Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/Z-pKLlGwYkPTko__ChucdfyqfkM.roa
File: Z-pKLlGwYkPTko__ChucdfyqfkM.roa (raw, json)
Hash identifier: hWauNA5SWZI0tFvnZ6995wXvatvZU7vVoaKrBfaekVk=
Subject key identifier: 67:EA:4A:2E:51:B0:62:43:D3:92:8F:FF:0A:1B:9C:75:FC:AA:7E:43
Certificate issuer: /CN=6998500402c8215cf571073a495cdc80c742f2cc
Certificate serial: 01980AFDE6F30560E26BFFF7F7BFA9531762
Authority key identifier: 69:98:50:04:02:C8:21:5C:F5:71:07:3A:49:5C:DC:80:C7:42:F2:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZhQBALIIVz1cQc6SVzcgMdC8sw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/Z-pKLlGwYkPTko__ChucdfyqfkM.roa
Signing time: Mon 14 Jul 2025 22:11:08 +0000
ROA not before: Mon 14 Jul 2025 22:11:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197784
IP address blocks: 31.13.8.0/21 maxlen: 21
77.243.152.0/22 maxlen: 22
185.152.228.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 14 Jul 2025 23:16:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0a:fd:e6:f3:05:60:e2:6b:ff:f7:f7:bf:a9:53:17:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6998500402c8215cf571073a495cdc80c742f2cc
Validity
Not Before: Jul 14 22:11:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ea4a2e51b06243d3928fff0a1b9c75fcaa7e43
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bb:f7:3a:b5:f9:39:93:30:04:da:55:9d:43:
d0:17:66:72:f4:41:88:ac:cc:4a:3a:b0:4a:8c:27:
e6:c7:ed:ba:7d:f3:d4:7b:4c:16:d3:03:23:f8:8d:
0b:e7:37:37:68:02:f5:6e:ee:7a:38:b6:7e:cf:e8:
69:3b:c3:3c:15:d9:ac:af:4a:5e:73:77:2a:5d:9e:
9d:fb:49:4d:b4:a7:b0:1c:c8:c8:10:a8:37:8e:98:
54:98:cb:10:4a:8b:8d:12:c5:55:52:a7:75:f1:ec:
df:82:6d:1e:4d:82:29:59:f7:69:14:62:0f:ef:08:
9c:73:76:23:d3:07:b3:5b:b2:47:3e:ef:25:ff:bd:
06:45:dc:1a:93:ca:41:84:31:5d:2f:5d:6a:1a:07:
5d:56:ae:56:03:b0:49:1a:39:dd:c2:7a:90:71:a7:
4a:bb:ff:ad:a6:ab:c0:1c:e4:ae:19:24:00:c8:3f:
8e:da:89:36:52:e8:9b:43:99:a3:80:95:ea:12:8d:
11:f6:82:ff:dc:6e:7f:b6:ab:ed:36:36:1d:5e:6f:
4b:f5:09:cf:54:d4:c9:19:91:c2:c3:a4:26:de:3d:
28:35:b5:e9:c8:6d:6b:3d:14:3e:23:ce:75:ea:78:
55:c0:ed:86:52:b8:5f:e3:39:49:42:2e:59:48:f2:
5a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EA:4A:2E:51:B0:62:43:D3:92:8F:FF:0A:1B:9C:75:FC:AA:7E:43
X509v3 Authority Key Identifier:
keyid:69:98:50:04:02:C8:21:5C:F5:71:07:3A:49:5C:DC:80:C7:42:F2:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZhQBALIIVz1cQc6SVzcgMdC8sw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/Z-pKLlGwYkPTko__ChucdfyqfkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/057ae8-0cb7-4e14-8a5b-189028f3396c/1/aZhQBALIIVz1cQc6SVzcgMdC8sw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.8.0/21
77.243.152.0/22
185.152.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:c3:4c:a1:a6:b1:a9:71:b0:5b:64:b3:68:b9:24:db:cc:e5:
ef:92:75:3d:6f:dc:00:e9:ba:e7:a0:80:00:5b:b0:5e:c6:f0:
65:84:51:bb:e2:1a:dc:de:c6:00:3e:0e:05:95:4e:f1:cd:a1:
47:49:df:23:e1:ed:3f:d5:90:70:ed:44:52:7e:06:00:56:36:
2e:97:be:12:2e:b4:2d:95:4c:4d:79:68:9b:f1:76:fb:64:de:
10:06:a4:f1:8f:70:c1:b8:a0:f7:7c:ec:47:7c:f6:ef:89:4c:
71:79:2b:28:ee:3e:93:29:04:d9:26:e3:9d:0e:74:97:95:35:
bc:e7:67:c6:70:13:f1:c5:e5:5b:34:eb:e3:81:be:c3:be:76:
92:1e:42:97:a0:7b:ba:5a:43:90:1d:16:8f:7e:d8:39:a2:0a:
e3:97:71:97:fe:d7:24:a0:d1:f0:5a:7c:49:06:53:91:59:7c:
36:fd:bf:0b:7a:83:4b:17:4e:7f:c3:7d:dd:c4:f5:c3:10:1b:
bc:80:77:8a:4f:a7:60:3c:ef:02:b7:64:a4:d6:e4:4b:e9:32:
75:f2:f5:11:1e:96:66:3d:f9:82:aa:41:d6:39:00:7d:1d:47:
94:db:2e:ce:6f:c3:4f:21:47:1e:fa:da:00:d1:70:b7:82:5f:
a0:93:c9:a4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgK/ebzBWDia//397+pUxdiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTg1MDA0MDJjODIxNWNmNTcxMDczYTQ5NWNkYzgwYzc0
MmYyY2MwHhcNMjUwNzE0MjIxMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VhNGEyZTUxYjA2MjQzZDM5MjhmZmYwYTFiOWM3NWZjYWE3ZTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbv3OrX5OZMwBNpVnUPQF2Zy9EGI
rMxKOrBKjCfmx+26ffPUe0wW0wMj+I0L5zc3aAL1bu56OLZ+z+hpO8M8Fdmsr0pe
c3cqXZ6d+0lNtKewHMjIEKg3jphUmMsQSouNEsVVUqd18ezfgm0eTYIpWfdpFGIP
7wicc3Yj0wezW7JHPu8l/70GRdwak8pBhDFdL11qGgddVq5WA7BJGjndwnqQcadK
u/+tpqvAHOSuGSQAyD+O2ok2UuibQ5mjgJXqEo0R9oL/3G5/tqvtNjYdXm9L9QnP
VNTJGZHCw6Qm3j0oNbXpyG1rPRQ+I8516nhVwO2GUrhf4zlJQi5ZSPJa3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGfqSi5RsGJD05KP/wobnHX8qn5DMB8GA1UdIwQY
MBaAFGmYUAQCyCFc9XEHOklc3IDHQvLMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpoUUJBTElJVnoxY1FjNlNWemNnTWRDOHN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8wNTdhZTgtMGNiNy00ZTE0LThhNWIt
MTg5MDI4ZjMzOTZjLzEvWi1wS0xsR3dZa1BUa29fX0NodWNkZnlxZmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8wNTdhZTgtMGNiNy00ZTE0LThhNWItMTg5MDI4ZjMzOTZj
LzEvYVpoUUJBTElJVnoxY1FjNlNWemNnTWRDOHN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDHw0IAwQC
TfOYAwQCuZjkMA0GCSqGSIb3DQEBCwUAA4IBAQA6w0yhprGpcbBbZLNouSTbzOXv
knU9b9wA6brnoIAAW7BexvBlhFG74hrc3sYAPg4FlU7xzaFHSd8j4e0/1ZBw7URS
fgYAVjYul74SLrQtlUxNeWib8Xb7ZN4QBqTxj3DBuKD3fOxHfPbviUxxeSso7j6T
KQTZJuOdDnSXlTW852fGcBPxxeVbNOvjgb7DvnaSHkKXoHu6WkOQHRaPftg5ogrj
l3GX/tckoNHwWnxJBlORWXw2/b8LeoNLF05/w33dxPXDEBu8gHeKT6dgPO8Ct2Sk
1uRL6TJ18vURHpZmPfmCqkHWOQB9HUeU2y7Ob8NPIUce+toA0XC3gl+gk8mk
-----END CERTIFICATE-----
Generated at Sun Jul 27 16:39:25 2025 by rpki-client