Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/9ICBQLnw4KYlNpVU3q1-zCoQXgA.roa
File: 9ICBQLnw4KYlNpVU3q1-zCoQXgA.roa (raw, json)
Hash identifier: 1dbHl9p4RSCPYeVRNmr/+bUsh3avzsUTmtL2WVQI5ow=
Subject key identifier: F4:80:81:40:B9:F0:E0:A6:25:36:95:54:DE:AD:7E:CC:2A:10:5E:00
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0197A6ACEDF806E2B50C56DADBD6FD038AD2
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/9ICBQLnw4KYlNpVU3q1-zCoQXgA.roa
Signing time: Wed 25 Jun 2025 10:40:40 +0000
ROA not before: Wed 25 Jun 2025 10:40:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200436
IP address blocks: 45.94.215.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
188.240.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 27 Jun 2025 06:39:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:ac:ed:f8:06:e2:b5:0c:56:da:db:d6:fd:03:8a:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Jun 25 10:40:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4808140b9f0e0a625369554dead7ecc2a105e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:a1:3a:12:8a:d4:49:3a:b5:1c:83:2e:91:c8:
4a:90:dc:37:e6:ac:0a:88:c0:2a:42:63:18:b0:78:
1b:15:7b:b3:42:d1:b1:e0:a9:0f:03:cd:b2:a9:ce:
21:bf:f9:27:6c:bf:52:8f:cb:d8:63:3e:6c:f9:6b:
e5:13:a8:0c:c1:f0:fd:e9:67:1d:00:8d:c7:34:68:
09:f8:3d:46:de:77:ae:e4:1d:91:a1:0e:2c:03:4c:
81:06:e5:f3:55:c1:44:68:6e:1d:4b:89:16:c4:bd:
7f:9f:74:0b:b7:78:dc:fc:42:05:10:89:1d:f3:91:
e7:c6:c7:79:02:ac:0c:d5:d4:cb:03:1b:3a:5d:91:
54:cb:f9:82:f4:e8:14:f9:20:b1:4c:f7:b2:41:70:
b7:c9:b0:ed:41:1c:50:30:cd:d8:9a:15:92:03:36:
15:16:2d:f4:b4:6b:2d:e1:25:08:04:f7:0d:98:58:
ef:28:74:e0:75:2c:20:c5:8e:e3:4b:4c:8a:97:dc:
23:31:68:fb:7d:35:47:a8:d6:37:41:8b:8d:a1:e5:
4c:e9:21:4c:08:eb:85:cf:9d:9d:2e:4e:10:3b:e6:
85:68:a3:ea:b0:95:04:2e:20:84:fe:24:34:da:8f:
5c:17:9d:f2:d1:a5:6b:b9:8b:29:85:ff:9f:53:b4:
5e:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:80:81:40:B9:F0:E0:A6:25:36:95:54:DE:AD:7E:CC:2A:10:5E:00
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/9ICBQLnw4KYlNpVU3q1-zCoQXgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.94.215.0/24
185.3.200.0/24
188.240.196.0/24
Signature Algorithm: sha256WithRSAEncryption
99:88:d2:98:96:ad:37:0a:36:e4:7e:a4:e3:00:30:77:be:1a:
e0:9a:54:06:5d:09:76:f1:f4:ab:c5:a5:4e:f8:a4:ec:d1:92:
dd:ed:49:c7:37:bf:bc:1c:82:5e:04:81:5f:18:36:43:49:52:
6b:fe:a6:f8:ca:0b:37:ea:6c:10:a5:d9:96:d5:83:8a:f2:02:
b0:57:6c:06:fb:8c:ae:02:b8:56:aa:04:f4:4d:ef:0d:8f:de:
40:77:d7:ad:f0:72:5b:44:40:dc:7b:a7:15:95:62:71:f3:4e:
c1:79:d2:3e:79:b2:40:77:9a:40:4f:f7:25:59:6d:2d:68:ce:
fa:8c:74:c1:11:58:54:d9:76:d6:6b:d7:a6:c2:ac:b4:31:7a:
16:9e:be:1e:8e:e2:8b:03:6a:0a:c3:8a:47:06:2d:88:81:ab:
d2:f1:0b:9b:22:58:a1:aa:da:a4:aa:2e:45:00:10:67:41:f8:
f3:28:85:22:df:51:81:f5:f6:9f:d2:bd:f4:07:b8:cc:c9:4c:
69:7e:94:10:d2:9a:ca:bd:04:1a:ac:45:23:3b:36:cc:cf:06:
60:ff:3c:fa:78:8f:fb:62:14:1a:80:21:ab:c6:3b:5f:3d:e7:
bc:a9:4e:03:ae:29:76:23:b7:61:96:89:10:04:da:85:62:75:
49:40:a3:b6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZemrO34BuK1DFba29b9A4rSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUwNjI1MTA0MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDgwODE0MGI5ZjBlMGE2MjUzNjk1NTRkZWFkN2VjYzJhMTA1ZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwKE6EorUSTq1HIMukchKkNw35qwK
iMAqQmMYsHgbFXuzQtGx4KkPA82yqc4hv/knbL9Sj8vYYz5s+WvlE6gMwfD96Wcd
AI3HNGgJ+D1G3neu5B2RoQ4sA0yBBuXzVcFEaG4dS4kWxL1/n3QLt3jc/EIFEIkd
85Hnxsd5AqwM1dTLAxs6XZFUy/mC9OgU+SCxTPeyQXC3ybDtQRxQMM3YmhWSAzYV
Fi30tGst4SUIBPcNmFjvKHTgdSwgxY7jS0yKl9wjMWj7fTVHqNY3QYuNoeVM6SFM
COuFz52dLk4QO+aFaKPqsJUELiCE/iQ02o9cF53y0aVruYsphf+fU7ReOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPSAgUC58OCmJTaVVN6tfswqEF4AMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvOUlDQlFMbnc0S1lsTnBWVTNxMS16Q29RWGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALV7XAwQA
uQPIAwQAvPDEMA0GCSqGSIb3DQEBCwUAA4IBAQCZiNKYlq03CjbkfqTjADB3vhrg
mlQGXQl28fSrxaVO+KTs0ZLd7UnHN7+8HIJeBIFfGDZDSVJr/qb4ygs36mwQpdmW
1YOK8gKwV2wG+4yuArhWqgT0Te8Nj95Ad9et8HJbREDce6cVlWJx807BedI+ebJA
d5pAT/clWW0taM76jHTBEVhU2XbWa9emwqy0MXoWnr4ejuKLA2oKw4pHBi2IgavS
8QubIlihqtqkqi5FABBnQfjzKIUi31GB9faf0r30B7jMyUxpfpQQ0prKvQQarEUj
OzbMzwZg/zz6eI/7YhQagCGrxjtfPee8qU4Dril2I7dhlokQBNqFYnVJQKO2
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:32:42 2025 by rpki-client