Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/B9WUXrQZp_upQf2LIo17QCRHgvA.roa
File: B9WUXrQZp_upQf2LIo17QCRHgvA.roa (raw, json)
Hash identifier: 1TGqziXuHrhAH8HXF9Tx3LwOI4C5V4E//D9hT3Ah4Ps=
Subject key identifier: 07:D5:94:5E:B4:19:A7:FB:A9:41:FD:8B:22:8D:7B:40:24:47:82:F0
Certificate issuer: /CN=bd049ca42e1d82ce27b54bbfd017781d545a79b7
Certificate serial: 0197C5B4FE6A5D0022D233597CB0BDBE5333
Authority key identifier: BD:04:9C:A4:2E:1D:82:CE:27:B5:4B:BF:D0:17:78:1D:54:5A:79:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vQScpC4dgs4ntUu_0Bd4HVRaebc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/B9WUXrQZp_upQf2LIo17QCRHgvA.roa
Signing time: Tue 01 Jul 2025 11:17:42 +0000
ROA not before: Tue 01 Jul 2025 11:17:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203644
IP address blocks: 91.207.32.0/23 maxlen: 23
91.207.32.0/24 maxlen: 24
91.207.33.0/24 maxlen: 24
185.128.100.0/22 maxlen: 22
185.128.100.0/23 maxlen: 23
185.128.102.0/23 maxlen: 23
193.19.78.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 02 Jul 2025 07:25:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c5:b4:fe:6a:5d:00:22:d2:33:59:7c:b0:bd:be:53:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd049ca42e1d82ce27b54bbfd017781d545a79b7
Validity
Not Before: Jul 1 11:17:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=07d5945eb419a7fba941fd8b228d7b40244782f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ca:9b:a9:e9:9c:a1:8f:e8:d5:4d:74:a7:53:
2d:8d:ae:18:f9:ad:ee:80:c3:f6:ce:b5:d6:b3:81:
a2:bf:8a:84:66:4c:2e:0e:a0:ae:01:e9:af:94:05:
f1:1d:51:8d:3b:bc:d0:18:3c:f2:a9:6b:f4:17:c9:
8c:95:55:a0:89:41:82:93:04:17:2f:6c:91:46:b8:
2a:d9:ae:0a:2e:f1:6c:79:b0:d1:de:99:99:53:b5:
47:03:d0:28:c1:19:2a:b1:14:19:02:63:b6:15:b1:
c4:81:c9:75:e9:c6:d1:a6:ff:c1:24:48:53:47:43:
ac:0f:35:2a:9b:7c:9c:96:dc:dc:2e:6b:bf:c8:98:
f5:eb:cc:21:83:c5:01:bd:89:d1:88:c7:38:90:d0:
8b:fc:d3:96:91:9b:5b:e1:e0:7e:55:a3:b3:f4:c6:
0b:5a:e8:28:cf:93:48:ce:c0:ad:d0:21:62:da:ba:
f2:5b:1f:53:68:ce:a0:c1:e1:5a:12:d7:83:d2:70:
0b:e2:49:02:77:62:06:05:b5:5f:5a:cc:b6:90:35:
d9:6f:e6:37:54:9b:e9:4c:cc:95:e4:70:2a:0a:e6:
35:48:70:f3:07:a9:51:97:34:4b:bb:a9:28:56:03:
4f:79:cd:0c:38:1e:b1:7e:2f:73:93:b3:6a:22:0b:
02:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:D5:94:5E:B4:19:A7:FB:A9:41:FD:8B:22:8D:7B:40:24:47:82:F0
X509v3 Authority Key Identifier:
keyid:BD:04:9C:A4:2E:1D:82:CE:27:B5:4B:BF:D0:17:78:1D:54:5A:79:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vQScpC4dgs4ntUu_0Bd4HVRaebc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/B9WUXrQZp_upQf2LIo17QCRHgvA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/f4820f-e815-44f3-af65-1aa034a2af9c/1/vQScpC4dgs4ntUu_0Bd4HVRaebc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.207.32.0/23
185.128.100.0/22
193.19.78.0/23
Signature Algorithm: sha256WithRSAEncryption
93:b6:6e:a1:86:f6:29:55:03:77:54:4d:12:f6:50:a0:68:15:
9b:db:1d:78:6b:22:fd:07:4f:16:dc:b2:5c:cf:f1:16:f3:c3:
d8:4b:cd:33:87:22:97:1f:19:02:cd:3f:81:c6:58:de:c7:0d:
c3:df:ce:96:ff:49:07:06:72:e7:da:4f:07:ec:32:d3:e5:49:
1d:b5:42:05:de:6c:c9:e5:1b:ce:52:06:73:2b:1a:2d:91:12:
f8:5b:02:db:83:4a:3d:80:1b:05:0b:51:48:a4:4d:34:61:84:
68:b6:b0:2f:b7:50:d2:20:c8:df:b6:94:81:0a:30:9d:70:ef:
30:f8:99:be:73:58:02:fc:28:0b:12:5a:7a:9b:d2:7d:8c:2c:
f1:a7:3c:4f:e0:35:25:6f:a8:64:87:04:fe:9e:2c:82:3b:98:
1f:4f:d2:58:8c:00:4c:cb:14:0b:96:5e:f1:0d:97:dc:cf:5f:
f8:ca:a2:5a:2a:6d:bd:90:d9:f2:3a:43:12:53:24:6a:1d:29:
7d:15:ce:5e:86:69:13:ec:3f:ee:ce:a0:4d:15:c5:6d:c2:9c:
9f:55:48:93:07:49:79:e5:7c:0e:9a:34:48:31:26:85:7e:c7:
df:ab:d8:fc:e4:00:28:ea:96:c6:e8:10:e6:47:3e:1b:ba:21:
e2:f9:f4:fe
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfFtP5qXQAi0jNZfLC9vlMzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkMDQ5Y2E0MmUxZDgyY2UyN2I1NGJiZmQwMTc3ODFkNTQ1
YTc5YjcwHhcNMjUwNzAxMTExNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Q1OTQ1ZWI0MTlhN2ZiYTk0MWZkOGIyMjhkN2I0MDI0NDc4MmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmcqbqemcoY/o1U10p1Mtja4Y+a3u
gMP2zrXWs4Giv4qEZkwuDqCuAemvlAXxHVGNO7zQGDzyqWv0F8mMlVWgiUGCkwQX
L2yRRrgq2a4KLvFsebDR3pmZU7VHA9AowRkqsRQZAmO2FbHEgcl16cbRpv/BJEhT
R0OsDzUqm3ycltzcLmu/yJj168whg8UBvYnRiMc4kNCL/NOWkZtb4eB+VaOz9MYL
Wugoz5NIzsCt0CFi2rryWx9TaM6gweFaEteD0nAL4kkCd2IGBbVfWsy2kDXZb+Y3
VJvpTMyV5HAqCuY1SHDzB6lRlzRLu6koVgNPec0MOB6xfi9zk7NqIgsCZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAfVlF60Gaf7qUH9iyKNe0AkR4LwMB8GA1UdIwQY
MBaAFL0EnKQuHYLOJ7VLv9AXeB1UWnm3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlFTY3BDNGRnczRudFV1XzBCZDRIVlJhZWJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9mNDgyMGYtZTgxNS00NGYzLWFmNjUt
MWFhMDM0YTJhZjljLzEvQjlXVVhyUVpwX3VwUWYyTElvMTdRQ1JIZ3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9mNDgyMGYtZTgxNS00NGYzLWFmNjUtMWFhMDM0YTJhZjlj
LzEvdlFTY3BDNGRnczRudFV1XzBCZDRIVlJhZWJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW88gAwQC
uYBkAwQBwRNOMA0GCSqGSIb3DQEBCwUAA4IBAQCTtm6hhvYpVQN3VE0S9lCgaBWb
2x14ayL9B08W3LJcz/EW88PYS80zhyKXHxkCzT+Bxljexw3D386W/0kHBnLn2k8H
7DLT5UkdtUIF3mzJ5RvOUgZzKxotkRL4WwLbg0o9gBsFC1FIpE00YYRotrAvt1DS
IMjftpSBCjCdcO8w+Jm+c1gC/CgLElp6m9J9jCzxpzxP4DUlb6hkhwT+niyCO5gf
T9JYjABMyxQLll7xDZfcz1/4yqJaKm29kNnyOkMSUyRqHSl9Fc5ehmkT7D/uzqBN
FcVtwpyfVUiTB0l55XwOmjRIMSaFfsffq9j85AAo6pbG6BDmRz4buiHi+fT+
-----END CERTIFICATE-----
Generated at Sat Jul 26 14:56:57 2025 by rpki-client