Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/xaEtCauxOuaw94aBy1HzWiJdb98.roa
File: xaEtCauxOuaw94aBy1HzWiJdb98.roa (raw, json)
Hash identifier: 71FgBtN4CgG7YQ8OChZMG6Yb5A5EJWBMyJ52VwLkIRo=
Subject key identifier: C5:A1:2D:09:AB:B1:3A:E6:B0:F7:86:81:CB:51:F3:5A:22:5D:6F:DF
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 019A1110C5EB3E2643B004B180FDBA1DEEC9
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/xaEtCauxOuaw94aBy1HzWiJdb98.roa
Signing time: Thu 23 Oct 2025 12:35:03 +0000
ROA not before: Thu 23 Oct 2025 12:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 109.111.34.0/23 maxlen: 24
109.111.40.0/23 maxlen: 24
185.65.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 25 Oct 2025 14:16:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:11:10:c5:eb:3e:26:43:b0:04:b1:80:fd:ba:1d:ee:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Oct 23 12:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5a12d09abb13ae6b0f78681cb51f35a225d6fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d3:96:dd:d7:cf:af:f0:4c:21:06:2a:98:89:
3b:8f:39:03:ed:34:b1:50:f8:4b:33:de:9e:bf:f0:
bd:e3:01:5b:44:18:0b:4d:3b:b1:23:6b:f8:bf:72:
3c:b1:d4:bf:be:9f:23:a9:7c:9b:f0:30:04:c4:41:
d4:cd:af:e8:c9:43:06:8e:a1:57:ce:27:25:4d:a6:
49:e7:06:dd:15:64:c8:f4:cf:6b:39:1c:bd:ea:09:
78:2c:3c:15:cf:f1:3a:94:bc:d5:83:03:18:68:5c:
a9:a3:86:cf:96:ea:eb:94:7e:a5:e8:87:06:d4:81:
aa:a7:83:91:61:c6:db:98:de:1b:b7:c6:e3:54:59:
07:82:8b:31:1b:68:a9:9b:06:1a:a8:b9:21:db:d4:
d8:5c:cd:47:d7:89:38:90:0f:f7:2a:0c:a2:95:65:
3e:a8:59:aa:99:cf:3e:a3:78:89:0f:3c:da:ba:94:
43:2e:97:37:f8:ad:b2:7c:e7:27:57:0e:55:5c:89:
ff:9d:3d:86:7b:97:a3:53:1d:e1:e6:69:96:54:f1:
61:ba:fd:8a:61:31:83:b3:20:4b:7e:08:4e:a4:f6:
46:65:b1:d1:19:e4:d5:9d:a5:b4:1f:42:b2:ad:aa:
a8:a4:ab:a9:2d:b5:0c:4a:22:b8:c9:e1:43:3c:48:
0e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:A1:2D:09:AB:B1:3A:E6:B0:F7:86:81:CB:51:F3:5A:22:5D:6F:DF
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/xaEtCauxOuaw94aBy1HzWiJdb98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.34.0/23
109.111.40.0/23
185.65.62.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:a0:20:7d:aa:dc:62:07:1d:47:4e:5d:86:d8:4e:52:4d:91:
46:43:36:bf:fc:84:c8:4b:32:35:30:9d:7f:5b:48:de:4b:fc:
6b:99:ac:16:13:6b:67:8d:19:78:d0:78:f3:3a:55:c7:69:ae:
77:3e:c7:93:f5:9e:f1:18:dd:2c:97:7c:34:7b:a5:ee:60:41:
f9:96:1c:ab:04:42:42:e1:57:9d:d5:67:41:53:9e:5e:63:ca:
32:3d:33:81:82:4d:4f:55:6e:30:77:7a:40:19:b2:07:3a:38:
77:ec:59:6e:2d:3a:e1:50:1c:80:d2:58:d8:df:80:4b:4c:d6:
f4:44:b9:fc:2e:0d:93:71:4b:44:b3:1a:06:48:5c:2c:53:9e:
f3:1e:73:d6:1e:86:a0:2c:d6:71:4f:75:14:99:e7:23:b1:4b:
9d:2a:7c:68:b8:ae:f7:47:11:32:ca:9d:54:cf:a8:d8:8a:1a:
da:18:68:fa:fc:db:9a:6e:9e:15:c2:eb:77:c2:a6:6d:41:43:
ed:ae:86:ac:1a:ec:f6:9a:f9:f3:d0:f8:b8:08:fd:29:0a:d9:
76:83:43:29:4f:93:6e:25:8c:59:57:bc:17:70:2f:21:09:96:
33:0f:63:b9:eb:ef:d1:16:8b:9d:1c:14:39:87:71:81:9d:62:
67:53:32:06
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZoREMXrPiZDsASxgP26He7JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUxMDIzMTIzNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNWExMmQwOWFiYjEzYWU2YjBmNzg2ODFjYjUxZjM1YTIyNWQ2ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtOW3dfPr/BMIQYqmIk7jzkD7TSx
UPhLM96ev/C94wFbRBgLTTuxI2v4v3I8sdS/vp8jqXyb8DAExEHUza/oyUMGjqFX
ziclTaZJ5wbdFWTI9M9rORy96gl4LDwVz/E6lLzVgwMYaFypo4bPlurrlH6l6IcG
1IGqp4ORYcbbmN4bt8bjVFkHgosxG2ipmwYaqLkh29TYXM1H14k4kA/3KgyilWU+
qFmqmc8+o3iJDzzaupRDLpc3+K2yfOcnVw5VXIn/nT2Ge5ejUx3h5mmWVPFhuv2K
YTGDsyBLfghOpPZGZbHRGeTVnaW0H0KyraqopKupLbUMSiK4yeFDPEgOKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMWhLQmrsTrmsPeGgctR81oiXW/fMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEveGFFdENhdXhPdWF3OTRhQnkxSHpXaUpkYjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBbW8iAwQB
bW8oAwQAuUE+MA0GCSqGSIb3DQEBCwUAA4IBAQB8oCB9qtxiBx1HTl2G2E5STZFG
Qza//ITISzI1MJ1/W0jeS/xrmawWE2tnjRl40HjzOlXHaa53PseT9Z7xGN0sl3w0
e6XuYEH5lhyrBEJC4Ved1WdBU55eY8oyPTOBgk1PVW4wd3pAGbIHOjh37FluLTrh
UByA0ljY34BLTNb0RLn8Lg2TcUtEsxoGSFwsU57zHnPWHoagLNZxT3UUmecjsUud
KnxouK73RxEyyp1Uz6jYihraGGj6/Nuabp4Vwut3wqZtQUPtroasGuz2mvnz0Pi4
CP0pCtl2g0MpT5NuJYxZV7wXcC8hCZYzD2O56+/RFoudHBQ5h3GBnWJnUzIG
-----END CERTIFICATE-----
Generated at Sat Oct 25 22:14:40 2025 by rpki-client