Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/KFtF1ZXUF0pIOfDKjetL8tmPccE.roa
File: KFtF1ZXUF0pIOfDKjetL8tmPccE.roa (raw, json)
Hash identifier: m1DlUREO6YKGLvDZ6YXON281NHV6OErQ2HOSVFS/+S4=
Subject key identifier: 28:5B:45:D5:95:D4:17:4A:48:39:F0:CA:8D:EB:4B:F2:D9:8F:71:C1
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DB22406D14CDD5327277D7CAA3A254
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/KFtF1ZXUF0pIOfDKjetL8tmPccE.roa
Signing time: Sun 06 Jul 2025 22:28:43 +0000
ROA not before: Sun 06 Jul 2025 22:28:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216246
IP address blocks: 45.142.122.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:db:22:40:6d:14:cd:d5:32:72:77:d7:ca:a3:a2:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:28:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=285b45d595d4174a4839f0ca8deb4bf2d98f71c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:bf:aa:49:d0:15:07:5b:31:06:94:3b:ce:b5:
7d:6d:e3:9d:f0:86:14:a0:1d:17:d1:b2:36:91:9c:
8e:a4:bb:57:9c:61:59:ec:b9:54:d9:c8:3a:22:af:
51:1d:44:c2:39:62:62:93:14:1f:07:d5:52:fa:fe:
86:a2:39:5c:1e:64:27:42:92:0b:b1:7f:33:33:ce:
75:59:a7:5f:38:44:a4:57:42:75:fd:40:9b:70:db:
3d:14:8e:db:da:a6:91:ba:df:24:58:b0:52:fc:47:
ed:ab:34:07:8b:15:f6:64:01:9c:66:ae:4b:a1:4c:
09:19:1e:a8:28:3c:e8:15:6f:89:4c:cc:6a:7b:64:
0b:cc:d2:38:c8:47:6e:15:2b:81:c7:e4:a1:2a:28:
99:c2:42:7b:7d:5b:69:5a:b6:f2:87:04:c1:a5:40:
9c:f9:1b:8b:fb:46:06:0e:80:bc:52:de:ba:df:03:
96:3a:de:07:df:a7:54:64:3b:b5:e3:34:a2:a1:ee:
47:77:94:0a:2c:b0:1b:d6:39:27:21:57:de:de:4c:
58:44:84:f1:bf:17:91:3a:11:5f:41:98:58:81:c0:
31:3d:19:25:1f:32:38:8f:f5:ee:e1:9a:20:d8:ec:
95:45:19:ff:58:78:ec:27:40:0b:8c:f0:85:5c:3f:
f6:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:5B:45:D5:95:D4:17:4A:48:39:F0:CA:8D:EB:4B:F2:D9:8F:71:C1
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/KFtF1ZXUF0pIOfDKjetL8tmPccE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.122.0/24
194.67.201.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:1a:85:b7:9f:8f:41:21:7b:60:33:cb:35:d2:0d:7e:b8:98:
da:b0:bc:11:62:7b:d9:4d:e7:cd:79:75:58:c5:84:9e:95:c9:
8f:8c:71:5a:63:0e:33:e6:3e:6f:ae:11:d3:c9:59:47:e7:d1:
b1:51:5a:49:6a:11:35:c8:d0:a0:8d:14:5f:b6:95:15:e5:f2:
74:37:21:6e:0a:5d:4b:58:4c:ec:e6:79:f9:52:34:bd:99:5a:
22:1a:93:f6:b7:4b:e5:19:ea:a3:b8:25:f9:c0:68:38:9f:4f:
51:c6:28:07:78:68:bd:ca:eb:4c:4f:dd:b3:ab:58:a8:6a:b2:
75:e6:09:79:f2:20:db:91:c6:15:71:ac:db:55:42:1d:51:af:
07:2d:14:eb:a8:c8:38:d6:18:34:a5:52:6b:48:66:cb:39:a6:
0f:14:62:7d:82:d6:5c:87:f2:17:53:ea:ab:98:f0:ef:3b:18:
84:60:69:a9:5e:0f:fe:5d:40:52:26:47:58:56:20:67:dd:28:
c9:ff:e9:4f:df:e1:62:e1:34:d0:c6:70:3f:1b:08:0c:e2:48:
69:6e:cf:f9:de:b0:0c:a0:0f:6e:b9:ab:8e:85:f2:03:37:27:
b7:b5:84:6b:ca:eb:09:0c:7c:7e:86:95:49:6c:cc:b4:6a:31:
f3:8f:cb:fd
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfh2yJAbRTN1TJyd9fKo6JUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODViNDVkNTk1ZDQxNzRhNDgzOWYwY2E4ZGViNGJmMmQ5OGY3MWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAub+qSdAVB1sxBpQ7zrV9beOd8IYU
oB0X0bI2kZyOpLtXnGFZ7LlU2cg6Iq9RHUTCOWJikxQfB9VS+v6GojlcHmQnQpIL
sX8zM851WadfOESkV0J1/UCbcNs9FI7b2qaRut8kWLBS/EftqzQHixX2ZAGcZq5L
oUwJGR6oKDzoFW+JTMxqe2QLzNI4yEduFSuBx+ShKiiZwkJ7fVtpWrbyhwTBpUCc
+RuL+0YGDoC8Ut663wOWOt4H36dUZDu14zSioe5Hd5QKLLAb1jknIVfe3kxYRITx
vxeROhFfQZhYgcAxPRklHzI4j/Xu4Zog2OyVRRn/WHjsJ0ALjPCFXD/25QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFChbRdWV1BdKSDnwyo3rS/LZj3HBMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvS0Z0RjFaWFVGMHBJT2ZES2pldEw4dG1QY2NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALY56AwQA
wkPJMA0GCSqGSIb3DQEBCwUAA4IBAQCnGoW3n49BIXtgM8s10g1+uJjasLwRYnvZ
TefNeXVYxYSelcmPjHFaYw4z5j5vrhHTyVlH59GxUVpJahE1yNCgjRRftpUV5fJ0
NyFuCl1LWEzs5nn5UjS9mVoiGpP2t0vlGeqjuCX5wGg4n09RxigHeGi9yutMT92z
q1ioarJ15gl58iDbkcYVcazbVUIdUa8HLRTrqMg41hg0pVJrSGbLOaYPFGJ9gtZc
h/IXU+qrmPDvOxiEYGmpXg/+XUBSJkdYViBn3SjJ/+lP3+Fi4TTQxnA/GwgM4khp
bs/53rAMoA9uuauOhfIDNye3tYRryusJDHx+hpVJbMy0ajHzj8v9
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:45:45 2025 by rpki-client