Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/x9QZF-rOkYuorZE34Od3303AEKg.roa
File: x9QZF-rOkYuorZE34Od3303AEKg.roa (raw, json)
Hash identifier: aMaySpQ4+sJrW8kD4bsQThAuT7ZkkMfYvg9cODU/OIs=
Subject key identifier: C7:D4:19:17:EA:CE:91:8B:A8:AD:91:37:E0:E7:77:DF:4D:C0:10:A8
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0197DC05E2A2EC77E416004D0EE8B6392BAC
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/x9QZF-rOkYuorZE34Od3303AEKg.roa
Signing time: Sat 05 Jul 2025 19:17:42 +0000
ROA not before: Sat 05 Jul 2025 19:17:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.8.205.0/24 maxlen: 24
45.9.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Jul 2025 08:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:dc:05:e2:a2:ec:77:e4:16:00:4d:0e:e8:b6:39:2b:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jul 5 19:17:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c7d41917eace918ba8ad9137e0e777df4dc010a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9f:77:c0:f1:18:56:71:54:54:d2:24:75:38:
34:c0:24:b6:31:dc:2d:2a:f9:e0:be:ed:20:2c:31:
e7:c3:63:12:bb:6a:4b:de:d1:a0:2d:e1:91:0f:3e:
3d:0a:b7:10:4d:9c:13:00:a8:13:93:0a:3a:c0:d2:
13:9c:e7:35:4f:66:01:c6:d8:4c:34:53:d2:1c:1a:
aa:98:d1:7e:55:c5:d9:2f:35:08:01:3b:7b:e8:75:
46:a5:58:8b:31:97:5e:e3:ec:79:3a:c3:8f:6a:42:
17:80:2a:9e:db:21:4d:8f:be:81:50:0d:37:d9:22:
64:a5:7d:fa:8b:d2:32:1f:c4:ec:1b:0f:97:85:d2:
92:24:a5:71:5e:c8:d8:21:ed:0e:34:44:3a:19:f2:
16:40:52:1f:9b:fb:21:db:b1:9a:d9:a3:61:7b:5a:
dd:db:17:15:96:15:a0:8d:dd:78:ac:0b:0b:50:8e:
34:fc:bd:42:b6:2f:6a:cc:8f:02:f3:94:51:d4:b1:
27:2d:c4:82:0f:d2:7f:7f:46:51:ad:8b:02:16:4a:
fb:e7:c7:a4:c0:f0:b4:f0:01:70:b1:1c:ea:5e:21:
bf:1e:46:09:f3:de:6f:3e:ed:a5:24:e5:11:0a:53:
ee:a5:b8:97:33:18:50:ad:5b:f3:94:7a:6b:77:fa:
ee:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D4:19:17:EA:CE:91:8B:A8:AD:91:37:E0:E7:77:DF:4D:C0:10:A8
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/x9QZF-rOkYuorZE34Od3303AEKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.8.205.0/24
45.9.5.0/24
Signature Algorithm: sha256WithRSAEncryption
47:68:d3:32:f9:8b:28:19:40:fc:46:b7:bc:65:21:55:2c:51:
9a:3e:1d:d9:09:08:32:09:9f:a6:14:92:1f:a1:99:81:b4:cd:
cf:50:14:a0:41:90:70:a9:49:e5:12:b3:6e:a0:4a:75:75:1b:
a6:46:31:4f:17:cd:1b:6c:97:81:17:50:2b:6b:9b:d3:68:3b:
0e:69:89:3f:a6:0d:5a:a8:67:a0:02:06:c5:ac:04:f4:1f:e7:
2d:c2:77:b1:46:70:23:29:de:96:bb:40:d1:e8:1c:45:d3:c6:
b9:e2:cb:3b:87:88:8e:57:3c:8e:4b:b9:05:ec:90:14:3e:2c:
3c:a1:ab:32:60:0e:58:d1:ba:f9:2e:1c:9c:88:74:30:58:d9:
47:b1:90:92:f4:94:79:71:c6:0f:b5:df:dd:ee:82:1c:24:03:
57:9f:ff:a3:77:68:02:0e:e7:41:be:b0:65:ca:b6:8f:59:17:
81:85:bf:68:55:77:da:dc:41:d7:e8:99:e7:aa:0d:9e:6c:8f:
f5:d1:87:8a:0a:84:7d:af:fe:a6:40:fb:dd:ce:e2:69:26:07:
28:f8:47:06:ea:05:17:1d:7c:a6:25:11:4c:8a:0f:49:43:83:
8e:c8:da:44:22:1c:4e:a0:6e:31:87:15:40:82:94:ef:b8:15:
16:05:f5:22
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZfcBeKi7HfkFgBNDui2OSusMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNzA1MTkxNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2Q0MTkxN2VhY2U5MThiYThhZDkxMzdlMGU3NzdkZjRkYzAxMGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj593wPEYVnFUVNIkdTg0wCS2Mdwt
Kvngvu0gLDHnw2MSu2pL3tGgLeGRDz49CrcQTZwTAKgTkwo6wNITnOc1T2YBxthM
NFPSHBqqmNF+VcXZLzUIATt76HVGpViLMZde4+x5OsOPakIXgCqe2yFNj76BUA03
2SJkpX36i9IyH8TsGw+XhdKSJKVxXsjYIe0ONEQ6GfIWQFIfm/sh27Ga2aNhe1rd
2xcVlhWgjd14rAsLUI40/L1Cti9qzI8C85RR1LEnLcSCD9J/f0ZRrYsCFkr758ek
wPC08AFwsRzqXiG/HkYJ895vPu2lJOURClPupbiXMxhQrVvzlHprd/ruJwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMfUGRfqzpGLqK2RN+Dnd99NwBCoMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEveDlRWkYtck9rWXVvclpFMzRPZDMzMDNBRUtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQjNAwQA
LQkFMA0GCSqGSIb3DQEBCwUAA4IBAQBHaNMy+YsoGUD8Rre8ZSFVLFGaPh3ZCQgy
CZ+mFJIfoZmBtM3PUBSgQZBwqUnlErNuoEp1dRumRjFPF80bbJeBF1Ara5vTaDsO
aYk/pg1aqGegAgbFrAT0H+ctwnexRnAjKd6Wu0DR6BxF08a54ss7h4iOVzyOS7kF
7JAUPiw8oasyYA5Y0br5LhyciHQwWNlHsZCS9JR5ccYPtd/d7oIcJANXn/+jd2gC
DudBvrBlyraPWReBhb9oVXfa3EHX6Jnnqg2ebI/10YeKCoR9r/6mQPvdzuJpJgco
+EcG6gUXHXymJRFMig9JQ4OOyNpEIhxOoG4xhxVAgpTvuBUWBfUi
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:18:18 2025 by rpki-client