Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/3ms5C0XHXcKzcD_hHzAq-X1-6kk.roa
File: 3ms5C0XHXcKzcD_hHzAq-X1-6kk.roa (raw, json)
Hash identifier: 5DPiK5VGE73efrS9OAfaGxq+6JXDBAj6lBgAcj6cDNE=
Subject key identifier: DE:6B:39:0B:45:C7:5D:C2:B3:70:3F:E1:1F:30:2A:F9:7D:7E:EA:49
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DA339A99778B0A492EB2A64E9EB7FE
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/3ms5C0XHXcKzcD_hHzAq-X1-6kk.roa
Signing time: Sun 06 Jul 2025 22:27:42 +0000
ROA not before: Sun 06 Jul 2025 22:27:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50113
IP address blocks: 91.217.77.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:da:33:9a:99:77:8b:0a:49:2e:b2:a6:4e:9e:b7:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:27:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de6b390b45c75dc2b3703fe11f302af97d7eea49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:46:33:df:06:a1:cb:c7:02:eb:64:76:03:3e:
a8:ab:8e:88:9a:28:1b:f0:13:42:c6:55:12:e2:77:
20:a7:03:2c:71:69:bb:6e:4a:17:dc:42:58:7c:21:
5f:45:ef:60:0a:30:b1:c9:77:21:fc:16:a1:ad:a7:
3a:f2:9f:c9:22:ff:1a:35:2e:3e:ec:c8:bc:31:7e:
06:03:8a:f1:48:0d:94:4e:0b:54:1b:e4:ac:33:bb:
ff:56:ab:6d:ec:d0:63:e7:e7:69:71:81:a4:92:74:
0b:79:c8:1e:32:f1:b6:3f:9c:48:ca:5e:3e:94:b5:
a2:36:b5:20:9e:db:82:f4:93:14:66:3f:5c:5c:41:
7d:8b:19:cf:b2:bc:0e:65:a1:aa:ef:79:6d:7d:ad:
20:4a:b4:d6:ae:59:b2:d5:8c:08:e6:6a:84:4a:eb:
7e:7e:cb:b0:1a:9a:97:b5:df:77:f4:aa:68:27:95:
2f:b4:92:cb:cc:12:08:f8:16:3d:0d:4d:c3:16:a3:
27:40:95:72:cd:56:f3:85:bb:44:e4:85:ac:e5:e3:
be:d4:70:b9:d6:3d:b0:ef:03:b7:c2:ab:f1:93:56:
2b:a9:c0:9a:d8:57:6a:0a:25:ef:3a:30:52:f9:fc:
24:1e:a9:65:2c:eb:82:7e:64:47:3b:21:91:7d:b1:
ed:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6B:39:0B:45:C7:5D:C2:B3:70:3F:E1:1F:30:2A:F9:7D:7E:EA:49
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/3ms5C0XHXcKzcD_hHzAq-X1-6kk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.77.0/24
Signature Algorithm: sha256WithRSAEncryption
29:7d:a9:ec:4a:21:8e:54:ae:7c:7e:c2:52:e6:ca:2d:91:3c:
35:16:6d:65:d5:a1:6c:6d:c0:47:ac:82:aa:4e:15:27:3f:7e:
06:56:75:9d:f0:7b:9a:81:d6:c6:cb:ec:ec:84:1a:26:37:24:
c1:74:ea:7d:7b:45:16:2b:00:54:6f:2e:30:e4:f1:93:47:e1:
b6:73:ea:cf:0c:6d:e9:e6:d6:07:42:ef:f1:b8:49:2f:b4:ad:
6f:a5:9e:43:d3:9f:a1:16:37:10:53:24:70:54:12:23:c8:3f:
7e:d3:a3:4c:f7:b4:18:2b:de:d6:30:1b:73:d1:88:a9:68:13:
30:46:cc:d1:52:5e:12:c9:19:b1:b0:4a:a9:2d:e6:9d:9f:16:
76:d4:36:f7:8f:04:5b:97:ff:12:0a:d8:bd:d9:e1:e3:06:49:
a1:7a:ef:92:92:e7:86:3f:17:ee:31:f9:43:26:0f:97:e4:64:
cd:3b:ea:ac:b2:c0:fc:c2:40:c3:e1:10:ea:20:e9:57:22:4f:
57:f7:9f:19:0d:76:7c:68:71:9e:82:8e:73:94:d4:10:00:bc:
32:ff:ed:8a:c3:87:97:f1:38:4a:6e:d9:d6:6e:5c:80:5c:e1:
9f:8a:4d:cd:3e:24:89:8a:77:c0:95:df:47:b8:1c:8c:f9:3c:
71:18:dc:0d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfh2jOamXeLCkkusqZOnrf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTZiMzkwYjQ1Yzc1ZGMyYjM3MDNmZTExZjMwMmFmOTdkN2VlYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0Yz3wahy8cC62R2Az6oq46Imigb
8BNCxlUS4ncgpwMscWm7bkoX3EJYfCFfRe9gCjCxyXch/Bahrac68p/JIv8aNS4+
7Mi8MX4GA4rxSA2UTgtUG+SsM7v/Vqtt7NBj5+dpcYGkknQLecgeMvG2P5xIyl4+
lLWiNrUgntuC9JMUZj9cXEF9ixnPsrwOZaGq73ltfa0gSrTWrlmy1YwI5mqESut+
fsuwGpqXtd939KpoJ5UvtJLLzBII+BY9DU3DFqMnQJVyzVbzhbtE5IWs5eO+1HC5
1j2w7wO3wqvxk1YrqcCa2FdqCiXvOjBS+fwkHqllLOuCfmRHOyGRfbHtpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFN5rOQtFx13Cs3A/4R8wKvl9fupJMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvM21zNUMwWEhYY0t6Y0RfaEh6QXEtWDEtNmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9lNMA0G
CSqGSIb3DQEBCwUAA4IBAQApfansSiGOVK58fsJS5sotkTw1Fm1l1aFsbcBHrIKq
ThUnP34GVnWd8HuagdbGy+zshBomNyTBdOp9e0UWKwBUby4w5PGTR+G2c+rPDG3p
5tYHQu/xuEkvtK1vpZ5D05+hFjcQUyRwVBIjyD9+06NM97QYK97WMBtz0YipaBMw
RszRUl4SyRmxsEqpLeadnxZ21Db3jwRbl/8SCti92eHjBkmheu+SkueGPxfuMflD
Jg+X5GTNO+qsssD8wkDD4RDqIOlXIk9X958ZDXZ8aHGego5zlNQQALwy/+2Kw4eX
8ThKbtnWblyAXOGfik3NPiSJinfAld9HuByM+TxxGNwN
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:24:13 2025 by rpki-client