Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/6tDc0FVfhnafSYQdOSp-iTqs-3U.roa
File: 6tDc0FVfhnafSYQdOSp-iTqs-3U.roa (raw, json)
Hash identifier: javcR12gNIE5+h2DkC9O1W9wAKAxZiPHcHOZBr9j/ns=
Subject key identifier: EA:D0:DC:D0:55:5F:86:76:9F:49:84:1D:39:2A:7E:89:3A:AC:FB:75
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 019721FE2C0AEFCFCF7B21912A64AD5DA350
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/6tDc0FVfhnafSYQdOSp-iTqs-3U.roa
Signing time: Fri 30 May 2025 16:19:54 +0000
ROA not before: Fri 30 May 2025 16:19:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 91.238.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 05 Jun 2025 16:51:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:21:fe:2c:0a:ef:cf:cf:7b:21:91:2a:64:ad:5d:a3:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: May 30 16:19:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ead0dcd0555f86769f49841d392a7e893aacfb75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c2:45:7b:e8:7a:03:9a:ab:d5:f9:f0:7b:3a:
da:16:de:78:5f:60:71:de:d1:13:00:3c:f9:10:5e:
e4:bb:15:3a:81:08:68:b2:f2:2b:5e:31:65:30:3a:
40:52:71:20:48:23:47:dd:c1:ed:10:22:25:a3:b0:
13:c0:72:da:7a:53:36:fb:1e:ff:54:22:c0:27:da:
ad:b8:fb:63:d6:25:6a:19:15:a0:19:ec:8d:d0:9f:
56:dc:20:b3:78:b8:b1:e2:bb:21:08:75:e5:06:56:
ae:d9:92:b5:6c:43:8d:b9:37:94:0d:81:bd:17:de:
66:25:e7:5b:e7:aa:aa:cf:c6:89:e9:dc:8a:d7:f9:
3c:f8:cc:47:00:b5:57:76:73:c7:20:35:00:17:2f:
bb:be:ff:f9:90:df:c6:f3:d6:15:a4:1f:39:2c:b5:
99:1c:c2:ef:eb:c9:2b:ed:2c:50:a9:fb:e3:3b:61:
c9:b6:9c:0c:24:b2:80:58:8b:c5:41:75:fe:f5:8b:
da:1a:7f:cf:bc:10:c2:4e:fc:99:35:de:0a:64:45:
46:e7:2b:82:4e:0c:48:54:3b:78:b7:fc:d8:56:c0:
8f:b5:d5:b4:55:54:dd:84:0f:51:58:33:fc:7e:bf:
25:39:1a:0b:f6:a9:ca:f5:d3:54:3d:75:5a:6b:98:
f9:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:D0:DC:D0:55:5F:86:76:9F:49:84:1D:39:2A:7E:89:3A:AC:FB:75
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/6tDc0FVfhnafSYQdOSp-iTqs-3U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.238.0.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:a7:f5:2a:30:12:11:b1:62:14:9a:c6:c9:75:5a:a4:8a:4b:
8d:d6:90:13:9a:5a:1c:62:9e:41:ff:bd:3b:c4:8a:05:35:7b:
1a:90:00:30:26:51:43:dd:54:2d:23:a3:0e:69:72:be:50:17:
76:95:9a:d3:05:06:43:a7:38:65:11:5a:a4:78:7c:87:50:54:
6e:81:e1:8e:d9:36:41:39:c5:f8:54:ec:b5:cd:32:b7:38:32:
82:e0:b9:f6:53:d4:32:c5:e4:e9:73:4a:1a:dd:4c:7e:ea:c8:
59:95:2e:7f:25:06:8b:f5:a0:33:15:23:e3:80:2c:9e:d6:e3:
6c:85:8b:b6:0a:f2:6e:2c:87:77:60:66:67:bf:35:a9:ba:f9:
eb:80:ca:d9:71:5e:21:03:f6:6a:9f:17:4b:75:22:41:0e:c5:
eb:20:05:0e:ca:5d:bb:fd:fa:34:a1:f5:65:b6:85:3f:ce:71:
a0:7a:e3:5e:cf:a5:73:56:ee:96:1f:07:48:87:11:87:de:f4:
38:ee:c0:83:39:b0:34:76:cb:f5:ea:62:8a:34:28:1d:93:c8:
ef:bd:5b:f0:d5:7d:55:9f:ce:00:78:69:ce:90:1a:1f:94:47:
db:68:49:f8:37:38:26:cb:2a:e5:1a:11:07:82:27:0f:a8:a9:
12:ec:2e:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZch/iwK78/PeyGRKmStXaNQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwNTMwMTYxOTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYWQwZGNkMDU1NWY4Njc2OWY0OTg0MWQzOTJhN2U4OTNhYWNmYjc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcJFe+h6A5qr1fnwezraFt54X2Bx
3tETADz5EF7kuxU6gQhosvIrXjFlMDpAUnEgSCNH3cHtECIlo7ATwHLaelM2+x7/
VCLAJ9qtuPtj1iVqGRWgGeyN0J9W3CCzeLix4rshCHXlBlau2ZK1bEONuTeUDYG9
F95mJedb56qqz8aJ6dyK1/k8+MxHALVXdnPHIDUAFy+7vv/5kN/G89YVpB85LLWZ
HMLv68kr7SxQqfvjO2HJtpwMJLKAWIvFQXX+9YvaGn/PvBDCTvyZNd4KZEVG5yuC
TgxIVDt4t/zYVsCPtdW0VVTdhA9RWDP8fr8lORoL9qnK9dNUPXVaa5j5LwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOrQ3NBVX4Z2n0mEHTkqfok6rPt1MB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvNnREYzBGVmZobmFmU1lRZE9TcC1pVHFzLTNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+4AMA0G
CSqGSIb3DQEBCwUAA4IBAQAep/UqMBIRsWIUmsbJdVqkikuN1pATmlocYp5B/707
xIoFNXsakAAwJlFD3VQtI6MOaXK+UBd2lZrTBQZDpzhlEVqkeHyHUFRugeGO2TZB
OcX4VOy1zTK3ODKC4Ln2U9QyxeTpc0oa3Ux+6shZlS5/JQaL9aAzFSPjgCye1uNs
hYu2CvJuLId3YGZnvzWpuvnrgMrZcV4hA/ZqnxdLdSJBDsXrIAUOyl27/fo0ofVl
toU/znGgeuNez6VzVu6WHwdIhxGH3vQ47sCDObA0dsv16mKKNCgdk8jvvVvw1X1V
n84AeGnOkBoflEfbaEn4NzgmyyrlGhEHgicPqKkS7C7l
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:56:32 2025 by rpki-client