Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-iRe8tE0jkOptvtixzIKq_YKhkI.roa
File: 1-iRe8tE0jkOptvtixzIKq_YKhkI.roa (raw, json)
Hash identifier: JKOmRvlcF0ToZNCvclqW7O0K2Zzo7t31/IGtI17vEvI=
Subject key identifier: FA:24:5E:F2:D1:34:8E:43:A9:B6:FB:62:C7:32:0A:AB:F6:0A:86:42
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197DAE57F0A768E7E3FFC7B88785941C8A4
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-iRe8tE0jkOptvtixzIKq_YKhkI.roa
Signing time: Sat 05 Jul 2025 14:02:42 +0000
ROA not before: Sat 05 Jul 2025 14:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203446
IP address blocks: 77.90.59.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Jul 2025 04:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:da:e5:7f:0a:76:8e:7e:3f:fc:7b:88:78:59:41:c8:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 5 14:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa245ef2d1348e43a9b6fb62c7320aabf60a8642
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:41:18:f2:62:53:eb:80:d7:68:a6:35:9a:dd:
43:52:c5:fb:7d:63:40:e2:2e:91:a2:f3:08:a0:37:
23:b5:de:ef:e9:c1:5b:d0:43:9e:74:09:20:01:f1:
83:c3:75:e1:bc:d5:78:bb:80:d2:eb:b3:79:c2:9e:
17:42:5c:b7:82:61:d6:d9:c8:51:69:00:0c:d3:90:
d8:7f:9e:a5:40:3a:cc:9a:31:d2:de:6e:4c:75:fb:
eb:c6:14:98:19:c2:74:77:d2:d5:bd:de:20:f5:d6:
90:96:a9:80:12:d1:ad:f0:b8:01:59:0a:8e:48:62:
13:32:4a:34:44:0d:5c:04:57:10:ce:2a:9f:d5:19:
f1:b7:50:73:0a:e5:89:ff:d3:1b:68:69:4c:c7:1d:
b5:8e:19:13:1d:c4:40:45:18:09:e8:c7:c4:a6:7c:
61:53:12:73:ff:ae:ff:58:07:ff:ff:69:26:1f:13:
7a:b5:5a:a1:69:15:53:2b:df:b8:23:68:29:1d:65:
5c:34:67:8c:ae:60:f8:08:43:1a:71:39:bc:3a:13:
f2:3c:b3:7b:bd:11:fa:93:e8:e3:30:18:f6:89:25:
eb:a5:ad:3c:35:22:e0:ec:3d:04:91:7b:07:c3:68:
69:17:16:d2:b7:08:b0:0d:65:9f:97:ae:8d:86:50:
a6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:24:5E:F2:D1:34:8E:43:A9:B6:FB:62:C7:32:0A:AB:F6:0A:86:42
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-iRe8tE0jkOptvtixzIKq_YKhkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.59.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:47:12:0d:c3:2c:8a:ce:80:2b:00:f1:c3:ce:84:57:63:98:
b4:8b:84:e5:c3:05:6b:64:d5:5b:88:fe:46:ff:da:a1:41:d4:
95:63:2a:9a:ce:8f:93:bf:2a:fa:48:16:e3:ba:28:eb:1f:dd:
b3:95:01:9f:9f:f6:33:7e:51:90:02:4a:db:00:7e:7f:43:df:
c2:16:16:ab:02:2b:60:45:f4:a5:b7:25:9e:b3:3a:51:3c:12:
f0:74:61:cd:f5:78:aa:b1:fc:7f:84:22:56:ef:33:27:33:aa:
b6:38:e2:57:d0:f5:78:88:0a:5f:bc:43:db:2e:17:45:bc:b1:
01:da:35:a9:5d:a1:2d:0c:00:4e:45:fe:bd:87:b2:1d:d2:bb:
1d:52:03:29:a9:e1:dd:7d:6c:61:03:a4:31:bf:f4:5e:56:38:
d8:20:6b:18:11:f1:d7:ff:c4:ae:7c:78:be:d2:c7:78:66:99:
03:02:c9:a0:9b:d3:22:ad:ce:91:af:29:06:92:8a:6b:f5:3c:
6f:80:66:80:5c:ca:05:f7:a6:3a:a7:51:b1:a9:86:ff:ec:70:
8e:ac:77:fc:67:95:9c:24:e4:7c:68:e6:4f:6f:c0:6b:53:23:
50:a9:7f:a4:a6:21:39:bc:cc:ab:30:ee:e5:e0:e8:2e:af:cb:
c7:03:5a:32
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZfa5X8Kdo5+P/x7iHhZQcikMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNzA1MTQwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTI0NWVmMmQxMzQ4ZTQzYTliNmZiNjJjNzMyMGFhYmY2MGE4NjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA70EY8mJT64DXaKY1mt1DUsX7fWNA
4i6RovMIoDcjtd7v6cFb0EOedAkgAfGDw3XhvNV4u4DS67N5wp4XQly3gmHW2chR
aQAM05DYf56lQDrMmjHS3m5MdfvrxhSYGcJ0d9LVvd4g9daQlqmAEtGt8LgBWQqO
SGITMko0RA1cBFcQziqf1Rnxt1BzCuWJ/9MbaGlMxx21jhkTHcRARRgJ6MfEpnxh
UxJz/67/WAf//2kmHxN6tVqhaRVTK9+4I2gpHWVcNGeMrmD4CEMacTm8OhPyPLN7
vRH6k+jjMBj2iSXrpa08NSLg7D0EkXsHw2hpFxbStwiwDWWfl66NhlCmBQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPokXvLRNI5Dqbb7YscyCqv2CoZCMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMS1pUmU4dEUwamtPcHR2dGl4eklLcV9ZS2hrSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvOTY1ODM3LTUyY2ItNDZiNC1hZWRiLWUxYmQ4OGQzZmQw
Ny8xL1BtQ1hhWWFHNFZWZlVmYklnN3hhV0ZTYkkySS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAE1aOzAN
BgkqhkiG9w0BAQsFAAOCAQEAukcSDcMsis6AKwDxw86EV2OYtIuE5cMFa2TVW4j+
Rv/aoUHUlWMqms6Pk78q+kgW47oo6x/ds5UBn5/2M35RkAJK2wB+f0PfwhYWqwIr
YEX0pbclnrM6UTwS8HRhzfV4qrH8f4QiVu8zJzOqtjjiV9D1eIgKX7xD2y4XRbyx
Ado1qV2hLQwATkX+vYeyHdK7HVIDKanh3X1sYQOkMb/0XlY42CBrGBHx1//Ernx4
vtLHeGaZAwLJoJvTIq3Oka8pBpKKa/U8b4BmgFzKBfemOqdRsamG/+xwjqx3/GeV
nCTkfGjmT2/Aa1MjUKl/pKYhObzMqzDu5eDoLq/LxwNaMg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:05:07 2025 by rpki-client