Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/IEZXGzSGc0oZV2FOj1fC8SaluvM.roa
File: IEZXGzSGc0oZV2FOj1fC8SaluvM.roa (raw, json)
Hash identifier: 17V/CT/Sm5SLyUq5dawMmmyz+KUotWUFoOT4mEc9KJ4=
Subject key identifier: 20:46:57:1B:34:86:73:4A:19:57:61:4E:8F:57:C2:F1:26:A5:BA:F3
Certificate issuer: /CN=aa5212958d8e1baa144a82a821f93a890dcba49a
Certificate serial: 0197CAB3FC6DE2C92271216CB19C802A08C0
Authority key identifier: AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/IEZXGzSGc0oZV2FOj1fC8SaluvM.roa
Signing time: Wed 02 Jul 2025 10:34:42 +0000
ROA not before: Wed 02 Jul 2025 10:34:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 43.226.224.0/22 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Jul 2025 11:27:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:b3:fc:6d:e2:c9:22:71:21:6c:b1:9c:80:2a:08:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa5212958d8e1baa144a82a821f93a890dcba49a
Validity
Not Before: Jul 2 10:34:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2046571b3486734a1957614e8f57c2f126a5baf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c0:57:7b:9c:bc:0d:f6:5c:8f:ed:46:18:03:
04:a4:9e:75:54:f2:a6:07:78:55:14:92:aa:7d:fd:
56:c8:5c:2e:0e:b2:34:4d:3a:1c:0f:92:7b:b5:ee:
5c:42:ea:81:3f:e1:3a:84:81:5b:2e:5e:ae:c2:5f:
ba:47:bb:0e:77:4a:17:94:c1:75:39:b3:08:c7:1d:
95:99:3d:54:a8:1a:79:93:48:de:c0:e9:b1:0b:80:
8e:fe:e7:89:d3:e8:df:a6:d1:f8:e8:83:3a:03:c2:
72:c2:67:8c:5f:97:02:39:be:64:f6:fc:0f:2f:b5:
06:f3:5a:9d:23:b5:55:89:cb:96:6d:d1:b5:b8:af:
fa:fb:6d:70:b5:f7:05:76:97:f1:1c:1c:08:b6:cc:
f2:a2:22:08:5b:30:75:92:d7:5c:03:75:1e:fe:fd:
1d:c9:ee:bc:14:fb:26:46:c8:7e:71:bf:5d:9b:95:
9c:a1:f6:04:4d:df:c8:7b:49:12:8d:81:3f:fc:37:
4f:fe:da:7e:62:95:85:5a:33:d8:98:b9:e5:07:db:
d6:ee:5f:55:60:bf:5c:e8:c4:80:72:66:63:6a:da:
25:01:d7:a5:ab:d2:fc:56:39:b4:8f:9c:92:45:7f:
18:2a:0a:6b:ee:0b:a7:bd:a9:20:ab:c5:af:fe:ff:
a3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:46:57:1B:34:86:73:4A:19:57:61:4E:8F:57:C2:F1:26:A5:BA:F3
X509v3 Authority Key Identifier:
keyid:AA:52:12:95:8D:8E:1B:AA:14:4A:82:A8:21:F9:3A:89:0D:CB:A4:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qlISlY2OG6oUSoKoIfk6iQ3LpJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/IEZXGzSGc0oZV2FOj1fC8SaluvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d8e5e3-f897-4da2-9df6-b401a4a04492/1/qlISlY2OG6oUSoKoIfk6iQ3LpJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.226.224.0/22
Signature Algorithm: sha256WithRSAEncryption
81:34:63:4d:4e:83:da:a0:86:1e:83:b6:f0:33:5a:45:80:73:
e6:76:f5:f4:6a:32:f6:e6:d6:23:fe:2d:8e:ac:22:08:2f:81:
2b:73:39:72:c2:ef:3a:d3:18:f8:03:1b:d5:d2:6d:c9:fe:bd:
86:b8:6f:2e:4d:44:8f:f0:c3:1f:0d:2a:72:a5:7a:52:9d:2e:
ad:c8:f2:43:b4:c4:e1:f8:0e:76:91:b1:3e:1c:5a:99:a0:9d:
96:e2:03:5d:ef:f6:f1:d7:2c:3b:ab:ea:5a:e2:0a:20:b8:10:
88:08:6a:f0:f4:42:33:28:94:a7:de:02:49:2b:bd:fe:43:4c:
d7:4d:38:40:47:d1:f5:21:a5:92:55:e3:41:41:5c:b3:3f:fc:
c7:51:0d:bd:76:ea:d6:5e:eb:11:1b:b4:69:29:8f:d4:c0:d2:
3c:6d:31:df:4f:6e:bc:8e:a5:aa:cb:45:fc:15:58:72:fd:4e:
ac:30:9f:eb:23:fa:51:69:c5:b9:71:ea:a0:9f:ee:ca:2c:ac:
b0:f7:d4:99:fa:cb:9b:03:0e:6e:ed:99:99:2a:b9:e5:d3:1e:
b9:1b:aa:0d:7f:e2:8d:4e:95:85:b8:8c:25:47:f4:3c:0c:7c:
c1:c2:c7:16:e8:d9:be:60:31:63:09:36:d8:1a:25:03:f0:ed:
bd:e7:d7:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfKs/xt4skicSFssZyAKgjAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNTIxMjk1OGQ4ZTFiYWExNDRhODJhODIxZjkzYTg5MGRj
YmE0OWEwHhcNMjUwNzAyMTAzNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQ2NTcxYjM0ODY3MzRhMTk1NzYxNGU4ZjU3YzJmMTI2YTViYWYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsBXe5y8DfZcj+1GGAMEpJ51VPKm
B3hVFJKqff1WyFwuDrI0TTocD5J7te5cQuqBP+E6hIFbLl6uwl+6R7sOd0oXlMF1
ObMIxx2VmT1UqBp5k0jewOmxC4CO/ueJ0+jfptH46IM6A8JywmeMX5cCOb5k9vwP
L7UG81qdI7VVicuWbdG1uK/6+21wtfcFdpfxHBwItszyoiIIWzB1ktdcA3Ue/v0d
ye68FPsmRsh+cb9dm5WcofYETd/Ie0kSjYE//DdP/tp+YpWFWjPYmLnlB9vW7l9V
YL9c6MSAcmZjatolAdelq9L8Vjm0j5ySRX8YKgpr7gunvakgq8Wv/v+jEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBGVxs0hnNKGVdhTo9XwvEmpbrzMB8GA1UdIwQY
MBaAFKpSEpWNjhuqFEqCqCH5OokNy6SaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYt
YjQwMWE0YTA0NDkyLzEvSUVaWEd6U0djMG9aVjJGT2oxZkM4U2FsdXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kOGU1ZTMtZjg5Ny00ZGEyLTlkZjYtYjQwMWE0YTA0NDky
LzEvcWxJU2xZMk9HNm9VU29Lb0lmazZpUTNMcEpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCK+LgMA0G
CSqGSIb3DQEBCwUAA4IBAQCBNGNNToPaoIYeg7bwM1pFgHPmdvX0ajL25tYj/i2O
rCIIL4Erczlywu860xj4AxvV0m3J/r2GuG8uTUSP8MMfDSpypXpSnS6tyPJDtMTh
+A52kbE+HFqZoJ2W4gNd7/bx1yw7q+pa4goguBCICGrw9EIzKJSn3gJJK73+Q0zX
TThAR9H1IaWSVeNBQVyzP/zHUQ29durWXusRG7RpKY/UwNI8bTHfT268jqWqy0X8
FVhy/U6sMJ/rI/pRacW5ceqgn+7KLKyw99SZ+subAw5u7ZmZKrnl0x65G6oNf+KN
TpWFuIwlR/Q8DHzBwscW6Nm+YDFjCTbYGiUD8O2959d6
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:27:31 2025 by rpki-client