Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Al5mX-q3V2QTzrqzYi-426xzbWI.roa
File: Al5mX-q3V2QTzrqzYi-426xzbWI.roa (raw, json)
Hash identifier: LdKzMaKuOG0heF1w/jasc9sunhFG4eRMqVOeHlgYgek=
Subject key identifier: 02:5E:66:5F:EA:B7:57:64:13:CE:BA:B3:62:2F:B8:DB:AC:73:6D:62
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0197C0E3C8562B6336BFEA55A1F3EF8BDD3E
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Al5mX-q3V2QTzrqzYi-426xzbWI.roa
Signing time: Mon 30 Jun 2025 12:50:42 +0000
ROA not before: Mon 30 Jun 2025 12:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 193.43.146.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jun 2025 22:13:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:e3:c8:56:2b:63:36:bf:ea:55:a1:f3:ef:8b:dd:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jun 30 12:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=025e665feab7576413cebab3622fb8dbac736d62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:5f:aa:00:7b:48:40:98:b8:64:35:91:1b:af:
5d:ec:ec:fb:74:34:01:43:51:8a:b0:82:7f:72:05:
e7:44:62:25:83:f3:25:1a:8a:be:be:45:2b:52:e5:
07:b7:6d:e4:7e:29:3d:73:11:5d:f2:75:cc:fa:57:
aa:cd:1f:e8:59:d4:e3:63:17:b0:33:85:04:04:8c:
c0:46:a7:ff:91:50:51:38:4d:2a:4c:cf:cc:b3:8b:
20:fb:19:0e:d9:3c:b2:02:92:89:72:50:b3:be:c3:
b9:15:83:15:fd:73:42:93:0c:d4:d8:9d:e1:a3:07:
34:ff:f6:08:91:5e:60:80:66:b2:be:98:98:e9:8a:
64:0f:60:3d:82:aa:d0:9e:f0:dd:43:fc:e5:62:33:
c5:01:81:fe:69:bb:7b:22:82:0c:72:d2:0e:4d:a3:
4d:2d:47:24:a8:29:d4:2b:c5:e1:6d:6a:1b:18:52:
4a:ed:1a:75:a4:d0:bc:66:07:5d:6a:4e:ad:fb:21:
67:a2:e2:92:88:b3:08:d2:4a:1e:13:e5:84:19:b0:
47:11:a6:28:05:ec:a7:b0:7e:b1:64:f2:d2:f5:df:
fa:bf:1e:32:69:57:81:2f:80:a9:08:73:96:dd:c7:
c1:94:02:ad:de:b9:96:c2:3d:af:3b:73:89:40:81:
e1:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:5E:66:5F:EA:B7:57:64:13:CE:BA:B3:62:2F:B8:DB:AC:73:6D:62
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/Al5mX-q3V2QTzrqzYi-426xzbWI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.146.0/24
Signature Algorithm: sha256WithRSAEncryption
34:8d:96:b2:1d:79:f8:e6:82:82:fe:2b:87:73:e7:78:89:92:
ad:41:3a:c6:99:48:09:f4:68:96:e5:e3:ea:4c:6d:fa:87:6f:
27:2e:a0:14:ad:75:d0:87:18:b0:9b:da:1f:e7:a7:b3:c3:84:
69:c0:11:63:1c:d9:b2:ec:74:7e:87:ac:04:39:d6:2e:39:11:
6f:20:6d:18:7b:0d:8d:03:43:02:b5:05:98:66:ef:3b:68:dc:
11:c4:59:e1:e7:c0:d9:33:ae:28:8c:6b:f5:e3:b7:5e:d6:d7:
8e:5c:96:9a:24:b9:30:23:6c:80:47:fe:bf:e4:9f:a8:c1:6d:
74:d0:cc:7b:66:e7:58:33:32:84:5e:46:6e:58:26:20:85:55:
aa:ae:c8:fd:b4:27:86:86:a1:aa:4f:b0:74:0f:49:41:0f:da:
d2:d6:6f:cf:ff:47:99:58:88:e1:c5:b9:96:05:70:1f:86:e1:
b7:56:1f:0d:43:b5:a8:48:d4:53:26:91:50:f7:05:58:fb:d2:
8e:93:7e:90:ac:cc:ff:90:17:5d:11:a2:23:71:b5:c6:09:ae:
e7:f9:f7:85:47:75:7e:9d:ff:a3:35:8d:50:ab:03:97:e5:77:
c0:62:0d:62:4c:a8:d5:01:2a:56:88:eb:13:8b:34:ac:54:7b:
7a:5d:18:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfA48hWK2M2v+pVofPvi90+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNjMwMTI1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjVlNjY1ZmVhYjc1NzY0MTNjZWJhYjM2MjJmYjhkYmFjNzM2ZDYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxV+qAHtIQJi4ZDWRG69d7Oz7dDQB
Q1GKsIJ/cgXnRGIlg/MlGoq+vkUrUuUHt23kfik9cxFd8nXM+leqzR/oWdTjYxew
M4UEBIzARqf/kVBROE0qTM/Ms4sg+xkO2TyyApKJclCzvsO5FYMV/XNCkwzU2J3h
owc0//YIkV5ggGayvpiY6YpkD2A9gqrQnvDdQ/zlYjPFAYH+abt7IoIMctIOTaNN
LUckqCnUK8XhbWobGFJK7Rp1pNC8Zgddak6t+yFnouKSiLMI0koeE+WEGbBHEaYo
BeynsH6xZPLS9d/6vx4yaVeBL4CpCHOW3cfBlAKt3rmWwj2vO3OJQIHhuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAJeZl/qt1dkE866s2IvuNusc21iMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvQWw1bVgtcTNWMlFUenJxellpLTQyNnh6YldJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSuSMA0G
CSqGSIb3DQEBCwUAA4IBAQA0jZayHXn45oKC/iuHc+d4iZKtQTrGmUgJ9GiW5ePq
TG36h28nLqAUrXXQhxiwm9of56ezw4RpwBFjHNmy7HR+h6wEOdYuORFvIG0Yew2N
A0MCtQWYZu87aNwRxFnh58DZM64ojGv147de1teOXJaaJLkwI2yAR/6/5J+owW10
0Mx7ZudYMzKEXkZuWCYghVWqrsj9tCeGhqGqT7B0D0lBD9rS1m/P/0eZWIjhxbmW
BXAfhuG3Vh8NQ7WoSNRTJpFQ9wVY+9KOk36QrMz/kBddEaIjcbXGCa7n+feFR3V+
nf+jNY1QqwOX5XfAYg1iTKjVASpWiOsTizSsVHt6XRhu
-----END CERTIFICATE-----
Generated at Sun Jul 27 02:22:07 2025 by rpki-client