Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/1-bu-gDrfO9hgM-x3FLuiHKnsUu8.roa
File: 1-bu-gDrfO9hgM-x3FLuiHKnsUu8.roa (raw, json)
Hash identifier: Z17X620VD51HBdOaZvnhJ3pp9Tp776GNR44UavdsA2U=
Subject key identifier: F9:BB:BE:80:3A:DF:3B:D8:60:33:EC:77:14:BB:A2:1C:A9:EC:52:EF
Certificate issuer: /CN=883f7260650026b973a18a7f3e9958d321ece1db
Certificate serial: 0197C12033B79E2E4D1E2E85C76220F82A4E
Authority key identifier: 88:3F:72:60:65:00:26:B9:73:A1:8A:7F:3E:99:58:D3:21:EC:E1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iD9yYGUAJrlzoYp_PplY0yHs4ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/1-bu-gDrfO9hgM-x3FLuiHKnsUu8.roa
Signing time: Mon 30 Jun 2025 13:56:42 +0000
ROA not before: Mon 30 Jun 2025 13:56:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215767
IP address blocks: 195.211.71.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Jul 2025 15:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c1:20:33:b7:9e:2e:4d:1e:2e:85:c7:62:20:f8:2a:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=883f7260650026b973a18a7f3e9958d321ece1db
Validity
Not Before: Jun 30 13:56:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9bbbe803adf3bd86033ec7714bba21ca9ec52ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7b:3e:3a:70:50:ae:7a:0d:13:e6:8a:b6:52:
2d:5b:b5:07:33:a6:13:14:0a:35:f1:56:99:6d:ac:
68:3b:e0:7f:72:d8:76:21:d1:54:32:9c:55:84:5d:
29:ff:49:23:6e:89:96:f0:35:29:46:b5:81:e9:31:
0b:e9:a1:9b:79:05:85:70:f6:ac:a2:00:32:d2:1e:
f6:02:37:71:78:2e:76:81:c9:a6:72:e2:a0:53:91:
45:94:ea:af:95:c6:bb:4d:07:80:3c:f2:e6:6c:ae:
e1:d6:73:31:81:05:9b:94:fe:42:69:b0:33:c6:6e:
83:ca:e9:15:dc:19:56:61:17:18:bc:c2:74:35:ea:
7d:10:78:0b:30:ee:3d:fc:cb:cb:3d:7a:3c:84:b2:
a8:6b:56:b7:81:51:cc:3a:1e:cd:ee:21:82:24:df:
b9:81:e6:de:e6:21:ae:f0:29:28:e4:d4:d9:02:a1:
54:b2:b9:77:77:40:a7:eb:ec:bb:31:6b:bc:50:f4:
ea:16:36:b1:cd:cf:13:fc:38:6f:00:43:b6:c1:49:
a3:d1:d0:7c:d9:c7:9b:68:1c:0d:18:b7:07:f9:97:
f7:be:ce:8f:8c:14:f2:6a:8b:6e:cd:fb:4c:e3:37:
c4:3b:f2:ce:fe:dc:6f:78:48:79:d2:d0:ee:c7:cc:
45:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:BB:BE:80:3A:DF:3B:D8:60:33:EC:77:14:BB:A2:1C:A9:EC:52:EF
X509v3 Authority Key Identifier:
keyid:88:3F:72:60:65:00:26:B9:73:A1:8A:7F:3E:99:58:D3:21:EC:E1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iD9yYGUAJrlzoYp_PplY0yHs4ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/1-bu-gDrfO9hgM-x3FLuiHKnsUu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/iD9yYGUAJrlzoYp_PplY0yHs4ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.71.0/24
Signature Algorithm: sha256WithRSAEncryption
45:19:18:3f:77:96:a8:0d:37:6c:9b:e1:c6:ea:19:44:8b:a6:
de:3e:f6:5b:43:be:de:97:c1:f1:68:20:8e:2b:cd:d9:23:23:
52:e8:4b:6d:11:33:1e:be:45:d4:8a:92:01:1b:e5:d1:bf:1e:
68:6e:20:10:1b:ca:cd:60:58:5f:dd:22:02:84:c7:0f:ce:da:
c4:41:a4:25:e4:4e:6d:42:07:cb:37:e9:75:b0:8d:9b:b0:ad:
65:b7:7d:e9:6f:38:0e:d5:40:64:29:71:d1:a2:b8:43:d9:61:
89:d0:9c:c5:98:82:39:7e:68:5f:85:15:47:ab:16:63:36:7b:
bf:52:dd:f4:4c:eb:c1:e9:cd:5f:a0:d6:1a:6a:f9:c1:44:e2:
ed:6e:60:16:ce:d6:c9:fb:55:86:1a:cc:ae:bb:21:d9:70:1a:
97:6d:d7:bb:f2:0d:20:19:ef:8b:02:20:e8:88:d8:e9:73:3e:
88:c0:e8:e3:a4:9e:20:d4:7e:41:f8:14:ce:bf:fe:c2:6e:5c:
71:a0:3d:26:81:09:e9:61:0a:38:96:23:52:2e:53:46:b1:1b:
55:46:6f:cb:24:2b:5b:1a:52:86:f0:e7:52:4b:fa:b1:19:76:
84:85:47:09:23:65:e7:55:d8:aa:4e:02:98:19:08:0e:c7:bc:
7f:e9:f4:e2
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZfBIDO3ni5NHi6Fx2Ig+CpOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2Y3MjYwNjUwMDI2Yjk3M2ExOGE3ZjNlOTk1OGQzMjFl
Y2UxZGIwHhcNMjUwNjMwMTM1NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWJiYmU4MDNhZGYzYmQ4NjAzM2VjNzcxNGJiYTIxY2E5ZWM1MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApHs+OnBQrnoNE+aKtlItW7UHM6YT
FAo18VaZbaxoO+B/cth2IdFUMpxVhF0p/0kjbomW8DUpRrWB6TEL6aGbeQWFcPas
ogAy0h72AjdxeC52gcmmcuKgU5FFlOqvlca7TQeAPPLmbK7h1nMxgQWblP5CabAz
xm6DyukV3BlWYRcYvMJ0Nep9EHgLMO49/MvLPXo8hLKoa1a3gVHMOh7N7iGCJN+5
gebe5iGu8Cko5NTZAqFUsrl3d0Cn6+y7MWu8UPTqFjaxzc8T/DhvAEO2wUmj0dB8
2cebaBwNGLcH+Zf3vs6PjBTyaotuzftM4zfEO/LO/txveEh50tDux8xFWwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPm7voA63zvYYDPsdxS7ohyp7FLvMB8GA1UdIwQY
MBaAFIg/cmBlACa5c6GKfz6ZWNMh7OHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUQ5eVlHVUFKcmx6b1lwX1BwbFkweUhzNGRzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xMWQ0ZTctZTk3OC00MDM3LWFiMDkt
YzA5ZmYxNmZjMzRiLzEvMS1idS1nRHJmTzloZ00teDNGTHVpSEtuc1V1OC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDkvMTFkNGU3LWU5NzgtNDAzNy1hYjA5LWMwOWZmMTZmYzM0
Yi8xL2lEOXlZR1VBSnJsem9ZcF9QcGxZMHlIczRkcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAMPTRzAN
BgkqhkiG9w0BAQsFAAOCAQEARRkYP3eWqA03bJvhxuoZRIum3j72W0O+3pfB8Wgg
jivN2SMjUuhLbREzHr5F1IqSARvl0b8eaG4gEBvKzWBYX90iAoTHD87axEGkJeRO
bUIHyzfpdbCNm7CtZbd96W84DtVAZClx0aK4Q9lhidCcxZiCOX5oX4UVR6sWYzZ7
v1Ld9EzrwenNX6DWGmr5wUTi7W5gFs7WyftVhhrMrrsh2XAal23Xu/INIBnviwIg
6IjY6XM+iMDo46SeINR+QfgUzr/+wm5ccaA9JoEJ6WEKOJYjUi5TRrEbVUZvyyQr
WxpShvDnUkv6sRl2hIVHCSNl51XYqk4CmBkIDse8f+n04g==
-----END CERTIFICATE-----
Generated at Mon Jul 21 09:04:10 2025 by rpki-client