Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/jSuej0gf5sDxxUyaQgw4XERDCYY.roa
File: jSuej0gf5sDxxUyaQgw4XERDCYY.roa (raw, json)
Hash identifier: 9cFMtYS1hOMODeZMp6fwC3eU2Q7z6xw/34jK7fFVpfg=
Subject key identifier: 8D:2B:9E:8F:48:1F:E6:C0:F1:C5:4C:9A:42:0C:38:5C:44:43:09:86
Certificate issuer: /CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Certificate serial: 019758C9510C4470352274AD74143F93E8FC
Authority key identifier: EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/jSuej0gf5sDxxUyaQgw4XERDCYY.roa
Signing time: Tue 10 Jun 2025 07:41:17 +0000
ROA not before: Tue 10 Jun 2025 07:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.58.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 14:22:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:58:c9:51:0c:44:70:35:22:74:ad:74:14:3f:93:e8:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb349af2af111361b29fcfef2e043d5be75e3f98
Validity
Not Before: Jun 10 07:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d2b9e8f481fe6c0f1c54c9a420c385c44430986
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:26:3d:7a:13:e2:ab:1f:b2:3d:c4:20:de:5a:
71:ba:7b:ec:3b:c1:39:9d:b0:b9:09:9d:63:de:73:
89:70:31:a2:b6:0d:40:e2:62:3f:ec:6b:87:1d:43:
fe:91:e1:f8:c6:42:3f:30:b9:db:d5:24:45:85:50:
73:96:e0:47:53:8e:0d:c8:16:ba:16:d8:e2:4c:d7:
6b:ef:b5:33:2d:89:10:2e:8e:2a:8f:8b:05:f7:6f:
0c:20:5d:99:0f:f2:20:8f:85:ed:08:46:90:62:75:
04:c1:8c:c0:23:ad:eb:25:b9:c2:f3:87:92:19:51:
d1:fa:8f:af:f6:63:95:7f:5f:72:f5:07:58:cb:d3:
20:8f:7d:78:97:ae:3d:e5:8f:5f:be:fc:de:98:13:
ae:92:57:c0:aa:9a:4e:af:5d:27:08:d8:5a:60:13:
96:07:2d:1c:e2:fc:30:91:70:22:19:ea:cf:2a:fc:
df:99:2c:8b:eb:52:8f:c5:57:b8:00:4a:30:b9:52:
07:f4:49:a0:36:f1:f2:df:fb:e1:21:a3:05:b9:97:
7e:e4:73:7f:a2:67:18:8b:d7:ce:3b:66:b9:31:a8:
6f:6c:b0:b6:18:df:d7:33:98:2d:f3:a4:94:05:69:
72:cf:19:6a:e5:49:c4:84:a3:f6:77:4c:3e:bd:c0:
3d:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:2B:9E:8F:48:1F:E6:C0:F1:C5:4C:9A:42:0C:38:5C:44:43:09:86
X509v3 Authority Key Identifier:
keyid:EB:34:9A:F2:AF:11:13:61:B2:9F:CF:EF:2E:04:3D:5B:E7:5E:3F:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/jSuej0gf5sDxxUyaQgw4XERDCYY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/3cb147-a7c3-44e9-adc8-9cd662bc8320/1/6zSa8q8RE2Gyn8_vLgQ9W-deP5g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.58.0/24
Signature Algorithm: sha256WithRSAEncryption
92:fd:c7:17:69:fd:56:d3:8d:50:5c:ce:5a:00:e3:64:4a:6d:
69:5a:a5:0e:4c:23:b8:6d:b8:79:15:ba:56:25:ee:42:ac:50:
23:c3:cf:b0:82:80:7a:72:fe:f6:9c:55:5d:ae:fa:51:f7:72:
be:f6:66:a5:a3:d5:27:7f:c4:c1:7d:74:ac:c2:42:1e:22:60:
38:cc:31:12:4b:0e:94:b3:b8:21:62:dc:fc:91:b2:cd:a3:f2:
7c:1a:0f:6c:fa:90:2d:ed:9b:aa:d4:20:b1:21:2f:72:d6:e7:
08:86:2c:a0:05:25:b0:a7:89:77:9f:85:3e:40:8d:69:67:da:
05:37:bf:b8:4e:04:00:23:76:42:f7:f0:de:e7:61:3e:e0:3e:
96:8b:81:cb:58:18:cc:d0:80:2f:12:cf:a0:a5:9a:14:5f:e9:
b4:22:fa:24:e0:e4:85:98:7d:f2:9a:a2:3e:fe:15:a7:68:cc:
27:7d:99:7c:8a:5a:51:3e:9f:b9:94:59:4c:7d:79:be:49:0b:
e4:fe:9c:f7:b4:8e:37:1f:4e:3d:1c:d9:f8:c6:a4:e0:eb:09:
66:fb:b2:2d:fa:bd:55:a9:a5:b5:cc:2b:32:1b:a2:a4:14:b4:
e5:de:c8:f2:d4:fd:5b:5b:90:35:08:b6:3e:b8:3b:4b:d7:a8:
7a:ce:a8:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdYyVEMRHA1InStdBQ/k+j8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMzQ5YWYyYWYxMTEzNjFiMjlmY2ZlZjJlMDQzZDViZTc1
ZTNmOTgwHhcNMjUwNjEwMDc0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDJiOWU4ZjQ4MWZlNmMwZjFjNTRjOWE0MjBjMzg1YzQ0NDMwOTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyY9ehPiqx+yPcQg3lpxunvsO8E5
nbC5CZ1j3nOJcDGitg1A4mI/7GuHHUP+keH4xkI/MLnb1SRFhVBzluBHU44NyBa6
FtjiTNdr77UzLYkQLo4qj4sF928MIF2ZD/Igj4XtCEaQYnUEwYzAI63rJbnC84eS
GVHR+o+v9mOVf19y9QdYy9Mgj314l6495Y9fvvzemBOuklfAqppOr10nCNhaYBOW
By0c4vwwkXAiGerPKvzfmSyL61KPxVe4AEowuVIH9EmgNvHy3/vhIaMFuZd+5HN/
omcYi9fOO2a5MahvbLC2GN/XM5gt86SUBWlyzxlq5UnEhKP2d0w+vcA9rQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI0rno9IH+bA8cVMmkIMOFxEQwmGMB8GA1UdIwQY
MBaAFOs0mvKvERNhsp/P7y4EPVvnXj+YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgt
OWNkNjYyYmM4MzIwLzEvalN1ZWowZ2Y1c0R4eFV5YVFndzRYRVJEQ1lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8zY2IxNDctYTdjMy00NGU5LWFkYzgtOWNkNjYyYmM4MzIw
LzEvNnpTYThxOFJFMkd5bjhfdkxnUTlXLWRlUDVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXo6MA0G
CSqGSIb3DQEBCwUAA4IBAQCS/ccXaf1W041QXM5aAONkSm1pWqUOTCO4bbh5FbpW
Je5CrFAjw8+wgoB6cv72nFVdrvpR93K+9malo9Unf8TBfXSswkIeImA4zDESSw6U
s7ghYtz8kbLNo/J8Gg9s+pAt7Zuq1CCxIS9y1ucIhiygBSWwp4l3n4U+QI1pZ9oF
N7+4TgQAI3ZC9/De52E+4D6Wi4HLWBjM0IAvEs+gpZoUX+m0Ivok4OSFmH3ymqI+
/hWnaMwnfZl8ilpRPp+5lFlMfXm+SQvk/pz3tI43H049HNn4xqTg6wlm+7It+r1V
qaW1zCsyG6KkFLTl3sjy1P1bW5A1CLY+uDtL16h6zqiJ
-----END CERTIFICATE-----
Generated at Fri Jul 25 19:08:26 2025 by rpki-client