Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/5SRG5TyrmO-9E0_6AwcjWIUgtlc.roa
File: 5SRG5TyrmO-9E0_6AwcjWIUgtlc.roa (raw, json)
Hash identifier: MD0xpsrFNYQ6zDJFGs07RDmwRyYUWyRuiWulDdSwUOc=
Subject key identifier: E5:24:46:E5:3C:AB:98:EF:BD:13:4F:FA:03:07:23:58:85:20:B6:57
Certificate issuer: /CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Certificate serial: 0197C704FF65FB0B916BB8253E57EF9F4F2F
Authority key identifier: 93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/5SRG5TyrmO-9E0_6AwcjWIUgtlc.roa
Signing time: Tue 01 Jul 2025 17:24:42 +0000
ROA not before: Tue 01 Jul 2025 17:24:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 194.41.114.0/24 maxlen: 24
2a06:fe40::/32 maxlen: 32
2a0e:2c00::/29 maxlen: 29
2a12:3a80::/32 maxlen: 32
2a12:3a81::/32 maxlen: 32
2a12:3a82::/32 maxlen: 32
2a12:3a83::/32 maxlen: 32
2a12:3a84::/32 maxlen: 32
2a12:3a85::/32 maxlen: 32
2a12:3a86::/32 maxlen: 32
2a12:3a87::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 09 Jul 2025 11:41:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c7:04:ff:65:fb:0b:91:6b:b8:25:3e:57:ef:9f:4f:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93677d7cb9271ce361256e9833cc7b14fd023ebe
Validity
Not Before: Jul 1 17:24:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e52446e53cab98efbd134ffa030723588520b657
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:b0:31:e8:d3:95:24:83:2a:77:31:3f:f0:c8:
a7:b8:eb:d0:d8:1a:16:21:47:9d:26:19:0a:6f:37:
06:4a:23:8f:5f:9f:84:91:56:7c:2f:e2:5f:7d:6a:
a6:1b:46:70:c9:cd:1b:c7:5e:84:06:1c:e2:ba:25:
ff:90:db:b9:98:a4:5a:76:f4:97:53:6f:62:b3:e9:
4b:5d:f1:3e:5c:55:ed:e7:1f:21:eb:de:b8:0a:fc:
27:63:b2:ec:e2:9b:1c:b7:4a:30:f7:d1:2a:68:f6:
6e:c0:46:1a:1c:c9:16:5d:f5:a6:82:ae:1e:58:b6:
a7:b1:f5:2d:cc:a0:da:7b:97:84:f3:be:dd:9c:05:
2e:77:a2:f2:52:6f:b5:23:bd:48:7d:81:d5:72:65:
49:3b:dd:62:ec:11:6d:2d:c1:ad:ed:7a:3d:a3:ec:
8e:84:40:58:a1:ed:ad:78:f1:b5:6a:96:86:c5:99:
5b:ed:81:89:f6:ec:5d:93:31:a8:c2:d4:d7:95:36:
95:b0:7b:b4:4f:f8:2b:11:2c:d2:10:d3:b0:13:a8:
ed:ae:a2:0e:a6:46:5f:91:30:4c:9b:64:16:52:ac:
b9:59:7f:62:4c:7a:b6:11:60:a2:82:64:48:26:1e:
65:85:b6:66:d6:4c:2b:bb:b2:ae:22:52:ab:8f:08:
9f:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:24:46:E5:3C:AB:98:EF:BD:13:4F:FA:03:07:23:58:85:20:B6:57
X509v3 Authority Key Identifier:
keyid:93:67:7D:7C:B9:27:1C:E3:61:25:6E:98:33:CC:7B:14:FD:02:3E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2d9fLknHONhJW6YM8x7FP0CPr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/5SRG5TyrmO-9E0_6AwcjWIUgtlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9c6da-8ea0-46b7-a1a6-99acb99ce754/1/k2d9fLknHONhJW6YM8x7FP0CPr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.41.114.0/24
IPv6:
2a06:fe40::/32
2a0e:2c00::/29
2a12:3a80::/29
Signature Algorithm: sha256WithRSAEncryption
46:08:8a:1c:50:82:81:6a:dc:3a:a3:46:e9:f9:dd:ec:e8:c3:
f9:a5:b8:c6:05:ce:d9:88:b8:0d:1c:9d:71:e7:73:27:99:1b:
cb:c9:30:de:d8:8f:89:09:5e:40:ed:16:23:13:42:06:72:dc:
b3:1e:1c:90:b4:08:75:4c:66:03:87:e3:54:63:d9:ba:29:e5:
15:1e:ed:8f:a3:51:18:a2:d7:8a:cb:1b:9b:11:10:8b:25:1b:
2f:ef:7f:50:73:3f:e8:dd:6f:a9:7b:55:92:b9:9f:f9:d7:1b:
9e:71:70:48:62:79:7f:5c:69:5a:fe:ec:89:df:20:a5:c3:7e:
d6:10:43:b4:4a:3b:ad:1b:33:d7:7a:62:e2:8c:91:e0:cc:76:
70:f3:54:bf:ef:e8:6a:73:c1:4b:7a:4b:43:da:a6:e1:18:28:
95:4a:4f:37:6e:a7:54:a7:f8:52:e3:82:06:79:6a:07:a1:ec:
d0:ed:0f:1f:c8:ef:4a:d5:80:b2:4e:00:fb:b1:fe:c7:e2:6d:
09:78:d9:38:b1:47:35:44:d9:d9:66:79:c9:63:20:f1:ed:b4:
aa:e2:c9:80:76:25:7a:80:26:95:19:50:75:76:f0:91:80:8c:
ac:10:07:9b:8c:c0:78:9b:75:20:07:77:d8:8a:4a:f0:ac:01:
fb:dd:f6:e1
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZfHBP9l+wuRa7glPlfvn08vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjc3ZDdjYjkyNzFjZTM2MTI1NmU5ODMzY2M3YjE0ZmQw
MjNlYmUwHhcNMjUwNzAxMTcyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTI0NDZlNTNjYWI5OGVmYmQxMzRmZmEwMzA3MjM1ODg1MjBiNjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAubAx6NOVJIMqdzE/8MinuOvQ2BoW
IUedJhkKbzcGSiOPX5+EkVZ8L+JffWqmG0Zwyc0bx16EBhziuiX/kNu5mKRadvSX
U29is+lLXfE+XFXt5x8h6964CvwnY7Ls4psct0ow99EqaPZuwEYaHMkWXfWmgq4e
WLansfUtzKDae5eE877dnAUud6LyUm+1I71IfYHVcmVJO91i7BFtLcGt7Xo9o+yO
hEBYoe2tePG1apaGxZlb7YGJ9uxdkzGowtTXlTaVsHu0T/grESzSENOwE6jtrqIO
pkZfkTBMm2QWUqy5WX9iTHq2EWCigmRIJh5lhbZm1kwru7KuIlKrjwifGQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOUkRuU8q5jvvRNP+gMHI1iFILZXMB8GA1UdIwQY
MBaAFJNnfXy5JxzjYSVumDPMexT9Aj6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYt
OTlhY2I5OWNlNzU0LzEvNVNSRzVUeXJtTy05RTBfNkF3Y2pXSVVndGxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWM2ZGEtOGVhMC00NmI3LWExYTYtOTlhY2I5OWNlNzU0
LzEvazJkOWZMa25IT05oSlc2WU04eDdGUDBDUHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAwilyMBsE
AgACMBUDBQAqBv5AAwUDKg4sAAMFAyoSOoAwDQYJKoZIhvcNAQELBQADggEBAEYI
ihxQgoFq3DqjRun53ezow/mluMYFztmIuA0cnXHncyeZG8vJMN7Yj4kJXkDtFiMT
QgZy3LMeHJC0CHVMZgOH41Rj2bop5RUe7Y+jURii14rLG5sREIslGy/vf1BzP+jd
b6l7VZK5n/nXG55xcEhieX9caVr+7InfIKXDftYQQ7RKO60bM9d6YuKMkeDMdnDz
VL/v6GpzwUt6S0PapuEYKJVKTzdup1Sn+FLjggZ5ageh7NDtDx/I70rVgLJOAPux
/sfibQl42TixRzVE2dlmecljIPHttKriyYB2JXqAJpUZUHV28JGAjKwQB5uMwHib
dSAHd9iKSvCsAfvd9uE=
-----END CERTIFICATE-----
Generated at Tue Jul 29 03:33:59 2025 by rpki-client