Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/iZaxiuKsGW8nCl4ywq1DDzP9uP8.roa
File: iZaxiuKsGW8nCl4ywq1DDzP9uP8.roa (raw, json)
Hash identifier: 3VSh9lfcXiErXJ52zTNsZvZGyud2kFmIlMBe73jL7Ck=
Subject key identifier: 89:96:B1:8A:E2:AC:19:6F:27:0A:5E:32:C2:AD:43:0F:33:FD:B8:FF
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0197A6A1074C56E88685A53C4FF9E5E656E8
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/iZaxiuKsGW8nCl4ywq1DDzP9uP8.roa
Signing time: Wed 25 Jun 2025 10:27:40 +0000
ROA not before: Wed 25 Jun 2025 10:27:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210415
IP address blocks: 2.59.195.0/24 maxlen: 24
31.15.7.0/24 maxlen: 24
45.10.104.0/23 maxlen: 23
45.80.80.0/24 maxlen: 24
45.130.163.0/24 maxlen: 24
45.137.12.0/23 maxlen: 24
45.137.139.0/24 maxlen: 24
45.145.135.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
89.42.113.0/24 maxlen: 24
91.132.30.0/24 maxlen: 24
178.19.42.0/24 maxlen: 24
185.226.192.0/24 maxlen: 24
185.231.187.0/24 maxlen: 24
185.246.15.0/24 maxlen: 24
201.49.188.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Jul 2025 15:37:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:a1:07:4c:56:e8:86:85:a5:3c:4f:f9:e5:e6:56:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jun 25 10:27:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8996b18ae2ac196f270a5e32c2ad430f33fdb8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:76:5a:23:d3:89:54:b7:19:26:ff:f1:92:35:
2f:d0:76:c1:53:59:de:40:d3:d0:dd:c0:e7:3f:e2:
68:83:f7:98:4f:fa:5b:4d:1e:9f:3a:0d:ed:90:ba:
65:27:4f:28:dc:6e:26:1f:29:58:d6:77:1b:78:00:
0a:9b:64:59:cc:83:00:ab:c8:04:2c:a0:d8:98:0e:
a6:24:bd:fb:e1:e0:15:f5:06:6b:7a:6f:71:e3:51:
c5:a4:f3:4f:30:a1:76:33:a2:6f:3f:1a:5d:c8:6c:
9a:35:8a:0a:57:4b:bd:a8:58:c6:06:25:27:9d:30:
dd:0b:1f:4c:3b:b5:82:c8:94:ac:27:08:be:a5:42:
cf:c9:e5:e8:cd:63:d6:ac:1f:5e:fd:ad:31:0a:7b:
cc:d7:b9:77:e5:45:65:4f:de:4e:cc:8a:4b:1f:9a:
51:7b:88:af:e1:04:82:b5:6a:3f:17:30:78:7e:88:
d6:4c:36:ac:d4:0d:75:10:00:8a:53:dd:d2:db:b1:
0a:12:4f:a2:e8:fa:67:a1:a3:24:f6:88:a6:d0:dc:
bf:95:ae:5a:48:c1:e0:70:ec:de:64:7d:c0:cf:6b:
31:df:e1:14:8d:42:5a:43:5c:47:fb:85:8d:b2:97:
95:6f:73:d1:c7:7f:dd:99:26:f5:e7:31:20:19:d8:
ab:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:96:B1:8A:E2:AC:19:6F:27:0A:5E:32:C2:AD:43:0F:33:FD:B8:FF
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/iZaxiuKsGW8nCl4ywq1DDzP9uP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.195.0/24
31.15.7.0/24
45.10.104.0/23
45.80.80.0/24
45.130.163.0/24
45.137.12.0/23
45.137.139.0/24
45.145.135.0/24
80.66.125.0/24
89.42.113.0/24
91.132.30.0/24
178.19.42.0/24
185.226.192.0/24
185.231.187.0/24
185.246.15.0/24
201.49.188.0/24
Signature Algorithm: sha256WithRSAEncryption
72:2e:dc:1a:35:2e:ae:4f:e2:58:95:28:6f:b9:01:82:46:26:
11:f5:dd:6a:4a:5d:61:c7:f9:e4:0e:e6:59:69:f6:f3:db:67:
71:8b:fe:66:80:5e:60:45:71:d0:33:73:aa:7a:47:14:ea:3c:
75:ba:76:0c:ce:d8:d6:34:9d:af:18:80:63:78:c8:34:eb:8c:
75:34:c3:c0:f0:6a:2b:ec:b5:63:ec:f9:df:47:0a:d3:ac:0c:
85:c6:16:ab:b2:51:84:36:b6:cd:a0:a6:2b:4e:dd:d0:6d:a6:
94:49:a3:1c:ed:dc:5a:f5:e4:46:34:07:a3:2b:35:3b:40:fb:
bf:f7:82:64:53:e0:07:58:59:cc:33:84:66:a7:0a:da:32:4c:
84:cf:ad:79:0f:d6:14:db:59:4d:83:51:4a:ad:f8:3f:0d:d5:
f1:0a:46:94:fc:de:0d:74:ac:b2:f0:60:9f:a7:98:bd:77:da:
b2:de:c0:ca:e2:b5:83:58:ba:cd:71:e7:10:ed:5a:45:41:89:
02:ba:65:e0:be:30:a8:07:5c:07:b7:bf:34:54:90:a5:9b:34:
67:40:f5:43:f9:11:3b:7f:d3:95:ad:cd:41:02:21:ee:a8:6c:
7c:0e:c8:5c:d3:55:5a:f5:9d:d8:2f:4f:b4:17:0d:a0:a4:16:
6e:fd:03:fc
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZemoQdMVuiGhaU8T/nl5lboMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwNjI1MTAyNzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTk2YjE4YWUyYWMxOTZmMjcwYTVlMzJjMmFkNDMwZjMzZmRiOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk3ZaI9OJVLcZJv/xkjUv0HbBU1ne
QNPQ3cDnP+Jog/eYT/pbTR6fOg3tkLplJ08o3G4mHylY1ncbeAAKm2RZzIMAq8gE
LKDYmA6mJL374eAV9QZrem9x41HFpPNPMKF2M6JvPxpdyGyaNYoKV0u9qFjGBiUn
nTDdCx9MO7WCyJSsJwi+pULPyeXozWPWrB9e/a0xCnvM17l35UVlT95OzIpLH5pR
e4iv4QSCtWo/FzB4fojWTDas1A11EACKU93S27EKEk+i6PpnoaMk9oim0Ny/la5a
SMHgcOzeZH3Az2sx3+EUjUJaQ1xH+4WNspeVb3PRx3/dmSb15zEgGdir+QIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFImWsYrirBlvJwpeMsKtQw8z/bj/MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvaVpheGl1S3NHVzhuQ2w0eXdxMUREelA5dVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAAjvDAwQA
Hw8HAwQBLQpoAwQALVBQAwQALYKjAwQBLYkMAwQALYmLAwQALZGHAwQAUEJ9AwQA
WSpxAwQAW4QeAwQAshMqAwQAueLAAwQAuee7AwQAufYPAwQAyTG8MA0GCSqGSIb3
DQEBCwUAA4IBAQByLtwaNS6uT+JYlShvuQGCRiYR9d1qSl1hx/nkDuZZafbz22dx
i/5mgF5gRXHQM3OqekcU6jx1unYMztjWNJ2vGIBjeMg064x1NMPA8Gor7LVj7Pnf
RwrTrAyFxharslGENrbNoKYrTt3QbaaUSaMc7dxa9eRGNAejKzU7QPu/94JkU+AH
WFnMM4RmpwraMkyEz615D9YU21lNg1FKrfg/DdXxCkaU/N4NdKyy8GCfp5i9d9qy
3sDK4rWDWLrNcecQ7VpFQYkCumXgvjCoB1wHt780VJClmzRnQPVD+RE7f9OVrc1B
AiHuqGx8Dshc01Va9Z3YL0+0Fw2gpBZu/QP8
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:58:19 2025 by rpki-client