Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/K_QPvHw9tCYpIeC49Wwji5QrBsc.roa
File: K_QPvHw9tCYpIeC49Wwji5QrBsc.roa (raw, json)
Hash identifier: YeZyDAhfmgfTFpTjOwWM/NXh0cHOYoIbmoH8CpRAPjw=
Subject key identifier: 2B:F4:0F:BC:7C:3D:B4:26:29:21:E0:B8:F5:6C:23:8B:94:2B:06:C7
Certificate issuer: /CN=883f7260650026b973a18a7f3e9958d321ece1db
Certificate serial: 0197CBBE66DC22CE50BD3B78283E81FB3C72
Authority key identifier: 88:3F:72:60:65:00:26:B9:73:A1:8A:7F:3E:99:58:D3:21:EC:E1:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iD9yYGUAJrlzoYp_PplY0yHs4ds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/K_QPvHw9tCYpIeC49Wwji5QrBsc.roa
Signing time: Wed 02 Jul 2025 15:25:42 +0000
ROA not before: Wed 02 Jul 2025 15:25:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215767
IP address blocks: 195.211.71.0/24 maxlen: 24
2a04:aa00::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 15 Jul 2025 07:43:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:be:66:dc:22:ce:50:bd:3b:78:28:3e:81:fb:3c:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=883f7260650026b973a18a7f3e9958d321ece1db
Validity
Not Before: Jul 2 15:25:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2bf40fbc7c3db4262921e0b8f56c238b942b06c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:89:8e:8c:95:01:34:82:72:67:1f:10:d6:0f:
ed:da:f7:2e:f8:8b:c2:81:b5:5f:35:c0:4e:ed:15:
59:b3:be:d0:20:cc:61:66:b4:f4:47:92:f6:ba:47:
39:1d:3b:6b:77:6f:aa:d2:78:a5:07:fc:63:fd:f1:
69:24:b5:b5:54:60:f6:68:73:5d:9e:87:73:3c:49:
27:bd:06:6e:ab:2b:2e:0e:31:86:e4:1b:76:a1:65:
a9:c2:7d:77:80:87:ff:58:13:95:fa:a2:54:8c:20:
00:e3:9f:78:e3:a2:ff:7a:52:5a:2b:9d:3b:dd:f3:
39:81:c9:8a:1e:20:cf:04:72:34:00:7e:ac:7b:f5:
50:94:36:9b:30:13:f5:02:6c:e8:e5:4e:6c:0a:b6:
0b:49:f7:08:28:54:28:b9:ab:97:4c:5c:33:66:64:
aa:63:3e:5d:e5:9d:88:a0:fb:66:1c:6a:90:79:c2:
35:5a:6e:52:2c:f1:d0:f7:63:59:ee:9d:59:a3:91:
09:2c:78:8d:d6:8d:aa:33:63:54:96:f5:ef:89:e4:
20:4b:ed:81:ee:85:a5:65:1c:df:5f:18:d1:4a:94:
f1:a8:aa:f2:c1:72:f1:fb:55:ce:2b:c1:d6:b0:ac:
09:b6:26:f6:ca:cf:dc:6c:7c:63:1d:00:bc:84:74:
f5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:F4:0F:BC:7C:3D:B4:26:29:21:E0:B8:F5:6C:23:8B:94:2B:06:C7
X509v3 Authority Key Identifier:
keyid:88:3F:72:60:65:00:26:B9:73:A1:8A:7F:3E:99:58:D3:21:EC:E1:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iD9yYGUAJrlzoYp_PplY0yHs4ds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/K_QPvHw9tCYpIeC49Wwji5QrBsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/11d4e7-e978-4037-ab09-c09ff16fc34b/1/iD9yYGUAJrlzoYp_PplY0yHs4ds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.211.71.0/24
IPv6:
2a04:aa00::/29
Signature Algorithm: sha256WithRSAEncryption
58:de:aa:69:bd:fc:ff:a9:58:2f:38:40:9d:f7:90:f2:1e:21:
f2:e9:c4:0d:8d:e0:76:7f:c1:f5:74:ca:62:e6:4c:01:e5:9a:
f4:07:cd:ab:bb:de:a6:9c:9f:80:7e:55:aa:21:e5:a5:15:1c:
c9:de:36:68:9f:79:60:4e:62:18:c2:44:6a:68:7e:08:36:16:
ed:17:86:4f:51:7e:96:8a:0c:96:df:ce:ce:d0:9a:8e:cc:a1:
e7:59:52:c3:ef:9c:8f:5a:2f:ed:d3:91:63:22:b6:15:7b:49:
96:54:3a:5b:8a:19:d3:3a:c9:eb:e8:9e:e4:3d:bc:c7:97:f8:
6d:de:4f:24:ad:5f:00:17:16:f8:8e:73:c0:a9:34:5b:16:98:
b3:ef:20:c7:cb:28:f6:22:e8:eb:fa:7c:04:47:05:ed:2a:29:
d9:e6:bd:07:04:36:0f:f9:e5:3e:03:71:3b:1a:3b:5a:82:7d:
3a:c0:3b:f2:9c:a8:0e:8c:c3:20:d8:8e:d8:bb:65:80:ba:e9:
22:f9:e1:b3:f1:bc:25:9e:e2:ea:eb:87:29:f8:db:5d:6a:f4:
f0:96:3e:d6:74:a0:32:43:88:56:37:8e:34:28:99:57:f1:3f:
4a:a9:e9:9d:16:ec:5a:47:b6:78:38:5c:6c:d7:34:12:5e:e4:
07:eb:22:8c
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZfLvmbcIs5QvTt4KD6B+zxyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4M2Y3MjYwNjUwMDI2Yjk3M2ExOGE3ZjNlOTk1OGQzMjFl
Y2UxZGIwHhcNMjUwNzAyMTUyNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmY0MGZiYzdjM2RiNDI2MjkyMWUwYjhmNTZjMjM4Yjk0MmIwNmM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YmOjJUBNIJyZx8Q1g/t2vcu+IvC
gbVfNcBO7RVZs77QIMxhZrT0R5L2ukc5HTtrd2+q0nilB/xj/fFpJLW1VGD2aHNd
nodzPEknvQZuqysuDjGG5Bt2oWWpwn13gIf/WBOV+qJUjCAA459446L/elJaK507
3fM5gcmKHiDPBHI0AH6se/VQlDabMBP1Amzo5U5sCrYLSfcIKFQouauXTFwzZmSq
Yz5d5Z2IoPtmHGqQecI1Wm5SLPHQ92NZ7p1Zo5EJLHiN1o2qM2NUlvXvieQgS+2B
7oWlZRzfXxjRSpTxqKrywXLx+1XOK8HWsKwJtib2ys/cbHxjHQC8hHT1BwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCv0D7x8PbQmKSHguPVsI4uUKwbHMB8GA1UdIwQY
MBaAFIg/cmBlACa5c6GKfz6ZWNMh7OHbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUQ5eVlHVUFKcmx6b1lwX1BwbFkweUhzNGRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS8xMWQ0ZTctZTk3OC00MDM3LWFiMDkt
YzA5ZmYxNmZjMzRiLzEvS19RUHZIdzl0Q1lwSWVDNDlXd2ppNVFyQnNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS8xMWQ0ZTctZTk3OC00MDM3LWFiMDktYzA5ZmYxNmZjMzRi
LzEvaUQ5eVlHVUFKcmx6b1lwX1BwbFkweUhzNGRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAw9NHMA0E
AgACMAcDBQMqBKoAMA0GCSqGSIb3DQEBCwUAA4IBAQBY3qppvfz/qVgvOECd95Dy
HiHy6cQNjeB2f8H1dMpi5kwB5Zr0B82ru96mnJ+AflWqIeWlFRzJ3jZon3lgTmIY
wkRqaH4INhbtF4ZPUX6WigyW387O0JqOzKHnWVLD75yPWi/t05FjIrYVe0mWVDpb
ihnTOsnr6J7kPbzHl/ht3k8krV8AFxb4jnPAqTRbFpiz7yDHyyj2Iujr+nwERwXt
KinZ5r0HBDYP+eU+A3E7Gjtagn06wDvynKgOjMMg2I7Yu2WAuuki+eGz8bwlnuLq
64cp+NtdavTwlj7WdKAyQ4hWN440KJlX8T9KqemdFuxaR7Z4OFxs1zQSXuQH6yKM
-----END CERTIFICATE-----
Generated at Mon Jul 21 09:03:01 2025 by rpki-client