Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/iQuHmTSnomZJxatYrCaw6PlBogg.roa
File: iQuHmTSnomZJxatYrCaw6PlBogg.roa (raw, json)
Hash identifier: bpTrWoVJ4+jRQskGm69UNQ5/ZUBVrCAHYC2HfKlJsN0=
Subject key identifier: 89:0B:87:99:34:A7:A2:66:49:C5:AB:58:AC:26:B0:E8:F9:41:A2:08
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DA34FB31C81C68B01D4E961AB13A44
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/iQuHmTSnomZJxatYrCaw6PlBogg.roa
Signing time: Sun 06 Jul 2025 22:27:43 +0000
ROA not before: Sun 06 Jul 2025 22:27:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 185.106.95.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:10:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:da:34:fb:31:c8:1c:68:b0:1d:4e:96:1a:b1:3a:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:27:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=890b879934a7a26649c5ab58ac26b0e8f941a208
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:25:86:4a:75:4a:5c:e1:0f:0a:5d:78:db:96:
d9:2c:b1:3b:0c:c9:03:7c:67:07:34:05:39:65:bb:
46:a5:90:cb:df:3b:a3:67:3e:2c:4c:db:76:cd:8e:
b2:3e:22:0b:64:af:d3:e4:f0:42:72:21:9c:f3:22:
32:ce:2e:04:77:a4:85:79:54:97:b3:53:76:33:9c:
59:27:10:30:70:7d:ea:77:e7:99:9a:1d:64:37:b3:
d2:7e:20:17:e6:7a:3c:33:81:47:db:c0:3d:82:73:
48:00:9a:39:9c:26:cf:5f:26:bf:d9:a7:be:c0:77:
5f:3f:4c:de:af:c0:e6:c5:b5:cc:ca:77:17:96:02:
20:6d:4f:07:84:f6:67:30:84:2a:68:1c:b9:3c:14:
03:c2:4a:27:41:b1:a5:a3:32:0a:98:36:12:e9:88:
20:b2:ed:55:8d:2a:93:6b:fb:16:b3:db:a9:08:53:
0c:c3:04:26:52:a9:94:63:03:4c:ff:8b:9f:02:31:
68:1c:c4:06:f0:a4:a2:68:bd:ec:c5:25:fc:62:51:
40:82:2e:40:b0:cd:a4:9b:01:28:a2:4e:b0:c6:ce:
bf:de:20:52:3e:67:4d:2e:e1:d4:72:e4:04:bb:86:
26:be:64:99:5b:85:24:b0:79:33:f1:50:c0:85:44:
38:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:0B:87:99:34:A7:A2:66:49:C5:AB:58:AC:26:B0:E8:F9:41:A2:08
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/iQuHmTSnomZJxatYrCaw6PlBogg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.95.0/24
Signature Algorithm: sha256WithRSAEncryption
56:14:45:36:d0:19:b6:ac:a2:00:90:8f:35:86:dc:e9:b0:69:
f6:83:f5:05:00:4d:22:c6:44:07:d0:95:31:04:31:e6:8c:e7:
49:8b:3a:da:ed:27:2e:1a:be:09:a2:71:88:ea:0d:25:d8:ce:
e7:3b:88:c4:a6:e3:5c:60:c8:75:ed:2d:55:94:e0:bc:29:9d:
31:ac:43:73:3b:56:85:b8:e3:7e:13:f7:f0:34:9c:67:f9:d5:
dc:be:bc:2f:b1:da:e1:ae:49:6f:2c:3f:2d:d2:53:22:53:df:
18:b5:a5:b8:ec:68:07:c0:64:16:40:7a:ee:f3:96:df:38:7c:
b7:64:3f:d8:2c:42:14:e5:59:3f:59:5a:40:df:1d:59:24:81:
02:f8:0d:11:08:48:64:e8:ae:54:30:92:a9:25:3e:7d:0d:f1:
de:d3:b9:48:b6:8a:9d:10:58:e5:e4:46:49:df:4d:6f:bf:ae:
70:26:e9:fd:c8:e9:85:ee:4f:e6:f6:9f:34:12:19:8e:f5:a3:
e5:d6:37:28:62:60:06:77:fe:c6:4d:8a:75:4d:9b:29:06:29:
db:89:ee:9f:7d:43:a4:94:42:94:e1:87:1a:4b:33:7a:46:1c:
39:9c:5a:69:36:5c:6c:32:c4:7f:b5:4d:91:52:3b:13:dd:ff:
5c:73:23:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfh2jT7McgcaLAdTpYasTpEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyNzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTBiODc5OTM0YTdhMjY2NDljNWFiNThhYzI2YjBlOGY5NDFhMjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSWGSnVKXOEPCl1425bZLLE7DMkD
fGcHNAU5ZbtGpZDL3zujZz4sTNt2zY6yPiILZK/T5PBCciGc8yIyzi4Ed6SFeVSX
s1N2M5xZJxAwcH3qd+eZmh1kN7PSfiAX5no8M4FH28A9gnNIAJo5nCbPXya/2ae+
wHdfP0zer8DmxbXMyncXlgIgbU8HhPZnMIQqaBy5PBQDwkonQbGlozIKmDYS6Ygg
su1VjSqTa/sWs9upCFMMwwQmUqmUYwNM/4ufAjFoHMQG8KSiaL3sxSX8YlFAgi5A
sM2kmwEook6wxs6/3iBSPmdNLuHUcuQEu4YmvmSZW4UksHkz8VDAhUQ4AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIkLh5k0p6JmScWrWKwmsOj5QaIIMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvaVF1SG1UU25vbVpKeGF0WXJDYXc2UGxCb2dnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuWpfMA0G
CSqGSIb3DQEBCwUAA4IBAQBWFEU20Bm2rKIAkI81htzpsGn2g/UFAE0ixkQH0JUx
BDHmjOdJizra7ScuGr4JonGI6g0l2M7nO4jEpuNcYMh17S1VlOC8KZ0xrENzO1aF
uON+E/fwNJxn+dXcvrwvsdrhrklvLD8t0lMiU98YtaW47GgHwGQWQHru85bfOHy3
ZD/YLEIU5Vk/WVpA3x1ZJIEC+A0RCEhk6K5UMJKpJT59DfHe07lItoqdEFjl5EZJ
301vv65wJun9yOmF7k/m9p80EhmO9aPl1jcoYmAGd/7GTYp1TZspBinbie6ffUOk
lEKU4YcaSzN6Rhw5nFppNlxsMsR/tU2RUjsT3f9ccyPd
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:39:11 2025 by rpki-client