Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/kVHoKlCsnTcDU1Uwp3vgIcgYD8Y.roa
File: kVHoKlCsnTcDU1Uwp3vgIcgYD8Y.roa (raw, json)
Hash identifier: i1/MbDvwQPd2A+KZVeRlnL4c+gi03aP5I4zow/K8Jn8=
Subject key identifier: 91:51:E8:2A:50:AC:9D:37:03:53:55:30:A7:7B:E0:21:C8:18:0F:C6
Certificate issuer: /CN=f48b3f0c6a87c045bdcffabd900db8892be702e1
Certificate serial: 01981D4F7E8F7C5C1B7E7793953D0188CE78
Authority key identifier: F4:8B:3F:0C:6A:87:C0:45:BD:CF:FA:BD:90:0D:B8:89:2B:E7:02:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/kVHoKlCsnTcDU1Uwp3vgIcgYD8Y.roa
Signing time: Fri 18 Jul 2025 11:33:25 +0000
ROA not before: Fri 18 Jul 2025 11:33:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5539
IP address blocks: 82.118.32.0/19 maxlen: 19
185.54.120.0/22 maxlen: 22
185.54.188.0/22 maxlen: 22
193.149.32.0/19 maxlen: 19
194.97.64.0/19 maxlen: 19
194.97.128.0/19 maxlen: 19
194.97.137.0/24 maxlen: 24
195.24.96.0/19 maxlen: 19
195.30.0.0/16 maxlen: 16
195.30.21.0/24 maxlen: 24
195.30.50.0/24 maxlen: 24
195.30.64.0/24 maxlen: 24
195.30.121.0/24 maxlen: 24
195.30.131.0/24 maxlen: 24
2001:608::/32 maxlen: 32
2001:608:804::/48 maxlen: 48
2001:608:a04::/48 maxlen: 48
2001:608:e03::/48 maxlen: 48
2001:67c:158c::/48 maxlen: 48
2001:4150::/32 maxlen: 32
Validation: Failed, certificate revoked on Fri 25 Jul 2025 08:24:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1d:4f:7e:8f:7c:5c:1b:7e:77:93:95:3d:01:88:ce:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f48b3f0c6a87c045bdcffabd900db8892be702e1
Validity
Not Before: Jul 18 11:33:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9151e82a50ac9d3703535530a77be021c8180fc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:78:e2:6b:a1:3e:fd:a8:6f:5c:35:68:24:9a:
2a:48:27:fe:1c:82:89:ba:75:a4:85:5a:f4:4b:e6:
ad:d2:5b:df:0c:77:7d:7d:e5:bb:4f:04:53:e1:f4:
0a:e2:d0:08:70:d7:b1:44:1b:c7:78:3a:99:ec:d8:
d5:d0:34:07:fe:ed:51:3e:66:51:5b:4b:7c:95:6b:
7c:29:b5:16:89:41:2a:07:5a:46:c7:93:7e:f0:10:
b5:a4:71:63:f9:53:0d:d7:38:15:ba:c7:98:22:7a:
f2:4d:0f:c2:54:f0:df:4c:53:63:38:b9:62:e3:d4:
90:47:e1:30:36:67:65:0c:98:7d:a8:95:c2:d0:7d:
29:7d:d6:3b:8f:d3:be:b5:1a:d2:18:ab:15:14:15:
fc:fa:ef:ea:15:e5:9d:df:70:27:29:16:63:ec:dd:
4f:d8:cc:eb:7d:07:8c:d8:f6:23:18:78:1e:fb:ad:
e7:c9:bd:76:a8:09:3e:66:78:f9:b5:d2:00:c7:97:
eb:8e:c6:b4:67:ad:48:4c:99:58:bc:ea:b6:44:58:
0b:1b:a3:2b:84:1b:3b:ad:d4:60:b9:cd:6a:58:e5:
6e:b5:cd:24:fa:51:40:f6:50:c8:87:54:f3:8f:ce:
62:14:29:f8:71:ce:d2:15:8a:b0:2b:80:b3:0f:b1:
a9:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:51:E8:2A:50:AC:9D:37:03:53:55:30:A7:7B:E0:21:C8:18:0F:C6
X509v3 Authority Key Identifier:
keyid:F4:8B:3F:0C:6A:87:C0:45:BD:CF:FA:BD:90:0D:B8:89:2B:E7:02:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9Is_DGqHwEW9z_q9kA24iSvnAuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/kVHoKlCsnTcDU1Uwp3vgIcgYD8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/2e2747-ad74-4d31-9256-d35edb9fdd21/1/9Is_DGqHwEW9z_q9kA24iSvnAuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.32.0/19
185.54.120.0/22
185.54.188.0/22
193.149.32.0/19
194.97.64.0/19
194.97.128.0/19
195.24.96.0/19
195.30.0.0/16
IPv6:
2001:608::/32
2001:67c:158c::/48
2001:4150::/32
Signature Algorithm: sha256WithRSAEncryption
a8:d3:ea:cc:52:7d:66:83:6f:b4:50:be:2f:d7:88:58:97:c6:
86:86:86:99:1c:9b:be:35:0f:78:3c:01:6d:3a:ed:a8:25:9c:
ba:fb:40:f2:77:aa:0d:af:d6:82:62:5d:94:68:21:9c:e6:1c:
fe:c1:93:00:de:c8:21:b6:7c:31:c8:46:3b:0c:92:87:07:92:
56:fe:b3:31:24:c7:fc:3b:e9:33:3f:6d:f9:78:45:46:8e:11:
22:4c:df:75:a2:3f:7a:4e:f5:35:3f:87:ab:47:e3:b8:8b:6b:
55:c3:f4:4f:f6:13:d5:d7:d4:c6:aa:3e:d5:c3:47:b3:78:a0:
b7:d2:35:51:63:75:7d:6c:72:41:03:f2:76:8b:ae:03:ac:41:
fe:b8:57:f3:be:c2:9f:cc:e8:7d:d4:3d:c0:4c:fc:a4:e1:4d:
dc:44:6b:f6:39:cb:09:cc:94:4d:13:a3:29:9f:11:de:ac:b0:
02:5e:1a:9f:ba:06:fa:98:31:e3:75:36:06:9e:8f:3b:98:38:
52:f4:f2:66:2e:14:fa:f7:24:41:2e:e7:40:1d:6d:3e:f8:c6:
f2:94:19:a1:db:3b:eb:d2:6b:d5:46:f9:12:b0:a4:a8:2e:a2:
2c:36:c8:9e:6d:54:b1:38:01:8f:9b:c9:52:29:c3:3b:45:58:
d7:15:fa:3f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZgdT36PfFwbfneTlT0BiM54MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0OGIzZjBjNmE4N2MwNDViZGNmZmFiZDkwMGRiODg5MmJl
NzAyZTEwHhcNMjUwNzE4MTEzMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTUxZTgyYTUwYWM5ZDM3MDM1MzU1MzBhNzdiZTAyMWM4MTgwZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx3jia6E+/ahvXDVoJJoqSCf+HIKJ
unWkhVr0S+at0lvfDHd9feW7TwRT4fQK4tAIcNexRBvHeDqZ7NjV0DQH/u1RPmZR
W0t8lWt8KbUWiUEqB1pGx5N+8BC1pHFj+VMN1zgVuseYInryTQ/CVPDfTFNjOLli
49SQR+EwNmdlDJh9qJXC0H0pfdY7j9O+tRrSGKsVFBX8+u/qFeWd33AnKRZj7N1P
2MzrfQeM2PYjGHge+63nyb12qAk+Znj5tdIAx5frjsa0Z61ITJlYvOq2RFgLG6Mr
hBs7rdRguc1qWOVutc0k+lFA9lDIh1Tzj85iFCn4cc7SFYqwK4CzD7GpFwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFJFR6CpQrJ03A1NVMKd74CHIGA/GMB8GA1UdIwQY
MBaAFPSLPwxqh8BFvc/6vZANuIkr5wLhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUlzX0RHcUh3RVc5el9xOWtBMjRpU3ZuQXVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8yZTI3NDctYWQ3NC00ZDMxLTkyNTYt
ZDM1ZWRiOWZkZDIxLzEva1ZIb0tsQ3NuVGNEVTFVd3AzdmdJY2dZRDhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8yZTI3NDctYWQ3NC00ZDMxLTkyNTYtZDM1ZWRiOWZkZDIx
LzEvOUlzX0RHcUh3RVc5el9xOWtBMjRpU3ZuQXVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjA1BAIAATAvAwQFUnYgAwQC
uTZ4AwQCuTa8AwQFwZUgAwQFwmFAAwQFwmGAAwQFwxhgAwMAwx4wHQQCAAIwFwMF
ACABBggDBwAgAQZ8FYwDBQAgAUFQMA0GCSqGSIb3DQEBCwUAA4IBAQCo0+rMUn1m
g2+0UL4v14hYl8aGhoaZHJu+NQ94PAFtOu2oJZy6+0Dyd6oNr9aCYl2UaCGc5hz+
wZMA3sghtnwxyEY7DJKHB5JW/rMxJMf8O+kzP235eEVGjhEiTN91oj96TvU1P4er
R+O4i2tVw/RP9hPV19TGqj7Vw0ezeKC30jVRY3V9bHJBA/J2i64DrEH+uFfzvsKf
zOh91D3ATPyk4U3cRGv2OcsJzJRNE6MpnxHerLACXhqfugb6mDHjdTYGno87mDhS
9PJmLhT69yRBLudAHW0++MbylBmh2zvr0mvVRvkSsKSoLqIsNsiebVSxOAGPm8lS
KcM7RVjXFfo/
-----END CERTIFICATE-----
Generated at Sun Jul 27 21:15:27 2025 by rpki-client