Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/vKSmFKux6LuMYWJnWSOmG4MB2Ns.roa
File: vKSmFKux6LuMYWJnWSOmG4MB2Ns.roa (raw, json)
Hash identifier: Xi0d/trtO+3QZzyP/OBzGCBIu2xP33qbYkDTdCalMu4=
Subject key identifier: BC:A4:A6:14:AB:B1:E8:BB:8C:61:62:67:59:23:A6:1B:83:01:D8:DB
Certificate issuer: /CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Certificate serial: 0198416C2CA5BD33187D1DD275FAA9E4B72E
Authority key identifier: 00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/vKSmFKux6LuMYWJnWSOmG4MB2Ns.roa
Signing time: Fri 25 Jul 2025 11:51:05 +0000
ROA not before: Fri 25 Jul 2025 11:51:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 85.234.64.0/24 maxlen: 24
85.234.66.0/24 maxlen: 24
85.234.67.0/24 maxlen: 24
85.234.84.0/24 maxlen: 24
85.234.86.0/24 maxlen: 24
85.234.91.0/24 maxlen: 24
85.234.93.0/24 maxlen: 24
85.234.94.0/24 maxlen: 24
92.38.143.0/24 maxlen: 24
93.113.170.0/24 maxlen: 24
93.119.168.0/24 maxlen: 24
93.119.169.0/24 maxlen: 24
109.61.121.0/24 maxlen: 24
2a03:90c0:650::/44 maxlen: 64
2a03:90c0:680::/44 maxlen: 44
2a03:90c0:7a0::/44 maxlen: 44
2a03:90c0:7b0::/44 maxlen: 44
Validation: Failed, certificate revoked on Fri 25 Jul 2025 14:52:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:41:6c:2c:a5:bd:33:18:7d:1d:d2:75:fa:a9:e4:b7:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00e4f6a77368b7cecfe67220b436576b1e008aec
Validity
Not Before: Jul 25 11:51:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bca4a614abb1e8bb8c6162675923a61b8301d8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:f8:3f:5d:48:b9:4c:b9:21:40:aa:4d:53:06:
67:8c:4d:c1:03:87:f1:b7:65:34:80:67:fd:83:dc:
ba:27:e2:ba:1f:20:60:3a:d7:3e:4a:a3:6c:76:00:
a9:da:7d:00:6b:c3:9a:da:c3:81:a5:fe:ac:42:9a:
25:21:bd:a5:ad:45:f5:2e:ef:10:9e:84:0e:24:6b:
a4:07:7c:fc:0f:00:b8:cb:95:d4:29:60:2d:98:98:
98:c5:f2:55:54:b9:0d:82:16:7c:35:f2:b5:bb:7a:
f2:66:e4:78:85:8c:36:8f:61:6f:8e:b4:f7:3c:0a:
b3:35:e9:94:a2:9e:07:d4:81:d1:a0:9f:a1:97:4c:
a9:11:47:7c:5a:51:ce:82:d8:4c:db:b5:cc:01:95:
d8:a7:ea:e1:35:18:03:f2:09:ab:b7:9a:5e:ea:fe:
8b:d3:41:b0:b7:a1:5b:21:8b:43:18:8e:51:f8:d1:
d7:04:fb:f7:28:0f:19:82:db:2a:69:e0:85:0b:c8:
33:51:21:1a:71:05:27:40:ba:b7:7d:02:21:4e:ba:
b6:f3:c5:9a:28:72:67:85:9f:5c:1b:9e:77:2b:28:
8f:a1:da:9f:da:77:22:86:4c:07:c3:d4:9e:7b:8c:
53:9b:a3:1a:3e:24:37:d6:95:ff:19:e1:60:86:63:
df:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:A4:A6:14:AB:B1:E8:BB:8C:61:62:67:59:23:A6:1B:83:01:D8:DB
X509v3 Authority Key Identifier:
keyid:00:E4:F6:A7:73:68:B7:CE:CF:E6:72:20:B4:36:57:6B:1E:00:8A:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AOT2p3Not87P5nIgtDZXax4Aiuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/vKSmFKux6LuMYWJnWSOmG4MB2Ns.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/652da9-afc4-4e20-82fc-b07d8416ae4a/1/AOT2p3Not87P5nIgtDZXax4Aiuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.234.64.0/24
85.234.66.0/23
85.234.84.0/24
85.234.86.0/24
85.234.91.0/24
85.234.93.0-85.234.94.255
92.38.143.0/24
93.113.170.0/24
93.119.168.0/23
109.61.121.0/24
IPv6:
2a03:90c0:650::/44
2a03:90c0:680::/44
2a03:90c0:7a0::/43
Signature Algorithm: sha256WithRSAEncryption
52:6b:47:29:b2:6a:e2:40:cf:2f:1d:7d:c8:55:d0:65:e3:46:
fd:f8:00:d6:dd:2a:19:de:19:dc:c5:58:41:1f:5f:5b:4f:1d:
38:88:dc:f7:0e:4f:bc:cc:68:5e:e2:e4:55:86:88:7d:0f:35:
94:9d:07:3b:2f:32:4e:ca:16:e9:88:98:1d:a5:07:d2:09:26:
d5:1a:fc:64:23:bd:01:5b:e4:a4:a4:76:f5:04:e6:59:24:38:
fa:dc:38:0b:c3:16:88:23:85:c8:e4:2f:49:74:50:f5:7b:94:
21:62:a0:ef:cc:c5:a3:25:3b:49:76:87:d5:2a:b0:22:17:06:
53:b3:bf:21:8c:d3:d4:cd:d2:ed:8a:71:c7:bc:a4:8d:43:d1:
e4:25:77:e3:3b:25:a7:43:99:06:ee:10:31:8c:b8:ee:3c:21:
17:f2:b9:9a:24:45:1b:a4:fb:2f:81:03:cd:7d:bf:7a:a3:35:
a0:1e:a1:a4:45:88:ad:06:38:0b:97:bb:57:21:49:04:12:3d:
97:fb:61:52:17:c1:69:0f:5b:05:26:90:20:ef:8c:fd:77:b5:
61:a8:9a:fd:38:8b:b1:17:cc:75:2f:f2:df:de:ad:a4:8f:74:
90:fe:55:4a:6a:ff:bd:79:51:a5:e6:69:89:92:05:29:ad:c7:
e6:54:c1:ed
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZhBbCylvTMYfR3Sdfqp5LcuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwZTRmNmE3NzM2OGI3Y2VjZmU2NzIyMGI0MzY1NzZiMWUw
MDhhZWMwHhcNMjUwNzI1MTE1MTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2E0YTYxNGFiYjFlOGJiOGM2MTYyNjc1OTIzYTYxYjgzMDFkOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPg/XUi5TLkhQKpNUwZnjE3BA4fx
t2U0gGf9g9y6J+K6HyBgOtc+SqNsdgCp2n0Aa8Oa2sOBpf6sQpolIb2lrUX1Lu8Q
noQOJGukB3z8DwC4y5XUKWAtmJiYxfJVVLkNghZ8NfK1u3ryZuR4hYw2j2FvjrT3
PAqzNemUop4H1IHRoJ+hl0ypEUd8WlHOgthM27XMAZXYp+rhNRgD8gmrt5pe6v6L
00Gwt6FbIYtDGI5R+NHXBPv3KA8ZgtsqaeCFC8gzUSEacQUnQLq3fQIhTrq288Wa
KHJnhZ9cG553KyiPodqf2ncihkwHw9See4xTm6MaPiQ31pX/GeFghmPfxQIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFLykphSrsei7jGFiZ1kjphuDAdjbMB8GA1UdIwQY
MBaAFADk9qdzaLfOz+ZyILQ2V2seAIrsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMt
YjA3ZDg0MTZhZTRhLzEvdktTbUZLdXg2THVNWVdKbldTT21HNE1CMk5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82NTJkYTktYWZjNC00ZTIwLTgyZmMtYjA3ZDg0MTZhZTRh
LzEvQU9UMnAzTm90ODdQNW5JZ3REWlhheDRBaXV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wSgQCAAEwRAMEAFXqQAME
AVXqQgMEAFXqVAMEAFXqVgMEAFXqWzAMAwQAVepdAwQAVepeAwQAXCaPAwQAXXGq
AwQBXXeoAwQAbT15MCEEAgACMBsDBwQqA5DABlADBwQqA5DABoADBwUqA5DAB6Aw
DQYJKoZIhvcNAQELBQADggEBAFJrRymyauJAzy8dfchV0GXjRv34ANbdKhneGdzF
WEEfX1tPHTiI3PcOT7zMaF7i5FWGiH0PNZSdBzsvMk7KFumImB2lB9IJJtUa/GQj
vQFb5KSkdvUE5lkkOPrcOAvDFogjhcjkL0l0UPV7lCFioO/MxaMlO0l2h9UqsCIX
BlOzvyGM09TN0u2Kcce8pI1D0eQld+M7JadDmQbuEDGMuO48IRfyuZokRRuk+y+B
A819v3qjNaAeoaRFiK0GOAuXu1chSQQSPZf7YVIXwWkPWwUmkCDvjP13tWGomv04
i7EXzHUv8t/eraSPdJD+VUpq/715UaXmaYmSBSmtx+ZUwe0=
-----END CERTIFICATE-----
Generated at Tue Jul 29 07:03:24 2025 by rpki-client