Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/q0AW6Akxeaj6gIgN5bjkg90wCNk.roa
File: q0AW6Akxeaj6gIgN5bjkg90wCNk.roa (raw, json)
Hash identifier: Vq1bLZo4DjBh/Qp9tMA0hzAc3Eq94LD+4sZ3i6Jp8oA=
Subject key identifier: AB:40:16:E8:09:31:79:A8:FA:80:88:0D:E5:B8:E4:83:DD:30:08:D9
Certificate issuer: /CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Certificate serial: 01974BC20D6BC10DA37E500AA24F86223742
Authority key identifier: 14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/q0AW6Akxeaj6gIgN5bjkg90wCNk.roa
Signing time: Sat 07 Jun 2025 18:58:17 +0000
ROA not before: Sat 07 Jun 2025 18:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213460
IP address blocks: 194.62.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jun 2025 20:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:4b:c2:0d:6b:c1:0d:a3:7e:50:0a:a2:4f:86:22:37:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=143239651db6aab1bcb67325f785b5ee1f4025cb
Validity
Not Before: Jun 7 18:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab4016e8093179a8fa80880de5b8e483dd3008d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:a8:f4:0b:6b:57:87:46:07:8d:08:4c:d6:97:
91:1c:7c:67:e4:ef:2c:ad:5b:e3:4e:7d:ce:84:00:
3b:ce:ea:72:38:83:ca:1e:c8:25:6b:29:71:73:7a:
08:78:9b:58:88:41:42:aa:ab:30:58:2e:0b:48:2b:
be:1a:f7:02:b2:11:30:72:c8:1b:1d:20:2a:f6:f9:
ed:b0:1a:47:65:11:3a:dc:75:57:c3:02:c6:ab:5a:
91:ef:b5:87:6f:6c:bd:57:20:00:11:f1:cf:ab:21:
8b:98:aa:c3:e3:dc:72:b9:1c:4c:54:e9:b8:5a:dd:
d3:84:4f:17:a4:b9:f7:22:fa:a6:76:78:a1:3e:4a:
a8:19:e5:42:1e:92:15:f5:1c:47:f5:11:f9:d7:be:
5b:fb:fa:d3:c9:b5:2f:97:4f:7d:d5:e7:99:d0:74:
26:3a:c5:b4:8c:cf:cf:90:d7:3c:7d:96:8d:2b:0f:
b8:83:fa:28:a3:dd:62:d4:00:5f:cb:18:c3:8b:24:
d8:02:57:3d:3c:22:40:e8:f7:e0:ae:29:c1:d9:2e:
5c:43:6d:8e:5b:1b:48:d0:68:1c:8a:77:86:ff:1a:
b4:78:ef:ba:2c:9f:c9:3c:be:3d:70:9b:d8:34:c5:
16:eb:e4:3e:d3:d8:30:c8:2b:70:5b:c9:3b:ef:f9:
6e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:40:16:E8:09:31:79:A8:FA:80:88:0D:E5:B8:E4:83:DD:30:08:D9
X509v3 Authority Key Identifier:
keyid:14:32:39:65:1D:B6:AA:B1:BC:B6:73:25:F7:85:B5:EE:1F:40:25:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FDI5ZR22qrG8tnMl94W17h9AJcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/q0AW6Akxeaj6gIgN5bjkg90wCNk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/6f46d9-3af0-42aa-b334-6eec77d9b985/1/FDI5ZR22qrG8tnMl94W17h9AJcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.62.40.0/24
Signature Algorithm: sha256WithRSAEncryption
63:f3:db:f8:c8:dc:2c:25:31:f4:72:48:8b:bd:78:ee:df:03:
87:11:67:ac:ff:04:91:21:14:25:d8:64:87:09:ea:31:e0:1d:
b9:ee:30:f4:ea:06:45:6f:b8:52:ab:60:dc:53:ad:61:60:68:
2a:f3:3d:bf:f3:b0:95:32:af:8c:3f:76:61:b8:61:2f:1a:56:
90:fb:66:57:c7:d9:8b:63:f0:c7:be:60:33:ed:4c:b9:a5:ee:
25:e0:3c:9c:9a:40:63:8b:b9:8f:ed:2e:45:28:75:7c:b5:50:
d7:99:99:5e:c0:da:8f:b5:41:64:4a:b3:d1:69:20:cd:6d:8d:
fc:00:d9:24:87:3a:da:05:a3:49:66:19:b1:6a:01:07:6c:6d:
73:85:ac:9d:08:eb:59:e9:24:9b:ac:a3:9e:b1:7b:c3:4d:81:
c8:d3:fe:f0:de:13:47:44:89:b1:f1:b9:8c:84:b1:76:bd:09:
c4:5c:ca:f4:bf:c8:a5:92:98:85:dc:2b:fd:49:6e:fa:44:94:
38:cc:8d:e2:3a:c9:b4:fe:a8:19:a5:cd:65:ce:dd:3b:8f:0f:
73:96:16:81:ef:49:ab:b1:4e:2c:60:3e:3b:a8:e9:c0:ba:6f:
ea:6b:8c:13:9b:24:1f:8f:0c:1b:d1:ca:58:c7:1a:9b:94:cf:
c6:73:2a:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdLwg1rwQ2jflAKok+GIjdCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0MzIzOTY1MWRiNmFhYjFiY2I2NzMyNWY3ODViNWVlMWY0
MDI1Y2IwHhcNMjUwNjA3MTg1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjQwMTZlODA5MzE3OWE4ZmE4MDg4MGRlNWI4ZTQ4M2RkMzAwOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKj0C2tXh0YHjQhM1peRHHxn5O8s
rVvjTn3OhAA7zupyOIPKHsglaylxc3oIeJtYiEFCqqswWC4LSCu+GvcCshEwcsgb
HSAq9vntsBpHZRE63HVXwwLGq1qR77WHb2y9VyAAEfHPqyGLmKrD49xyuRxMVOm4
Wt3ThE8XpLn3IvqmdnihPkqoGeVCHpIV9RxH9RH5175b+/rTybUvl0991eeZ0HQm
OsW0jM/PkNc8fZaNKw+4g/ooo91i1ABfyxjDiyTYAlc9PCJA6PfgrinB2S5cQ22O
WxtI0GgcineG/xq0eO+6LJ/JPL49cJvYNMUW6+Q+09gwyCtwW8k77/luewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKtAFugJMXmo+oCIDeW45IPdMAjZMB8GA1UdIwQY
MBaAFBQyOWUdtqqxvLZzJfeFte4fQCXLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQt
NmVlYzc3ZDliOTg1LzEvcTBBVzZBa3hlYWo2Z0lnTjViamtnOTB3Q05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC82ZjQ2ZDktM2FmMC00MmFhLWIzMzQtNmVlYzc3ZDliOTg1
LzEvRkRJNVpSMjJxckc4dG5NbDk0VzE3aDlBSmNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwj4oMA0G
CSqGSIb3DQEBCwUAA4IBAQBj89v4yNwsJTH0ckiLvXju3wOHEWes/wSRIRQl2GSH
Ceox4B257jD06gZFb7hSq2DcU61hYGgq8z2/87CVMq+MP3ZhuGEvGlaQ+2ZXx9mL
Y/DHvmAz7Uy5pe4l4DycmkBji7mP7S5FKHV8tVDXmZlewNqPtUFkSrPRaSDNbY38
ANkkhzraBaNJZhmxagEHbG1zhaydCOtZ6SSbrKOesXvDTYHI0/7w3hNHRImx8bmM
hLF2vQnEXMr0v8ilkpiF3Cv9SW76RJQ4zI3iOsm0/qgZpc1lzt07jw9zlhaB70mr
sU4sYD47qOnAum/qa4wTmyQfjwwb0cpYxxqblM/GcypE
-----END CERTIFICATE-----
Generated at Tue Jul 29 04:07:15 2025 by rpki-client