Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/IVmMDFZ_8cv7YoE8LQlruGovl24.roa
File: IVmMDFZ_8cv7YoE8LQlruGovl24.roa (raw, json)
Hash identifier: C8dq9Qr8wdLwoOtpKr8ONWYQ+tY/UfaCKUpALnbMml4=
Subject key identifier: 21:59:8C:0C:56:7F:F1:CB:FB:62:81:3C:2D:09:6B:B8:6A:2F:97:6E
Certificate issuer: /CN=6998500402c8215cf571073a495cdc80c742f2cc
Certificate serial: 01980B396938B3EDAE81E2744AD64878FB86
Authority key identifier: 69:98:50:04:02:C8:21:5C:F5:71:07:3A:49:5C:DC:80:C7:42:F2:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZhQBALIIVz1cQc6SVzcgMdC8sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/IVmMDFZ_8cv7YoE8LQlruGovl24.roa
Signing time: Mon 14 Jul 2025 23:16:08 +0000
ROA not before: Mon 14 Jul 2025 23:16:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197784
IP address blocks: 31.13.8.0/21 maxlen: 21
77.243.152.0/22 maxlen: 24
185.152.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 14 Jul 2025 23:36:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0b:39:69:38:b3:ed:ae:81:e2:74:4a:d6:48:78:fb:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6998500402c8215cf571073a495cdc80c742f2cc
Validity
Not Before: Jul 14 23:16:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21598c0c567ff1cbfb62813c2d096bb86a2f976e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d2:83:d6:19:a1:d5:ca:dc:cb:0d:e3:bb:2a:
b1:e6:20:ef:62:9d:6e:6e:24:9a:6d:bb:2b:3f:c1:
30:ae:3b:72:06:bd:68:58:ed:69:ac:d3:7c:57:8f:
f2:f9:c0:40:e2:71:ae:f0:1a:fa:29:ed:54:5e:2a:
d5:38:6d:63:07:77:af:e9:97:8c:44:16:29:29:b7:
14:8c:e9:e3:66:df:e8:47:1f:e8:2d:12:9b:81:f9:
2b:b7:68:b7:49:b2:a0:ac:8c:be:cc:53:76:99:44:
5b:c7:74:fa:26:ff:eb:92:e3:d1:12:29:6c:c4:97:
ce:7d:2b:90:ba:44:48:2d:f6:8e:d5:6b:2f:5f:16:
76:a2:29:d5:0f:1b:12:4d:20:d8:fc:26:6b:32:31:
06:28:72:36:ce:ad:ec:94:6b:e6:69:89:9b:a7:95:
a2:62:f3:01:d9:8b:68:1c:09:4b:00:ae:4b:c1:c3:
cb:28:97:3e:f5:21:dd:6f:f4:e8:fa:1f:84:b6:e0:
c1:95:ae:1b:2e:9f:d1:69:ee:9b:56:72:85:d5:55:
71:27:ba:64:aa:64:cd:c7:57:25:37:13:67:8b:53:
76:c8:8f:ec:d5:54:9c:d0:35:19:9f:97:fe:2e:48:
dd:8f:15:8a:00:03:4f:78:14:41:2f:3c:8b:e6:d0:
05:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:59:8C:0C:56:7F:F1:CB:FB:62:81:3C:2D:09:6B:B8:6A:2F:97:6E
X509v3 Authority Key Identifier:
keyid:69:98:50:04:02:C8:21:5C:F5:71:07:3A:49:5C:DC:80:C7:42:F2:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZhQBALIIVz1cQc6SVzcgMdC8sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/IVmMDFZ_8cv7YoE8LQlruGovl24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/aZhQBALIIVz1cQc6SVzcgMdC8sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.8.0/21
77.243.152.0/22
185.152.228.0/22
Signature Algorithm: sha256WithRSAEncryption
56:cd:3e:0c:1a:b5:a0:94:83:00:e5:a5:94:15:13:78:65:d4:
39:17:a0:f2:0e:11:d3:1b:ca:aa:11:0a:46:1c:cd:41:5c:15:
c8:f8:dc:45:83:ff:27:d4:04:93:47:8e:e7:df:e5:f9:90:d6:
37:e4:7e:d3:90:2d:f9:4b:83:f9:00:d9:db:88:b5:80:d2:87:
86:da:96:d7:e5:72:cd:69:a1:f9:1e:8e:88:59:43:35:94:ef:
49:cb:b4:df:c3:d3:3c:eb:d4:8a:46:ba:e2:d9:8a:a2:54:21:
f4:5c:16:49:94:b3:7a:3b:f8:51:d3:98:b6:c6:8b:12:00:af:
85:b5:6b:80:5e:11:e3:d7:7f:08:76:3f:7f:28:50:39:70:be:
34:74:43:0e:28:63:37:8b:43:e9:c3:00:83:46:af:c8:a4:5e:
b7:4c:7d:3e:66:53:de:47:06:e9:a3:e5:48:79:11:f9:22:d2:
c2:58:a1:b4:70:07:c3:ef:4c:1a:5e:53:09:43:32:04:c8:4a:
a2:b6:d2:73:9a:26:f3:5f:2d:e2:6e:6f:b4:f3:0c:db:82:4b:
2b:6e:c4:a5:92:d8:49:05:a1:53:4a:e5:d6:68:d1:40:5a:0f:
28:15:04:ed:f4:a3:7e:e3:e8:9c:6a:bb:5e:4c:ae:83:e4:85:
1d:ae:51:da
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgLOWk4s+2ugeJ0StZIePuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTg1MDA0MDJjODIxNWNmNTcxMDczYTQ5NWNkYzgwYzc0
MmYyY2MwHhcNMjUwNzE0MjMxNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTU5OGMwYzU2N2ZmMWNiZmI2MjgxM2MyZDA5NmJiODZhMmY5NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsdKD1hmh1crcyw3juyqx5iDvYp1u
biSabbsrP8EwrjtyBr1oWO1prNN8V4/y+cBA4nGu8Br6Ke1UXirVOG1jB3ev6ZeM
RBYpKbcUjOnjZt/oRx/oLRKbgfkrt2i3SbKgrIy+zFN2mURbx3T6Jv/rkuPREils
xJfOfSuQukRILfaO1WsvXxZ2oinVDxsSTSDY/CZrMjEGKHI2zq3slGvmaYmbp5Wi
YvMB2YtoHAlLAK5LwcPLKJc+9SHdb/To+h+EtuDBla4bLp/Rae6bVnKF1VVxJ7pk
qmTNx1clNxNni1N2yI/s1VSc0DUZn5f+LkjdjxWKAANPeBRBLzyL5tAFdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCFZjAxWf/HL+2KBPC0Ja7hqL5duMB8GA1UdIwQY
MBaAFGmYUAQCyCFc9XEHOklc3IDHQvLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpoUUJBTElJVnoxY1FjNlNWemNnTWRDOHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wNTdhZTgtMGNiNy00ZTE0LThhNWIt
MTg5MDI4ZjMzOTZjLzEvSVZtTURGWl84Y3Y3WW9FOExRbHJ1R292bDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wNTdhZTgtMGNiNy00ZTE0LThhNWItMTg5MDI4ZjMzOTZj
LzEvYVpoUUJBTElJVnoxY1FjNlNWemNnTWRDOHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHw0IAwQC
TfOYAwQCuZjkMA0GCSqGSIb3DQEBCwUAA4IBAQBWzT4MGrWglIMA5aWUFRN4ZdQ5
F6DyDhHTG8qqEQpGHM1BXBXI+NxFg/8n1ASTR47n3+X5kNY35H7TkC35S4P5ANnb
iLWA0oeG2pbX5XLNaaH5Ho6IWUM1lO9Jy7Tfw9M869SKRrri2YqiVCH0XBZJlLN6
O/hR05i2xosSAK+FtWuAXhHj138Idj9/KFA5cL40dEMOKGM3i0PpwwCDRq/IpF63
TH0+ZlPeRwbpo+VIeRH5ItLCWKG0cAfD70waXlMJQzIEyEqittJzmibzXy3ibm+0
8wzbgksrbsSlkthJBaFTSuXWaNFAWg8oFQTt9KN+4+icarteTK6D5IUdrlHa
-----END CERTIFICATE-----
Generated at Sun Jul 27 16:32:17 2025 by rpki-client