Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/vxtf0ykBeRkPO0yq2OV2F1Qa6fY.roa
File: vxtf0ykBeRkPO0yq2OV2F1Qa6fY.roa (raw, json)
Hash identifier: SkOQl07+8tGI7DzwEX8qNppokmy0+FCUIDwu5a/Sdrg=
Subject key identifier: BF:1B:5F:D3:29:01:79:19:0F:3B:4C:AA:D8:E5:76:17:54:1A:E9:F6
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019A0D83A8A63D54C48CC74653CDC15FA745
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/vxtf0ykBeRkPO0yq2OV2F1Qa6fY.roa
Signing time: Wed 22 Oct 2025 20:02:03 +0000
ROA not before: Wed 22 Oct 2025 20:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210537
IP address blocks: 5.83.148.0/24 maxlen: 24
5.175.210.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Nov 2025 16:54:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0d:83:a8:a6:3d:54:c4:8c:c7:46:53:cd:c1:5f:a7:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 22 20:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf1b5fd3290179190f3b4caad8e57617541ae9f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:59:1d:1c:10:f5:8d:73:ad:5b:2f:24:54:05:
0d:f0:2b:6f:f3:a0:ff:8e:a5:fe:91:05:b9:1f:aa:
57:c4:12:29:c0:8e:0a:b1:81:ef:d9:3c:d6:a6:71:
a8:d4:2e:fe:ef:c8:d7:e2:35:04:c2:76:1a:8c:54:
08:1c:e1:b9:ba:99:d5:06:e9:5c:bc:01:29:fc:95:
48:a5:1a:9b:19:73:be:af:70:81:66:fe:23:75:dd:
dd:72:a2:f6:eb:7a:a4:68:bd:01:e3:63:3c:d3:c0:
07:33:db:89:69:f8:ed:de:3d:53:77:67:0f:6f:a0:
0d:a2:02:c2:a1:b1:68:32:c6:d3:8c:55:7c:9c:a8:
e9:24:bb:78:35:19:d0:dd:00:75:a5:b7:80:42:20:
cc:38:43:f7:4a:b7:8e:87:de:6d:02:17:63:bf:c4:
8e:b7:8f:94:54:7d:a6:12:b0:26:25:79:6b:66:dc:
e6:fe:27:e6:af:76:e1:4b:6f:92:bb:5c:e3:88:58:
21:29:f7:c8:52:a0:34:ed:a2:98:21:4a:ca:ac:68:
6f:11:ba:d0:be:24:b1:28:0c:4e:4a:20:38:5d:da:
b0:51:46:09:29:64:1c:64:cd:e1:e2:64:09:a9:df:
56:ef:c3:44:ea:00:59:59:30:e4:89:01:81:60:3b:
aa:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:1B:5F:D3:29:01:79:19:0F:3B:4C:AA:D8:E5:76:17:54:1A:E9:F6
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/vxtf0ykBeRkPO0yq2OV2F1Qa6fY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.148.0/24
5.175.210.0/24
Signature Algorithm: sha256WithRSAEncryption
66:76:eb:d1:d5:4c:e6:a5:d9:58:b0:8b:fc:09:94:4b:fd:ab:
41:4d:90:ab:d4:3b:91:e7:67:fe:11:bb:cb:fd:b0:c4:9c:07:
a7:b9:61:ad:9c:48:f2:c4:ce:34:7e:8f:f2:1b:f3:43:a2:07:
b9:f7:f7:68:3e:ae:25:2c:dc:55:3c:74:a4:bd:20:99:b8:36:
e1:12:9f:b0:a7:c4:1a:0c:1d:68:eb:81:76:d3:47:8c:ac:b6:
c9:a5:3a:6a:c6:7a:4d:a1:ed:71:b7:29:5e:d2:47:f4:89:83:
4f:be:87:b5:7a:dd:1b:2b:46:18:34:cb:7b:b5:db:4b:2f:2b:
21:d7:80:02:ba:64:ab:61:0a:be:94:6b:72:2e:02:03:17:59:
e3:1f:3c:8e:dc:7c:2b:44:56:97:ad:e0:34:25:30:de:5d:52:
10:b1:5a:46:26:76:4a:4c:14:14:be:9d:ad:41:b7:5b:bd:9d:
79:e2:15:af:f9:a5:f2:e8:fc:e2:20:52:ba:11:60:86:85:49:
cb:17:14:14:37:0f:31:fe:a1:c5:e8:df:84:11:45:0f:84:58:
83:ba:ed:a1:97:e9:d3:29:87:f0:23:92:f1:be:d2:ea:d5:24:
be:8c:c4:dd:a3:de:c1:3c:5e:86:c9:e8:04:d8:e6:49:0e:3f:
a6:35:c6:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZoNg6imPVTEjMdGU83BX6dFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDIyMjAwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjFiNWZkMzI5MDE3OTE5MGYzYjRjYWFkOGU1NzYxNzU0MWFlOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo1kdHBD1jXOtWy8kVAUN8Ctv86D/
jqX+kQW5H6pXxBIpwI4KsYHv2TzWpnGo1C7+78jX4jUEwnYajFQIHOG5upnVBulc
vAEp/JVIpRqbGXO+r3CBZv4jdd3dcqL263qkaL0B42M808AHM9uJafjt3j1Td2cP
b6ANogLCobFoMsbTjFV8nKjpJLt4NRnQ3QB1pbeAQiDMOEP3SreOh95tAhdjv8SO
t4+UVH2mErAmJXlrZtzm/ifmr3bhS2+Su1zjiFghKffIUqA07aKYIUrKrGhvEbrQ
viSxKAxOSiA4XdqwUUYJKWQcZM3h4mQJqd9W78NE6gBZWTDkiQGBYDuq/wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL8bX9MpAXkZDztMqtjldhdUGun2MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdnh0ZjB5a0JlUmtQTzB5cTJPVjJGMVFhNmZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABVOUAwQA
Ba/SMA0GCSqGSIb3DQEBCwUAA4IBAQBmduvR1UzmpdlYsIv8CZRL/atBTZCr1DuR
52f+EbvL/bDEnAenuWGtnEjyxM40fo/yG/NDoge59/doPq4lLNxVPHSkvSCZuDbh
Ep+wp8QaDB1o64F200eMrLbJpTpqxnpNoe1xtyle0kf0iYNPvoe1et0bK0YYNMt7
tdtLLysh14ACumSrYQq+lGtyLgIDF1njHzyO3HwrRFaXreA0JTDeXVIQsVpGJnZK
TBQUvp2tQbdbvZ154hWv+aXy6PziIFK6EWCGhUnLFxQUNw8x/qHF6N+EEUUPhFiD
uu2hl+nTKYfwI5LxvtLq1SS+jMTdo97BPF6GyegE2OZJDj+mNcZG
-----END CERTIFICATE-----
Generated at Mon Nov 3 23:16:28 2025 by rpki-client