Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/UjsERbI6t7zDZmToZAlhx_7HxXg.roa
File: UjsERbI6t7zDZmToZAlhx_7HxXg.roa (raw, json)
Hash identifier: hIYUu//FpxWDQ0Qe0RYCr+Sen5j2JpYDHOtXABq/q6o=
Subject key identifier: 52:3B:04:45:B2:3A:B7:BC:C3:66:64:E8:64:09:61:C7:FE:C7:C5:78
Certificate issuer: /CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Certificate serial: 0197D492D7BFB6E2C4301441E0BCC61E4F7B
Authority key identifier: 2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/UjsERbI6t7zDZmToZAlhx_7HxXg.roa
Signing time: Fri 04 Jul 2025 08:34:42 +0000
ROA not before: Fri 04 Jul 2025 08:34:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43991
IP address blocks: 170.168.4.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Jul 2025 09:34:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:92:d7:bf:b6:e2:c4:30:14:41:e0:bc:c6:1e:4f:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6a86e62f0ce98e02e980869ff4414ee2a0f0ce
Validity
Not Before: Jul 4 08:34:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=523b0445b23ab7bcc36664e8640961c7fec7c578
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:b7:f0:59:b7:eb:54:83:e4:d8:9d:cd:58:d2:
dc:a2:b3:c3:0e:8f:de:b2:df:f4:47:34:df:8d:0a:
96:da:fd:9f:77:bb:04:96:4f:6e:f4:d9:4b:cf:b2:
2e:27:a9:2c:c8:86:40:b0:13:d2:e5:23:9c:7d:02:
b8:32:95:1e:46:9b:dd:5a:81:f9:aa:0c:07:45:60:
f5:e6:a4:03:45:39:dd:56:7f:76:2d:53:c3:e9:22:
45:6e:d0:29:a3:e5:d2:1f:1d:63:b3:4a:02:ea:8a:
be:b7:40:7b:d2:02:e8:40:79:c1:df:1e:13:7f:3a:
16:26:64:47:2e:b9:28:2c:10:4b:f4:10:13:02:8d:
00:89:ec:64:09:93:95:61:52:1f:8f:3a:da:73:37:
78:a0:ac:3c:ac:c0:bd:d6:56:11:4b:f5:9c:c6:56:
45:d8:39:c0:a7:6c:5a:47:cd:5f:dc:1c:3c:2f:c6:
aa:ce:95:fb:f9:46:83:c2:77:25:14:20:a0:51:1f:
2e:d4:26:b0:63:ed:bc:f1:04:e2:a2:f8:cf:e2:29:
c9:af:cd:08:e9:8b:9b:69:8f:52:ce:fc:4a:38:7f:
62:ed:44:88:8d:86:91:8a:88:27:ab:d8:c0:c0:4c:
1e:a6:b5:c5:f6:4e:2f:2b:dd:bf:26:9e:10:6e:60:
ce:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:3B:04:45:B2:3A:B7:BC:C3:66:64:E8:64:09:61:C7:FE:C7:C5:78
X509v3 Authority Key Identifier:
keyid:2E:6A:86:E6:2F:0C:E9:8E:02:E9:80:86:9F:F4:41:4E:E2:A0:F0:CE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/UjsERbI6t7zDZmToZAlhx_7HxXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/2b6030-6d88-4e3e-9f3a-a667bb765060/1/LmqG5i8M6Y4C6YCGn_RBTuKg8M4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
170.168.4.0/24
Signature Algorithm: sha256WithRSAEncryption
99:d5:ea:84:c8:1e:54:36:3f:03:99:39:a9:d0:67:2d:84:f6:
d1:ed:bc:ed:8f:a0:9d:3d:3c:31:32:3e:ba:96:e2:9b:c9:d1:
51:f8:a1:96:8d:66:31:60:c0:81:81:b5:db:94:ce:40:1b:e6:
6b:2c:b2:3d:2f:e6:f6:d0:fb:15:29:9d:73:8a:fe:34:d4:2f:
66:15:d2:de:ad:48:d0:b6:78:08:e0:d1:28:27:01:50:fd:b6:
29:31:b0:64:d6:8f:5a:9c:12:e5:cd:e3:d2:f4:f2:cd:a8:a6:
8a:08:ac:26:46:c6:1f:10:93:f3:14:da:16:72:b8:5c:a8:36:
ec:78:53:72:3f:75:98:82:1c:16:8f:40:41:22:59:68:e8:ba:
30:81:46:30:cd:cb:ae:ae:ba:89:2d:92:4e:55:c9:9e:3f:4d:
3f:d8:a1:d0:95:a3:9b:19:18:c3:4e:10:ac:71:5b:91:04:bd:
98:1b:4e:71:0c:55:76:0f:0e:de:17:e8:97:81:9f:db:79:b7:
0e:7c:28:5e:e3:64:b4:5f:a1:93:0a:47:03:b1:fa:a2:f4:1b:
f5:5c:30:ba:e6:64:73:7d:df:f1:ad:1b:a5:4d:88:2b:20:a4:
62:e2:7d:36:28:fc:76:83:57:19:5e:b6:73:5d:2d:05:4f:d0:
4c:c7:ae:8b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfUkte/tuLEMBRB4LzGHk97MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmE4NmU2MmYwY2U5OGUwMmU5ODA4NjlmZjQ0MTRlZTJh
MGYwY2UwHhcNMjUwNzA0MDgzNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MjNiMDQ0NWIyM2FiN2JjYzM2NjY0ZTg2NDA5NjFjN2ZlYzdjNTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnLfwWbfrVIPk2J3NWNLcorPDDo/e
st/0RzTfjQqW2v2fd7sElk9u9NlLz7IuJ6ksyIZAsBPS5SOcfQK4MpUeRpvdWoH5
qgwHRWD15qQDRTndVn92LVPD6SJFbtApo+XSHx1js0oC6oq+t0B70gLoQHnB3x4T
fzoWJmRHLrkoLBBL9BATAo0AiexkCZOVYVIfjzraczd4oKw8rMC91lYRS/WcxlZF
2DnAp2xaR81f3Bw8L8aqzpX7+UaDwnclFCCgUR8u1CawY+288QTiovjP4inJr80I
6YubaY9SzvxKOH9i7USIjYaRiognq9jAwEweprXF9k4vK92/Jp4QbmDOqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFI7BEWyOre8w2Zk6GQJYcf+x8V4MB8GA1UdIwQY
MBaAFC5qhuYvDOmOAumAhp/0QU7ioPDOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2Et
YTY2N2JiNzY1MDYwLzEvVWpzRVJiSTZ0N3pEWm1Ub1pBbGh4XzdIeFhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8yYjYwMzAtNmQ4OC00ZTNlLTlmM2EtYTY2N2JiNzY1MDYw
LzEvTG1xRzVpOE02WTRDNllDR25fUkJUdUtnOE00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqqgEMA0G
CSqGSIb3DQEBCwUAA4IBAQCZ1eqEyB5UNj8DmTmp0GcthPbR7bztj6CdPTwxMj66
luKbydFR+KGWjWYxYMCBgbXblM5AG+ZrLLI9L+b20PsVKZ1ziv401C9mFdLerUjQ
tngI4NEoJwFQ/bYpMbBk1o9anBLlzePS9PLNqKaKCKwmRsYfEJPzFNoWcrhcqDbs
eFNyP3WYghwWj0BBIllo6LowgUYwzcuurrqJLZJOVcmeP00/2KHQlaObGRjDThCs
cVuRBL2YG05xDFV2Dw7eF+iXgZ/bebcOfChe42S0X6GTCkcDsfqi9Bv1XDC65mRz
fd/xrRulTYgrIKRi4n02KPx2g1cZXrZzXS0FT9BMx66L
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:27:43 2025 by rpki-client