Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/d2U-cxPJyBoiBeFSre4x8EcXlRQ.roa
File: d2U-cxPJyBoiBeFSre4x8EcXlRQ.roa (raw, json)
Hash identifier: SR+Ttba5jjkFAZ8cb7Zff88oTZwl71+EqyRBgORscDE=
Subject key identifier: 77:65:3E:73:13:C9:C8:1A:22:05:E1:52:AD:EE:31:F0:47:17:95:14
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 0197F10298B06FAD844170AD871B4DF1CEE1
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/d2U-cxPJyBoiBeFSre4x8EcXlRQ.roa
Signing time: Wed 09 Jul 2025 21:06:08 +0000
ROA not before: Wed 09 Jul 2025 21:06:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212666
IP address blocks: 31.133.80.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Jul 2025 14:21:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f1:02:98:b0:6f:ad:84:41:70:ad:87:1b:4d:f1:ce:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jul 9 21:06:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=77653e7313c9c81a2205e152adee31f047179514
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:fd:45:ba:a7:17:2a:87:b2:4a:21:1c:e7:10:
1f:4d:31:c7:d7:fc:4c:c6:f9:92:a0:86:98:cc:de:
40:09:79:d6:6f:7d:25:30:a3:c9:93:5f:94:c7:9f:
f7:76:90:64:91:32:09:df:ea:7a:a6:df:71:b3:7e:
94:89:66:58:b3:55:ec:89:fe:88:65:ce:d0:05:66:
42:61:41:9c:1b:71:b2:95:5e:fb:d3:45:09:9a:e8:
0c:e5:99:2c:95:72:4d:af:42:a2:8e:8b:55:13:90:
0a:0d:a5:a1:ac:65:82:24:5d:aa:a9:8b:1b:ac:3c:
4e:cb:da:94:4c:84:fa:de:ba:99:df:a3:f7:cb:68:
ab:cc:27:48:81:05:31:79:48:bf:46:d4:ec:c8:50:
df:34:3b:d5:0a:38:04:a5:f8:1c:d0:4e:d1:eb:d1:
87:f0:bc:38:cd:52:66:73:78:7b:2f:00:96:37:af:
d8:0e:97:8b:97:ed:39:b5:04:68:dc:d5:52:f7:20:
b5:c9:04:2b:6d:15:25:d3:49:4f:a0:e2:2c:48:33:
cd:48:f5:a7:61:b5:1e:31:68:34:44:bd:ba:cd:86:
67:91:dc:c7:15:c3:ec:b4:34:da:d3:1c:82:71:b8:
38:14:ca:3d:13:f3:00:6b:23:b2:87:2a:45:11:ba:
fc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:65:3E:73:13:C9:C8:1A:22:05:E1:52:AD:EE:31:F0:47:17:95:14
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/d2U-cxPJyBoiBeFSre4x8EcXlRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.80.0/22
Signature Algorithm: sha256WithRSAEncryption
28:dc:75:06:5d:89:5e:b1:ab:f4:64:22:30:66:dc:51:34:c8:
a9:e2:4a:12:71:14:cc:74:f9:b7:53:04:fb:31:bc:79:44:ea:
43:54:33:0e:8c:8a:15:f0:19:0b:ae:4e:5b:d4:5c:65:36:14:
07:f2:41:a9:65:28:b7:8e:8b:b6:7a:33:89:44:97:4a:58:c2:
90:be:b1:da:36:7f:e9:87:b7:a9:36:1a:3d:31:6e:fb:9c:e9:
1a:c0:48:6f:25:c1:d3:38:fc:ea:f5:79:d5:b1:4a:d0:63:5a:
56:0c:a1:fb:ef:48:43:66:39:44:b4:ed:31:46:3e:46:3b:10:
bd:a2:96:1e:ff:15:50:e7:82:04:f0:68:87:25:31:ca:6e:69:
11:4e:a9:58:49:59:bd:72:c9:20:4e:0b:a0:37:de:73:ff:be:
1b:27:50:94:68:b4:e9:70:da:3f:92:22:a3:f4:6e:8c:66:45:
cd:01:b8:23:43:e5:43:d9:f9:d0:0e:ff:60:f8:78:20:7c:7d:
c6:c9:85:6b:24:28:3b:e3:e9:29:0d:5d:ca:c9:38:18:2e:87:
7b:4b:7e:3b:c0:09:d5:15:c1:9b:e6:e6:e5:34:7c:0b:c8:93:
1c:fd:12:28:52:c6:d5:a3:dd:f3:43:5e:e5:6b:44:bc:fe:07:
5e:03:ca:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfxApiwb62EQXCthxtN8c7hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjUwNzA5MjEwNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzY1M2U3MzEzYzljODFhMjIwNWUxNTJhZGVlMzFmMDQ3MTc5NTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqv1FuqcXKoeySiEc5xAfTTHH1/xM
xvmSoIaYzN5ACXnWb30lMKPJk1+Ux5/3dpBkkTIJ3+p6pt9xs36UiWZYs1Xsif6I
Zc7QBWZCYUGcG3GylV7700UJmugM5ZkslXJNr0KijotVE5AKDaWhrGWCJF2qqYsb
rDxOy9qUTIT63rqZ36P3y2irzCdIgQUxeUi/RtTsyFDfNDvVCjgEpfgc0E7R69GH
8Lw4zVJmc3h7LwCWN6/YDpeLl+05tQRo3NVS9yC1yQQrbRUl00lPoOIsSDPNSPWn
YbUeMWg0RL26zYZnkdzHFcPstDTa0xyCcbg4FMo9E/MAayOyhypFEbr8AwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHdlPnMTycgaIgXhUq3uMfBHF5UUMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvZDJVLWN4UEp5Qm9pQmVGU3JlNHg4RWNYbFJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCH4VQMA0G
CSqGSIb3DQEBCwUAA4IBAQAo3HUGXYlesav0ZCIwZtxRNMip4koScRTMdPm3UwT7
Mbx5ROpDVDMOjIoV8BkLrk5b1FxlNhQH8kGpZSi3jou2ejOJRJdKWMKQvrHaNn/p
h7epNho9MW77nOkawEhvJcHTOPzq9XnVsUrQY1pWDKH770hDZjlEtO0xRj5GOxC9
opYe/xVQ54IE8GiHJTHKbmkRTqlYSVm9cskgTgugN95z/74bJ1CUaLTpcNo/kiKj
9G6MZkXNAbgjQ+VD2fnQDv9g+HggfH3GyYVrJCg74+kpDV3KyTgYLod7S347wAnV
FcGb5ublNHwLyJMc/RIoUsbVo93zQ17la0S8/gdeA8rA
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:28:55 2025 by rpki-client