:75:a1:4f:9d:64:ce:
c0:8b:82:03:7e:d8:fb:a5:bc:33:93:bc:10:14:db:db:34:1c:
21:73:58:0a:3f:43:1c:63:32:8b:b9:ba:5b:90:33:97:6e:40:
7b:b3:91:2d:31:51:47:cd:b0:01:61:47:2e:d6:61:6d:03:d8:
35:3f:95:ca:42:d8:2a:16:31:8f:d4:04:f5:3e:fa:41:34:2a:
4a:df:bf:d2:ea:18:d8:dc:4a:a6:30:80:8c:2c:22:a9:26:2a:
bc:00:c1:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZd/ZG62W3KE0yuBBHBdQ12MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNjE3MTkzNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjRiYjNhODU5ZmFiODAwMzAzNTM0MWM0NDk3NTQ2YmEzYTJmYTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKUiRS61Qs9ZwHHcFvhonRJcTohi
G+rIIysXFiMOp6AoNizfkNnjVfKVCP8gGgsKQIAPRk4AJeluU9cfySs4g2iRY6AP
mugEkG4F1GTx6a8C665tphryalNlv1vtxZqkMFYE286ezH8iLSwRboIugnqipANy
UjZONF/51namXIJ2nuYp/hww39q8uwH32HHsVYSEmQ4Y2ql9Xnl6iLiKJzTameai
gF96D8VYESLlx960hKWB9rtv+1n21KCbFsTp/Dw4eXpAIxCfrmHwOs/44HUbi2YS
QyCzBfpIRp+UyJ+XBcbr7r0sGgPRWHrSi22/GjXAS8MHoNz1rWUYnwcs1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD9Ls6hZ+rgAMDU0HESXVGujovqVMB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvUDB1enFGbjZ1QUF3TlRRY1JKZFVhNk9pLXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwg9iMA0G
CSqGSIb3DQEBCwUAA4IBAQAX4EhaVodYhSX6cToRLhrgwHi3TOBo8t0v83CNZzzt
gZuwXAwXRuKrpk4RtZWfjareovlAL7FI2KEUWneWYVqfVvlbq/jNzaoNLHdsS2xZ
o/lQKdiaMM2SMoXj6Na1jr5V/zwu9sZlXWVNoKNAinbhdpLg+Ct5YZmex3PlOtR4
FkzD62gvJex9M+KkFoSRTGLMGBPwIsgzBgUwGRB1oU+dZM7Ai4IDftj7pbwzk7wQ
FNvbNBwhc1gKP0McYzKLubpbkDOXbkB7s5EtMVFHzbABYUcu1mFtA9g1P5XKQtgq
FjGP1AT1PvpBNCpK37/S6hjY3EqmMICMLCKpJiq8AME3
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:43:42 2025 by rpki-client