Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/szxWtByqlUJFuJzfrNFLYMbLwsc.roa
File: szxWtByqlUJFuJzfrNFLYMbLwsc.roa (raw, json)
Hash identifier: 6QQrrKlmBOONTjwYoXdQIVJ4VGqoC59m0a6ALP3i12g=
Subject key identifier: B3:3C:56:B4:1C:AA:95:42:45:B8:9C:DF:AC:D1:4B:60:C6:CB:C2:C7
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DB1E0AE8842842E7CEAC2CB43843D2
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/szxWtByqlUJFuJzfrNFLYMbLwsc.roa
Signing time: Sun 06 Jul 2025 22:28:43 +0000
ROA not before: Sun 06 Jul 2025 22:28:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 45.138.74.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:11:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:db:1e:0a:e8:84:28:42:e7:ce:ac:2c:b4:38:43:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:28:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b33c56b41caa954245b89cdfacd14b60c6cbc2c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a6:d6:90:58:b5:5b:fa:76:6c:36:0e:bd:2e:
5e:d6:6c:24:f4:9e:b5:e4:c0:85:75:3b:d1:73:78:
a1:d0:e9:f2:93:1f:f5:4f:6a:6b:28:75:d7:a2:72:
6a:75:db:38:95:39:d8:90:a3:f0:f6:5e:05:98:3b:
7d:9b:24:89:e6:23:d8:fa:f1:fb:57:ff:00:dd:f8:
72:27:3b:2a:bf:85:73:7b:ba:7f:6f:ba:98:fa:c9:
ac:54:b9:f6:53:70:68:23:44:83:4d:3a:38:bb:9d:
f6:f9:5c:81:c9:7a:bd:bf:ff:be:21:89:64:34:ae:
d9:2c:20:0c:43:85:49:96:88:55:23:1e:3b:4d:a6:
b8:ba:24:78:30:d4:d4:18:ff:56:5b:5a:74:89:7a:
ed:1b:4b:19:39:19:7a:48:f7:e3:39:3b:fe:b9:e4:
36:61:6c:44:c9:fa:be:bd:b0:a3:9b:cb:b6:d0:15:
c6:da:b2:39:08:38:af:c6:6b:67:be:82:11:5a:8b:
04:31:79:b5:76:34:ca:29:60:7c:7d:e6:22:91:84:
9b:60:5b:36:78:85:bd:28:10:fa:f3:ca:68:e6:db:
b1:1f:dc:ed:34:9f:b6:fd:b6:2f:e6:bb:32:9d:5d:
41:3f:8c:c0:13:04:eb:70:5b:8e:e4:f5:36:44:16:
04:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:3C:56:B4:1C:AA:95:42:45:B8:9C:DF:AC:D1:4B:60:C6:CB:C2:C7
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/szxWtByqlUJFuJzfrNFLYMbLwsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.74.0/24
45.142.122.0/24
185.106.93.0-185.106.94.255
194.67.201.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:e5:48:02:c8:e5:91:14:9a:25:05:44:c8:0f:b4:d9:34:e2:
5d:92:df:ea:30:77:08:e1:7e:c4:0f:22:ad:c1:2e:5f:7e:19:
c6:83:b6:c1:5f:96:fb:00:db:e5:92:88:70:78:d8:fa:0e:76:
a4:91:91:3f:bb:e8:87:08:1e:ce:e2:c8:c3:89:fc:25:f2:91:
3c:60:bb:e8:e5:98:d8:82:6a:51:c1:d1:cc:d7:6f:8c:d0:6d:
00:2b:b8:c5:cd:55:96:d4:c0:20:5f:3e:c7:87:b9:d0:63:48:
a2:69:bf:5f:e4:3b:12:9d:ea:45:12:da:fc:d2:6b:a7:3c:24:
06:07:08:f3:8b:55:44:89:ed:5e:11:7d:80:40:2e:2b:29:c6:
ec:ae:8b:65:47:52:1c:33:0a:50:d1:17:29:cc:c0:19:56:68:
7b:eb:fb:58:b0:18:28:88:e6:cd:3b:b0:55:40:70:fa:9d:99:
f4:ba:dd:e2:11:b8:f4:d7:c5:40:a0:91:63:65:6b:16:61:12:
ee:3e:02:ab:90:34:31:1b:ba:34:68:79:3a:7a:c1:32:de:e8:
16:d7:84:c0:67:54:25:fa:08:d6:1d:37:35:a0:66:27:6a:cc:
ca:c7:b4:36:47:98:d9:06:1b:26:83:97:74:e4:89:24:ec:ca:
95:3e:16:84
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZfh2x4K6IQoQufOrCy0OEPSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzNjNTZiNDFjYWE5NTQyNDViODljZGZhY2QxNGI2MGM2Y2JjMmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqbWkFi1W/p2bDYOvS5e1mwk9J61
5MCFdTvRc3ih0Onykx/1T2prKHXXonJqdds4lTnYkKPw9l4FmDt9mySJ5iPY+vH7
V/8A3fhyJzsqv4Vze7p/b7qY+smsVLn2U3BoI0SDTTo4u532+VyByXq9v/++IYlk
NK7ZLCAMQ4VJlohVIx47Taa4uiR4MNTUGP9WW1p0iXrtG0sZORl6SPfjOTv+ueQ2
YWxEyfq+vbCjm8u20BXG2rI5CDivxmtnvoIRWosEMXm1djTKKWB8feYikYSbYFs2
eIW9KBD688po5tuxH9ztNJ+2/bYv5rsynV1BP4zAEwTrcFuO5PU2RBYExwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLM8VrQcqpVCRbic36zRS2DGy8LHMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvc3p4V3RCeXFsVUpGdUp6ZnJORkxZTWJMd3NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQALYpKAwQA
LY56MAwDBAC5al0DBAC5al4DBADCQ8kwDQYJKoZIhvcNAQELBQADggEBABzlSALI
5ZEUmiUFRMgPtNk04l2S3+owdwjhfsQPIq3BLl9+GcaDtsFflvsA2+WSiHB42PoO
dqSRkT+76IcIHs7iyMOJ/CXykTxgu+jlmNiCalHB0czXb4zQbQAruMXNVZbUwCBf
PseHudBjSKJpv1/kOxKd6kUS2vzSa6c8JAYHCPOLVUSJ7V4RfYBALispxuyui2VH
UhwzClDRFynMwBlWaHvr+1iwGCiI5s07sFVAcPqdmfS63eIRuPTXxUCgkWNlaxZh
Eu4+AquQNDEbujRoeTp6wTLe6BbXhMBnVCX6CNYdNzWgZidqzMrHtDZHmNkGGyaD
l3TkiSTsypU+FoQ=
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:50:01 2025 by rpki-client