Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/doDWPZyDbqx9GsqtBXKqrFV50Hk.roa
File: doDWPZyDbqx9GsqtBXKqrFV50Hk.roa (raw, json)
Hash identifier: wAFWsx4N9uFsD9G8sAQ0CihHj/lCmlI+Etn4+X19rw8=
Subject key identifier: 76:80:D6:3D:9C:83:6E:AC:7D:1A:CA:AD:05:72:AA:AC:55:79:D0:79
Certificate issuer: /CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Certificate serial: 0197646089BEA299AE9750BC271338C30D40
Authority key identifier: 05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/doDWPZyDbqx9GsqtBXKqrFV50Hk.roa
Signing time: Thu 12 Jun 2025 13:42:17 +0000
ROA not before: Thu 12 Jun 2025 13:42:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 188.209.129.0/24 maxlen: 24
194.15.98.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Jun 2025 19:36:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:64:60:89:be:a2:99:ae:97:50:bc:27:13:38:c3:0d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=051f29462e7a7da7eb5f45da7873f14e403fe3ab
Validity
Not Before: Jun 12 13:42:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7680d63d9c836eac7d1acaad0572aaac5579d079
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6a:08:e8:a0:2c:ca:8c:02:47:18:88:d7:a2:
4e:0a:cd:5b:87:59:b8:80:24:45:3e:03:7a:75:5c:
c3:9c:be:63:51:fc:00:66:87:5a:95:ac:e7:f5:92:
b7:d2:e8:b4:a1:0f:82:be:8d:35:5c:48:e1:6d:cc:
68:1c:d7:8b:37:0b:fd:a2:ea:a4:5e:fb:db:56:df:
09:69:fb:86:32:0c:4e:d6:14:a4:e6:28:30:c2:a4:
a4:75:50:0c:d3:2a:66:a7:90:b6:89:92:b2:82:17:
8d:cf:d7:60:cd:ff:c3:96:44:0d:7b:ad:85:82:b0:
05:46:e3:6a:c7:71:1f:11:e9:18:dd:df:b6:77:9a:
d0:61:e0:f0:e3:1a:8b:87:50:50:b9:1c:d2:c0:de:
b2:5b:7a:8c:18:0b:a3:19:f3:db:d7:f3:7b:07:dd:
07:3d:ea:96:92:ac:1e:ec:f7:8a:34:7c:d0:f8:d2:
f7:a5:b2:47:7a:06:5e:69:8f:88:b9:02:c0:93:79:
ff:e3:dd:fa:45:df:5e:53:08:86:f7:58:e5:3f:73:
da:9d:b4:3b:b6:ad:7c:0a:af:db:c5:cb:43:35:7e:
b8:e2:d6:45:10:6d:33:69:47:aa:5b:53:91:3d:12:
bc:85:e1:c0:d0:10:0c:35:e0:09:e3:79:2b:5d:f1:
06:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:80:D6:3D:9C:83:6E:AC:7D:1A:CA:AD:05:72:AA:AC:55:79:D0:79
X509v3 Authority Key Identifier:
keyid:05:1F:29:46:2E:7A:7D:A7:EB:5F:45:DA:78:73:F1:4E:40:3F:E3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BR8pRi56fafrX0XaeHPxTkA_46s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/doDWPZyDbqx9GsqtBXKqrFV50Hk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/395328-f461-44b7-b031-3f8b55da1ac4/1/BR8pRi56fafrX0XaeHPxTkA_46s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.209.129.0/24
194.15.98.0/24
Signature Algorithm: sha256WithRSAEncryption
23:dc:4a:81:69:25:2c:12:f3:5f:a7:df:83:fe:2d:bb:f6:b2:
96:34:de:47:a3:01:18:f8:a0:bb:70:54:19:dd:a9:36:da:6e:
66:f3:4e:31:2a:12:c3:e1:42:ee:ed:5c:ff:b5:19:b3:73:e7:
b4:7b:8d:77:2f:2a:16:b7:87:57:4a:c1:b4:8f:63:71:a1:ff:
1c:c0:eb:ba:d5:f1:85:85:cc:c5:f3:c4:22:d4:1e:61:0e:bd:
73:3a:fe:7c:03:74:20:97:bb:01:18:ef:b6:23:19:5a:28:3d:
62:ad:03:ed:58:6e:ed:73:80:56:d4:bf:42:13:49:45:6c:1f:
4c:2b:67:66:54:ca:a7:ab:06:ad:9a:b3:58:11:5a:67:3f:a9:
78:07:89:68:42:2f:2d:9e:f6:35:7f:08:e5:45:ff:0a:bf:72:
42:d0:87:eb:de:18:32:b6:92:49:38:06:df:2f:c4:c9:9f:c8:
22:f5:0a:46:8f:96:ac:2e:a1:ec:fb:be:97:37:07:70:51:3e:
c3:df:bc:85:5d:20:cb:37:46:6c:01:48:9e:98:38:74:34:b6:
ed:f0:06:c3:39:18:23:c5:de:d4:2d:de:89:7b:56:a6:5b:72:
ed:13:81:a7:8b:ab:08:26:c9:4f:f2:03:97:83:e5:0c:46:e3:
f3:4b:4c:75
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdkYIm+opmul1C8JxM4ww1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MWYyOTQ2MmU3YTdkYTdlYjVmNDVkYTc4NzNmMTRlNDAz
ZmUzYWIwHhcNMjUwNjEyMTM0MjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjgwZDYzZDljODM2ZWFjN2QxYWNhYWQwNTcyYWFhYzU1NzlkMDc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmoI6KAsyowCRxiI16JOCs1bh1m4
gCRFPgN6dVzDnL5jUfwAZodalazn9ZK30ui0oQ+Cvo01XEjhbcxoHNeLNwv9ouqk
XvvbVt8JafuGMgxO1hSk5igwwqSkdVAM0ypmp5C2iZKygheNz9dgzf/DlkQNe62F
grAFRuNqx3EfEekY3d+2d5rQYeDw4xqLh1BQuRzSwN6yW3qMGAujGfPb1/N7B90H
PeqWkqwe7PeKNHzQ+NL3pbJHegZeaY+IuQLAk3n/4936Rd9eUwiG91jlP3PanbQ7
tq18Cq/bxctDNX644tZFEG0zaUeqW1ORPRK8heHA0BAMNeAJ43krXfEGSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHaA1j2cg26sfRrKrQVyqqxVedB5MB8GA1UdIwQY
MBaAFAUfKUYuen2n619F2nhz8U5AP+OrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEt
M2Y4YjU1ZGExYWM0LzEvZG9EV1BaeURicXg5R3NxdEJYS3FyRlY1MEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8zOTUzMjgtZjQ2MS00NGI3LWIwMzEtM2Y4YjU1ZGExYWM0
LzEvQlI4cFJpNTZmYWZyWDBYYWVIUHhUa0FfNDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNGBAwQA
wg9iMA0GCSqGSIb3DQEBCwUAA4IBAQAj3EqBaSUsEvNfp9+D/i279rKWNN5HowEY
+KC7cFQZ3ak22m5m804xKhLD4ULu7Vz/tRmzc+e0e413LyoWt4dXSsG0j2Nxof8c
wOu61fGFhczF88Qi1B5hDr1zOv58A3Qgl7sBGO+2IxlaKD1irQPtWG7tc4BW1L9C
E0lFbB9MK2dmVMqnqwatmrNYEVpnP6l4B4loQi8tnvY1fwjlRf8Kv3JC0Ifr3hgy
tpJJOAbfL8TJn8gi9QpGj5asLqHs+76XNwdwUT7D37yFXSDLN0ZsAUiemDh0NLbt
8AbDORgjxd7ULd6Je1amW3LtE4Gni6sIJslP8gOXg+UMRuPzS0x1
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:28:41 2025 by rpki-client