Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/rSfJ-ijMILR6puMK_bgLeuT6GV0.roa
File: rSfJ-ijMILR6puMK_bgLeuT6GV0.roa (raw, json)
Hash identifier: KnyNXXxp+kY+rLOi0zWSCFSExL1s+pgvdh3h4w8TD78=
Subject key identifier: AD:27:C9:FA:28:CC:20:B4:7A:A6:E3:0A:FD:B8:0B:7A:E4:FA:19:5D
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DA360A3090B8FBDAD9BAB01E47A588
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/rSfJ-ijMILR6puMK_bgLeuT6GV0.roa
Signing time: Sun 06 Jul 2025 22:27:43 +0000
ROA not before: Sun 06 Jul 2025 22:27:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62282
IP address blocks: 45.137.106.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:10:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:da:36:0a:30:90:b8:fb:da:d9:ba:b0:1e:47:a5:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:27:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad27c9fa28cc20b47aa6e30afdb80b7ae4fa195d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d6:e3:0f:93:7b:57:dc:1a:e6:71:12:de:48:
71:5a:00:f5:bd:f7:db:56:70:97:a8:ae:53:18:37:
f3:ad:13:d0:af:c1:fb:0d:c7:b1:a0:a1:19:7d:43:
e2:4a:24:1f:3c:9b:af:97:28:74:08:8f:b4:db:5e:
20:c8:73:59:a1:c0:d4:f0:d1:d9:d6:2b:a2:1c:ea:
10:e1:b1:8c:19:01:02:e8:72:dd:ac:3b:6d:b0:f8:
8d:62:f4:ca:70:14:48:b8:c0:36:65:08:03:85:e7:
c8:55:1b:24:40:97:aa:b9:64:fb:00:22:d6:5b:9a:
31:01:d4:7f:8b:2b:d3:be:0e:62:88:b6:68:10:69:
de:67:02:49:60:1e:e2:21:fd:41:6e:4f:00:6e:0f:
40:38:ff:d2:b4:f8:17:46:4a:5e:1e:5a:be:40:3a:
71:3b:01:67:21:c7:ea:61:0e:f4:6e:e7:35:99:17:
24:11:64:3e:48:87:3e:c1:e5:f8:04:4b:78:6c:2e:
b8:c7:0a:18:08:a1:8c:31:82:74:fb:d1:ff:7c:02:
f5:ea:0b:74:81:ca:d4:2f:1e:f3:62:7e:85:08:07:
c8:e8:a9:1b:4e:40:ea:ff:0d:53:e0:73:3d:c1:14:
5b:e0:15:8f:21:35:69:d0:39:08:bd:91:a7:82:a1:
3d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:27:C9:FA:28:CC:20:B4:7A:A6:E3:0A:FD:B8:0B:7A:E4:FA:19:5D
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/rSfJ-ijMILR6puMK_bgLeuT6GV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.106.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a0:17:64:7c:9f:af:7f:68:f5:cd:95:ff:cc:87:51:20:c5:
2f:66:dc:53:cc:58:63:48:d0:8e:28:41:b5:ad:3b:23:83:00:
e3:77:75:9e:02:df:a0:7b:29:1b:b9:4b:1c:86:c5:5d:12:9d:
1b:83:50:9e:87:03:2a:24:fc:6d:6b:76:fe:76:00:21:34:af:
e1:b2:a5:a0:58:2f:87:53:18:d6:dd:a7:2f:a9:18:bb:0f:af:
a9:f2:ee:b8:ee:55:30:28:3e:03:f9:f3:fb:b2:53:42:c3:49:
d7:5a:25:bb:93:ae:2f:93:8b:e0:47:76:55:c7:65:42:be:c2:
90:41:f6:e3:84:40:dd:c5:e6:4b:e7:84:64:2f:3a:b3:ac:54:
54:3f:e1:2c:74:66:e6:37:d1:44:c6:4d:f4:92:d9:38:4e:52:
4e:fc:18:74:d1:55:f3:e5:cf:6f:f4:15:39:b4:82:fb:e1:c7:
2f:59:31:ba:41:ed:24:fd:a6:3d:7c:67:7e:2f:02:31:2e:a4:
7a:42:95:5c:e0:e7:db:b3:3d:81:fc:d0:d4:9b:fe:27:ca:96:
fe:95:51:ab:86:67:61:5c:43:1d:83:5c:21:35:77:b0:d0:a0:
83:db:12:04:e6:b7:3c:0a:12:5e:d2:89:bd:81:58:43:72:07:
e9:66:b1:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfh2jYKMJC4+9rZurAeR6WIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyNzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDI3YzlmYTI4Y2MyMGI0N2FhNmUzMGFmZGI4MGI3YWU0ZmExOTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdbjD5N7V9wa5nES3khxWgD1vffb
VnCXqK5TGDfzrRPQr8H7DcexoKEZfUPiSiQfPJuvlyh0CI+0214gyHNZocDU8NHZ
1iuiHOoQ4bGMGQEC6HLdrDttsPiNYvTKcBRIuMA2ZQgDhefIVRskQJequWT7ACLW
W5oxAdR/iyvTvg5iiLZoEGneZwJJYB7iIf1Bbk8Abg9AOP/StPgXRkpeHlq+QDpx
OwFnIcfqYQ70buc1mRckEWQ+SIc+weX4BEt4bC64xwoYCKGMMYJ0+9H/fAL16gt0
gcrULx7zYn6FCAfI6KkbTkDq/w1T4HM9wRRb4BWPITVp0DkIvZGngqE9wwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK0nyfoozCC0eqbjCv24C3rk+hldMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvclNmSi1pak1JTFI2cHVNS19iZ0xldVQ2R1YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALYlqMA0G
CSqGSIb3DQEBCwUAA4IBAQB0oBdkfJ+vf2j1zZX/zIdRIMUvZtxTzFhjSNCOKEG1
rTsjgwDjd3WeAt+geykbuUschsVdEp0bg1CehwMqJPxta3b+dgAhNK/hsqWgWC+H
UxjW3acvqRi7D6+p8u647lUwKD4D+fP7slNCw0nXWiW7k64vk4vgR3ZVx2VCvsKQ
QfbjhEDdxeZL54RkLzqzrFRUP+EsdGbmN9FExk30ktk4TlJO/Bh00VXz5c9v9BU5
tIL74ccvWTG6Qe0k/aY9fGd+LwIxLqR6QpVc4Ofbsz2B/NDUm/4nypb+lVGrhmdh
XEMdg1whNXew0KCD2xIE5rc8ChJe0om9gVhDcgfpZrGG
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:30:54 2025 by rpki-client