Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/tU6DMFN7IAOZQ7cUfROfM6r6UOA.roa
File: tU6DMFN7IAOZQ7cUfROfM6r6UOA.roa (raw, json)
Hash identifier: 3x0Z2LbMRw93/BSRFwcjlAAA9bHpyKwolG6dkKEUZH8=
Subject key identifier: B5:4E:83:30:53:7B:20:03:99:43:B7:14:7D:13:9F:33:AA:FA:50:E0
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 0197E1DB1FCABF5A9F8DC313FEB68636C5A5
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/tU6DMFN7IAOZQ7cUfROfM6r6UOA.roa
Signing time: Sun 06 Jul 2025 22:28:43 +0000
ROA not before: Sun 06 Jul 2025 22:28:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 185.106.92.0/24 maxlen: 24
193.124.185.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Jul 2025 16:13:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e1:db:1f:ca:bf:5a:9f:8d:c3:13:fe:b6:86:36:c5:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 6 22:28:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b54e8330537b20039943b7147d139f33aafa50e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:56:01:07:17:4c:75:a8:ba:71:2a:72:2d:8e:
00:66:47:b1:a8:13:a8:df:00:0f:1c:37:a2:37:fb:
31:c1:de:4c:56:5f:09:5c:3f:70:e6:25:4b:d8:be:
31:c7:b4:7e:a7:d1:7e:99:b0:ff:e7:02:47:ba:a2:
c0:35:04:9d:19:97:4b:c0:da:27:cd:84:03:81:8f:
b4:54:60:d9:12:9e:e2:ca:97:77:0c:dc:c9:f4:54:
0f:fd:14:d0:fb:61:d7:7e:04:6b:b5:a9:51:9e:c8:
d3:00:b1:fe:34:7d:dd:13:91:6c:00:f7:cd:77:67:
98:8a:c1:38:83:52:1d:80:22:36:c7:cb:90:93:e1:
9e:71:9a:45:35:f0:46:aa:58:10:b8:73:25:3a:71:
f1:ab:e0:e7:57:a1:7e:c6:af:5b:56:65:34:6c:b2:
8b:f3:f2:0e:15:42:4a:9b:e2:9d:6f:f4:a6:a1:82:
e4:12:02:e1:ac:01:6b:3c:a9:94:f1:37:ab:61:6b:
b3:6b:41:82:3c:02:ce:de:35:4c:92:4b:1a:44:d8:
54:0a:f8:78:7d:e8:fd:e9:42:3f:e3:89:f9:70:11:
eb:7b:30:aa:71:fe:b0:d7:33:17:5d:5f:ad:07:5e:
dc:d2:f3:7f:a9:5b:9b:87:26:99:71:15:fd:77:4c:
ec:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4E:83:30:53:7B:20:03:99:43:B7:14:7D:13:9F:33:AA:FA:50:E0
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/tU6DMFN7IAOZQ7cUfROfM6r6UOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.106.92.0/24
193.124.185.0/24
Signature Algorithm: sha256WithRSAEncryption
90:13:ab:66:dc:91:0f:ce:07:5e:5f:96:1a:84:e7:26:75:c0:
44:fe:34:8a:66:4d:ae:3e:64:52:87:56:d6:2b:33:c0:5c:d8:
4c:d2:a1:60:f7:ec:56:1b:b0:b4:78:80:8f:19:f3:ac:ce:7d:
2c:78:c8:27:4a:85:a3:d5:d8:d9:35:ea:04:e4:c6:f6:f9:7b:
7a:bc:fa:e6:31:c8:ca:0c:a3:1a:8d:f8:4d:5f:87:ef:4c:13:
76:b1:ac:78:51:67:4f:52:5b:65:08:e4:ac:9a:f2:4e:2e:80:
dd:e5:01:96:35:a6:07:2a:10:8a:4c:1c:5b:a1:90:59:7a:b8:
f9:7c:99:b9:3a:9c:f2:67:48:cd:ed:19:99:6f:ca:5e:01:9e:
27:a5:02:29:78:58:fd:d1:2a:6d:c5:eb:d6:af:4f:51:9d:45:
b5:9b:46:6d:bf:3e:a3:1a:dc:f9:78:4a:b3:5f:db:5b:48:7e:
39:c3:5e:4e:1d:6c:9e:61:9e:e2:3c:b1:ad:34:0e:46:fa:7d:
71:99:c1:f1:3b:1e:a4:75:6f:c4:9c:3a:54:04:27:cd:e1:46:
df:8e:50:f3:6d:8d:d7:09:8e:a4:3c:20:7f:83:1c:d8:2b:b0:
12:76:d9:c0:ea:ea:5b:44:ee:70:b5:be:c1:93:77:e7:69:d9:
5c:dd:62:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfh2x/Kv1qfjcMT/raGNsWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzA2MjIyODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRlODMzMDUzN2IyMDAzOTk0M2I3MTQ3ZDEzOWYzM2FhZmE1MGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtFYBBxdMdai6cSpyLY4AZkexqBOo
3wAPHDeiN/sxwd5MVl8JXD9w5iVL2L4xx7R+p9F+mbD/5wJHuqLANQSdGZdLwNon
zYQDgY+0VGDZEp7iypd3DNzJ9FQP/RTQ+2HXfgRrtalRnsjTALH+NH3dE5FsAPfN
d2eYisE4g1IdgCI2x8uQk+GecZpFNfBGqlgQuHMlOnHxq+DnV6F+xq9bVmU0bLKL
8/IOFUJKm+Kdb/SmoYLkEgLhrAFrPKmU8TerYWuza0GCPALO3jVMkksaRNhUCvh4
fej96UI/44n5cBHrezCqcf6w1zMXXV+tB17c0vN/qVubhyaZcRX9d0zsAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLVOgzBTeyADmUO3FH0TnzOq+lDgMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvdFU2RE1GTjdJQU9aUTdjVWZST2ZNNnI2VU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuWpcAwQA
wXy5MA0GCSqGSIb3DQEBCwUAA4IBAQCQE6tm3JEPzgdeX5YahOcmdcBE/jSKZk2u
PmRSh1bWKzPAXNhM0qFg9+xWG7C0eICPGfOszn0seMgnSoWj1djZNeoE5Mb2+Xt6
vPrmMcjKDKMajfhNX4fvTBN2sax4UWdPUltlCOSsmvJOLoDd5QGWNaYHKhCKTBxb
oZBZerj5fJm5OpzyZ0jN7RmZb8peAZ4npQIpeFj90SptxevWr09RnUW1m0Ztvz6j
Gtz5eEqzX9tbSH45w15OHWyeYZ7iPLGtNA5G+n1xmcHxOx6kdW/EnDpUBCfN4Ubf
jlDzbY3XCY6kPCB/gxzYK7ASdtnA6upbRO5wtb7Bk3fnadlc3WKN
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:13:45 2025 by rpki-client