Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/2SUP94HXGckajUVLMgZ8jnyLbUM.roa
File: 2SUP94HXGckajUVLMgZ8jnyLbUM.roa (raw, json)
Hash identifier: alLkKU8RB+lwIvjkORQUKuE2/I4n1V2Fp+/1xeu7Mlk=
Subject key identifier: D9:25:0F:F7:81:D7:19:C9:1A:8D:45:4B:32:06:7C:8E:7C:8B:6D:43
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0197A72C30629A5979EEE0AE558889BF5309
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/2SUP94HXGckajUVLMgZ8jnyLbUM.roa
Signing time: Wed 25 Jun 2025 12:59:40 +0000
ROA not before: Wed 25 Jun 2025 12:59:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207350
IP address blocks: 109.122.252.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Jun 2025 11:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:2c:30:62:9a:59:79:ee:e0:ae:55:88:89:bf:53:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jun 25 12:59:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9250ff781d719c91a8d454b32067c8e7c8b6d43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:92:e9:15:c8:b0:89:fd:f1:b5:91:52:67:4d:
61:71:2d:02:ca:49:31:a8:56:64:03:77:ba:02:9d:
f9:93:36:7b:1c:73:3a:19:b6:8a:f8:f4:9e:1e:38:
d2:1c:d4:a5:aa:e7:65:a8:81:a1:84:d5:5d:48:93:
2f:3f:57:59:45:62:90:97:0b:ae:4c:27:84:03:be:
a5:8f:9b:15:a0:38:44:25:1a:7e:33:e8:f7:fc:0d:
ef:23:cb:c4:d2:4a:96:a5:8b:69:06:28:b4:21:2e:
f8:1a:02:64:05:ee:76:e2:f8:d8:02:bb:11:82:f5:
bc:c3:18:52:84:f6:cb:6f:91:26:eb:1b:59:25:b9:
0c:db:15:46:cd:41:2e:9b:c2:c2:85:51:65:eb:46:
ab:86:db:1a:8b:f5:d0:9a:90:72:ad:e3:78:2a:15:
ff:0e:7d:fd:d0:84:d6:cd:7d:ef:01:00:8d:b7:ea:
80:00:22:af:26:b2:27:30:8d:46:7c:fc:e1:6d:bb:
8d:c3:84:11:72:54:2e:9c:1a:cb:86:cf:93:19:51:
e4:bb:85:1c:b8:9d:ea:d7:75:d9:a4:9e:a0:c6:d8:
8c:5d:bc:45:69:94:10:e0:60:b3:64:2f:44:58:20:
30:57:99:07:52:17:ed:9e:57:84:6d:dd:a9:c9:af:
ee:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:25:0F:F7:81:D7:19:C9:1A:8D:45:4B:32:06:7C:8E:7C:8B:6D:43
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/2SUP94HXGckajUVLMgZ8jnyLbUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.252.0/24
Signature Algorithm: sha256WithRSAEncryption
45:89:65:1c:19:44:c8:c3:da:01:70:e6:c6:dc:5b:b8:05:56:
65:1f:ae:5d:9b:bc:44:8a:eb:09:a2:db:a8:45:de:f4:55:f9:
41:b3:f0:15:c8:81:de:66:49:b5:35:79:c3:7b:b6:0e:a4:69:
6f:1e:98:69:bd:e5:f4:69:04:d9:fe:8f:c8:d8:9c:25:28:e2:
d9:37:27:0e:6f:25:bd:14:98:a4:dc:90:92:90:30:c7:5f:36:
bf:6c:19:f9:0b:61:f4:2a:3f:b7:b4:be:d4:8d:b8:87:8e:46:
c1:68:48:b0:dc:c4:fd:0c:6a:96:f8:ab:88:be:a0:16:1f:a3:
aa:e5:25:27:4e:0d:44:45:88:c5:dd:d6:13:81:2c:2f:a2:16:
dd:cd:df:05:5f:3b:77:33:08:60:ac:e1:0b:8e:f8:55:08:19:
62:a0:93:83:28:ff:b1:1e:50:84:7f:48:16:ea:2c:54:24:08:
b0:5f:1c:76:80:fd:9d:dd:71:fb:e7:4a:13:ac:65:49:d6:fc:
ae:00:79:4e:e6:ff:69:b2:e7:29:f0:50:64:5e:e2:96:81:20:
de:87:8c:ce:ab:d0:08:2a:9d:a4:7f:14:9b:65:0a:7d:2c:f5:
51:d9:16:56:6a:c0:58:01:fc:fb:3a:05:e7:55:12:3b:29:04:
aa:3c:a6:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZenLDBimll57uCuVYiJv1MJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwNjI1MTI1OTQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTI1MGZmNzgxZDcxOWM5MWE4ZDQ1NGIzMjA2N2M4ZTdjOGI2ZDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZLpFciwif3xtZFSZ01hcS0Cykkx
qFZkA3e6Ap35kzZ7HHM6GbaK+PSeHjjSHNSlqudlqIGhhNVdSJMvP1dZRWKQlwuu
TCeEA76lj5sVoDhEJRp+M+j3/A3vI8vE0kqWpYtpBii0IS74GgJkBe524vjYArsR
gvW8wxhShPbLb5Em6xtZJbkM2xVGzUEum8LChVFl60arhtsai/XQmpByreN4KhX/
Dn390ITWzX3vAQCNt+qAACKvJrInMI1GfPzhbbuNw4QRclQunBrLhs+TGVHku4Uc
uJ3q13XZpJ6gxtiMXbxFaZQQ4GCzZC9EWCAwV5kHUhftnleEbd2pya/upwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNklD/eB1xnJGo1FSzIGfI58i21DMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvMlNVUDk0SFhHY2thalVWTE1nWjhqbnlMYlVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXr8MA0G
CSqGSIb3DQEBCwUAA4IBAQBFiWUcGUTIw9oBcObG3Fu4BVZlH65dm7xEiusJotuo
Rd70VflBs/AVyIHeZkm1NXnDe7YOpGlvHphpveX0aQTZ/o/I2JwlKOLZNycObyW9
FJik3JCSkDDHXza/bBn5C2H0Kj+3tL7UjbiHjkbBaEiw3MT9DGqW+KuIvqAWH6Oq
5SUnTg1ERYjF3dYTgSwvohbdzd8FXzt3MwhgrOELjvhVCBlioJODKP+xHlCEf0gW
6ixUJAiwXxx2gP2d3XH750oTrGVJ1vyuAHlO5v9psucp8FBkXuKWgSDeh4zOq9AI
Kp2kfxSbZQp9LPVR2RZWasBYAfz7OgXnVRI7KQSqPKau
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:22:30 2025 by rpki-client