Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e46951-8fa4-45b6-87bf-5a4b7b5e4007/1/U8F0f-dJxmEOU4Gq_S8HY6UQyC0.roa
File: U8F0f-dJxmEOU4Gq_S8HY6UQyC0.roa (raw, json)
Hash identifier: s9TsiCuMvuLjBpueaP58SjPLpL7hvVEkPGeRZ7K+Nb0=
Subject key identifier: 53:C1:74:7F:E7:49:C6:61:0E:53:81:AA:FD:2F:07:63:A5:10:C8:2D
Certificate issuer: /CN=028ccc8d8178c9e9d2ffc532fcb5cd68beaa776d
Certificate serial: 0197C06CC248A25CB852524E9279EFFBBBFD
Authority key identifier: 02:8C:CC:8D:81:78:C9:E9:D2:FF:C5:32:FC:B5:CD:68:BE:AA:77:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AozMjYF4yenS_8Uy_LXNaL6qd20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e46951-8fa4-45b6-87bf-5a4b7b5e4007/1/U8F0f-dJxmEOU4Gq_S8HY6UQyC0.roa
Signing time: Mon 30 Jun 2025 10:40:42 +0000
ROA not before: Mon 30 Jun 2025 10:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203684
IP address blocks: 194.110.118.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Jul 2025 08:40:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c0:6c:c2:48:a2:5c:b8:52:52:4e:92:79:ef:fb:bb:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=028ccc8d8178c9e9d2ffc532fcb5cd68beaa776d
Validity
Not Before: Jun 30 10:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53c1747fe749c6610e5381aafd2f0763a510c82d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d5:9b:9a:ff:27:9e:80:8d:41:84:25:64:64:
8b:8f:1f:fa:21:d1:07:63:96:9a:78:06:55:b1:5f:
17:90:7a:35:57:e8:86:3c:fc:9e:d7:ec:96:b7:ff:
51:d4:65:ed:fb:00:0f:5f:33:62:9e:14:4d:1a:7d:
c7:26:17:dc:f1:d4:e4:9d:3a:e7:80:74:58:d4:e7:
a5:70:72:cb:08:5c:c0:5e:2a:7e:24:7c:7e:1f:bd:
79:a3:ba:bb:7a:89:9e:eb:45:43:02:c7:ab:ed:16:
2a:cb:80:36:df:3b:97:b2:4b:56:09:38:ee:b6:91:
f9:7f:03:26:96:60:a5:b6:37:e1:b9:bf:31:55:45:
5c:ec:ac:5e:15:1b:ae:9f:09:55:72:f8:2c:19:ef:
48:ca:67:16:9d:d8:9f:27:86:af:23:4b:da:d7:b4:
c8:4d:52:da:ab:4f:42:65:89:93:02:d4:ed:cf:66:
01:b2:23:50:46:95:7b:ef:01:4f:32:78:bc:1b:68:
54:3a:fb:dd:20:37:2f:0b:7e:16:aa:ac:50:b3:7a:
ed:f6:1a:d3:b1:dd:07:08:fe:aa:22:9b:80:95:86:
ad:b7:61:51:f4:ca:81:34:ff:50:d0:04:1b:4a:a5:
c2:c3:75:cc:1d:45:79:ea:0f:e6:6d:0b:4a:64:db:
e4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C1:74:7F:E7:49:C6:61:0E:53:81:AA:FD:2F:07:63:A5:10:C8:2D
X509v3 Authority Key Identifier:
keyid:02:8C:CC:8D:81:78:C9:E9:D2:FF:C5:32:FC:B5:CD:68:BE:AA:77:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AozMjYF4yenS_8Uy_LXNaL6qd20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e46951-8fa4-45b6-87bf-5a4b7b5e4007/1/U8F0f-dJxmEOU4Gq_S8HY6UQyC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e46951-8fa4-45b6-87bf-5a4b7b5e4007/1/AozMjYF4yenS_8Uy_LXNaL6qd20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.118.0/24
Signature Algorithm: sha256WithRSAEncryption
17:65:d1:3c:dd:50:53:07:66:c8:d3:82:f4:b1:0f:a2:3f:fd:
63:e2:f2:d7:76:15:9a:c7:c4:ba:98:8b:ed:9a:ec:f9:97:99:
0c:ba:79:56:21:e5:92:65:92:4e:c6:55:25:7a:76:bf:07:93:
82:5e:c4:d9:99:ea:77:75:2d:ce:0c:01:49:b5:d9:67:a9:6f:
30:44:8f:d3:2c:24:f5:09:a9:2d:47:78:3c:e4:26:66:b7:29:
9c:49:70:cf:03:8c:2b:41:44:85:fc:65:90:37:5f:1d:90:83:
77:fa:e9:5d:49:7d:38:6e:a6:2d:e6:60:34:64:95:59:91:ca:
df:54:99:03:08:a3:4a:c5:98:e4:bc:21:86:46:22:b0:76:b2:
53:d4:ad:73:b7:db:08:21:5f:b9:61:1c:5a:9d:33:65:78:1b:
84:fa:e5:ba:0c:61:da:e6:6f:1c:3a:00:db:ae:f2:df:3c:d2:
57:0d:21:88:8c:ba:f9:95:b3:d2:58:66:dd:68:0a:0d:8f:32:
65:79:bc:93:69:3b:cb:59:e4:36:9e:a5:b0:26:7c:30:b3:db:
77:21:f5:35:03:1d:7a:3b:d5:64:a8:76:6e:06:cd:62:29:f5:
53:a1:60:66:80:72:e5:53:a4:04:8c:f7:41:da:81:da:c3:a9:
eb:a8:ba:f8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfAbMJIoly4UlJOknnv+7v9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyOGNjYzhkODE3OGM5ZTlkMmZmYzUzMmZjYjVjZDY4YmVh
YTc3NmQwHhcNMjUwNjMwMTA0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2MxNzQ3ZmU3NDljNjYxMGU1MzgxYWFmZDJmMDc2M2E1MTBjODJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytWbmv8nnoCNQYQlZGSLjx/6IdEH
Y5aaeAZVsV8XkHo1V+iGPPye1+yWt/9R1GXt+wAPXzNinhRNGn3HJhfc8dTknTrn
gHRY1OelcHLLCFzAXip+JHx+H715o7q7eome60VDAser7RYqy4A23zuXsktWCTju
tpH5fwMmlmCltjfhub8xVUVc7KxeFRuunwlVcvgsGe9IymcWndifJ4avI0va17TI
TVLaq09CZYmTAtTtz2YBsiNQRpV77wFPMni8G2hUOvvdIDcvC34WqqxQs3rt9hrT
sd0HCP6qIpuAlYatt2FR9MqBNP9Q0AQbSqXCw3XMHUV56g/mbQtKZNvkGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFPBdH/nScZhDlOBqv0vB2OlEMgtMB8GA1UdIwQY
MBaAFAKMzI2BeMnp0v/FMvy1zWi+qndtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQW96TWpZRjR5ZW5TXzhVeV9MWE5hTDZxZDIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lNDY5NTEtOGZhNC00NWI2LTg3YmYt
NWE0YjdiNWU0MDA3LzEvVThGMGYtZEp4bUVPVTRHcV9TOEhZNlVReUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lNDY5NTEtOGZhNC00NWI2LTg3YmYtNWE0YjdiNWU0MDA3
LzEvQW96TWpZRjR5ZW5TXzhVeV9MWE5hTDZxZDIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm52MA0G
CSqGSIb3DQEBCwUAA4IBAQAXZdE83VBTB2bI04L0sQ+iP/1j4vLXdhWax8S6mIvt
muz5l5kMunlWIeWSZZJOxlUlena/B5OCXsTZmep3dS3ODAFJtdlnqW8wRI/TLCT1
CaktR3g85CZmtymcSXDPA4wrQUSF/GWQN18dkIN3+uldSX04bqYt5mA0ZJVZkcrf
VJkDCKNKxZjkvCGGRiKwdrJT1K1zt9sIIV+5YRxanTNleBuE+uW6DGHa5m8cOgDb
rvLfPNJXDSGIjLr5lbPSWGbdaAoNjzJlebyTaTvLWeQ2nqWwJnwws9t3IfU1Ax16
O9VkqHZuBs1iKfVToWBmgHLlU6QEjPdB2oHaw6nrqLr4
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:21:18 2025 by rpki-client