Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/CyqCk4AaJymj-Na38tM9FpXSETM.roa
File: CyqCk4AaJymj-Na38tM9FpXSETM.roa (raw, json)
Hash identifier: B4ctvH5LIrMwneiFcTxjklOz8SiFKL/AUjlWk8I3zas=
Subject key identifier: 0B:2A:82:93:80:1A:27:29:A3:F8:D6:B7:F2:D3:3D:16:95:D2:11:33
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DA325EE89F9297647A2335ECB09FC4
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/CyqCk4AaJymj-Na38tM9FpXSETM.roa
Signing time: Sun 06 Jul 2025 22:27:42 +0000
ROA not before: Sun 06 Jul 2025 22:27:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35196
IP address blocks: 185.105.117.240/32 maxlen: 32
193.109.85.20/32 maxlen: 32
193.124.176.10/32 maxlen: 32
193.124.176.104/32 maxlen: 32
193.124.176.142/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:09:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:da:32:5e:e8:9f:92:97:64:7a:23:35:ec:b0:9f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:27:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b2a8293801a2729a3f8d6b7f2d33d1695d21133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:65:01:08:b3:83:51:db:eb:dd:f7:9d:a0:fd:
bf:d3:98:e9:4f:06:cc:67:0b:0b:8b:d8:ab:64:b3:
a0:8c:16:21:8d:4d:e0:41:ed:53:69:ce:67:d3:75:
68:fc:cf:61:3d:11:80:0c:fe:4f:57:67:1e:6a:a0:
a0:b5:f8:ea:7e:eb:c6:2c:d0:6f:ed:5c:ea:de:ec:
61:fd:90:88:b4:c9:30:64:a2:b7:c9:63:c3:e2:96:
12:8f:8f:a7:43:69:84:a4:bb:8f:60:01:94:f8:b7:
60:f2:a7:4b:a7:e4:54:d3:ed:d9:26:fe:06:ad:c1:
00:12:b7:82:7e:5c:1d:fa:91:37:db:d1:e0:81:56:
87:e0:74:5f:d3:cf:f6:49:4e:dd:b2:b2:2b:64:07:
6d:bc:8f:57:36:63:c9:6f:c5:cf:77:79:cf:50:7f:
de:70:f8:d3:39:8f:4f:f8:1d:03:34:6e:ed:18:c9:
79:e8:62:7c:6e:30:36:a2:af:5d:fe:08:86:62:33:
5a:c3:dd:2a:90:f7:8a:61:8c:6f:b3:da:69:04:e1:
f0:fd:07:94:40:dd:81:3a:26:c8:38:2a:7c:6a:44:
dd:d3:e3:35:63:a8:1b:a8:fb:d8:71:41:46:57:e7:
79:a0:0e:5d:b1:0a:82:45:77:d9:e0:54:e0:6b:b1:
44:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:2A:82:93:80:1A:27:29:A3:F8:D6:B7:F2:D3:3D:16:95:D2:11:33
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/CyqCk4AaJymj-Na38tM9FpXSETM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.105.117.240/32
193.109.85.20/32
193.124.176.10/32
193.124.176.104/32
193.124.176.142/32
Signature Algorithm: sha256WithRSAEncryption
8d:d5:c5:17:66:25:29:d5:3e:30:30:b0:05:f7:02:27:0e:58:
c6:39:47:d0:d0:61:2b:de:dc:1d:20:fb:e2:b9:eb:5a:44:41:
fb:36:32:30:04:ac:cb:89:c5:77:a6:00:5e:ec:e0:48:8d:b9:
6b:73:d7:9c:a9:2d:be:7a:c6:01:95:51:da:01:e9:97:4d:f3:
46:00:1d:93:5e:e4:93:55:9e:79:b8:cb:0d:65:79:fd:23:43:
90:4f:a1:94:d0:54:b3:6c:ce:06:0e:a7:30:87:a0:c9:4b:4a:
9d:67:bb:9e:f7:ac:59:18:2f:68:70:49:f0:bd:7c:f6:4b:57:
73:18:3c:17:06:48:cf:23:75:f0:83:99:2b:f7:2b:1b:f6:15:
b5:07:31:05:b0:f3:fd:9d:d5:97:a6:ad:d4:53:80:8a:82:56:
f7:30:8b:42:9a:62:5f:b0:ff:91:d0:e3:6e:9a:d8:36:8a:ef:
32:77:07:f7:c1:cf:bb:dd:4b:f9:e0:7d:ea:8d:7a:0e:55:f0:
a9:e6:00:6d:9e:e0:ee:54:b7:e1:4b:fe:03:ce:3b:41:55:71:
b6:e4:16:c9:50:21:a2:24:1c:e2:d3:a6:6a:bb:9d:7b:44:03:
01:0f:8c:1b:08:7c:9a:e0:e1:b6:fa:db:bf:76:8c:46:f8:cf:
c9:53:e3:87
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZfh2jJe6J+Sl2R6IzXssJ/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjJhODI5MzgwMWEyNzI5YTNmOGQ2YjdmMmQzM2QxNjk1ZDIxMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGUBCLODUdvr3fedoP2/05jpTwbM
ZwsLi9irZLOgjBYhjU3gQe1Tac5n03Vo/M9hPRGADP5PV2ceaqCgtfjqfuvGLNBv
7Vzq3uxh/ZCItMkwZKK3yWPD4pYSj4+nQ2mEpLuPYAGU+Ldg8qdLp+RU0+3ZJv4G
rcEAEreCflwd+pE329HggVaH4HRf08/2SU7dsrIrZAdtvI9XNmPJb8XPd3nPUH/e
cPjTOY9P+B0DNG7tGMl56GJ8bjA2oq9d/giGYjNaw90qkPeKYYxvs9ppBOHw/QeU
QN2BOibIOCp8akTd0+M1Y6gbqPvYcUFGV+d5oA5dsQqCRXfZ4FTga7FEiQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAsqgpOAGicpo/jWt/LTPRaV0hEzMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvQ3lxQ2s0QWFKeW1qLU5hMzh0TTlGcFhTRVRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzApBAIAATAjAwUAuWl18AMF
AMFtVRQDBQDBfLAKAwUAwXywaAMFAMF8sI4wDQYJKoZIhvcNAQELBQADggEBAI3V
xRdmJSnVPjAwsAX3AicOWMY5R9DQYSve3B0g++K561pEQfs2MjAErMuJxXemAF7s
4EiNuWtz15ypLb56xgGVUdoB6ZdN80YAHZNe5JNVnnm4yw1lef0jQ5BPoZTQVLNs
zgYOpzCHoMlLSp1nu573rFkYL2hwSfC9fPZLV3MYPBcGSM8jdfCDmSv3Kxv2FbUH
MQWw8/2d1ZemrdRTgIqCVvcwi0KaYl+w/5HQ426a2DaK7zJ3B/fBz7vdS/ngfeqN
eg5V8KnmAG2e4O5Ut+FL/gPOO0FVcbbkFslQIaIkHOLTpmq7nXtEAwEPjBsIfJrg
4bb62792jEb4z8lT44c=
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:15:24 2025 by rpki-client