Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cXqUHjXIdkCjiYC2AV1wZFJyB5g.roa
File: cXqUHjXIdkCjiYC2AV1wZFJyB5g.roa (raw, json)
Hash identifier: np+3GbObKF9n/xFpAgpszYiKOKSCQdd/Amt6+69k5fI=
Subject key identifier: 71:7A:94:1E:35:C8:76:40:A3:89:80:B6:01:5D:70:64:52:72:07:98
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0196DA315EF1AE1497B8F07F181BDB62778E
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cXqUHjXIdkCjiYC2AV1wZFJyB5g.roa
Signing time: Fri 16 May 2025 17:43:10 +0000
ROA not before: Fri 16 May 2025 17:43:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211659
IP address blocks: 77.83.206.0/24 maxlen: 24
193.176.22.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Jun 2025 18:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:da:31:5e:f1:ae:14:97:b8:f0:7f:18:1b:db:62:77:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: May 16 17:43:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=717a941e35c87640a38980b6015d706452720798
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bf:6a:ee:8d:56:07:ae:48:2a:cf:f8:aa:10:
4b:86:40:e8:f0:71:57:f3:6b:43:18:b0:c4:7b:94:
e4:3b:8f:8c:8c:b0:fb:a3:2c:61:68:dd:fc:75:52:
0f:51:c7:55:91:a8:a8:fd:94:b8:c6:94:e4:7f:66:
be:26:35:67:1d:d4:02:8c:20:30:28:97:18:1e:ae:
85:ef:8f:ad:4f:9c:45:1e:89:d5:3a:3f:3d:85:e4:
38:2b:96:7a:36:28:82:01:4f:e9:95:28:3f:b0:78:
94:a5:ee:d1:05:95:95:02:7e:2f:57:a8:40:55:dd:
4f:cf:f0:9a:50:30:62:26:88:5b:54:60:4a:e6:9f:
ce:0a:24:66:94:f3:99:19:c4:5d:69:7d:1b:d1:d7:
cb:2a:5f:7a:86:d1:f7:da:43:91:b0:e4:3d:bc:9c:
b6:79:6c:e1:89:47:41:47:a7:18:3c:c2:6f:d2:53:
b6:a3:35:28:83:f9:10:27:1f:08:be:f6:9f:1b:5d:
94:fc:ae:7f:71:b6:c9:d0:08:dd:a8:79:c9:b1:8f:
95:7f:30:7c:17:63:88:1f:8d:94:a7:58:c0:6b:73:
2c:ff:89:b2:44:63:d5:57:83:64:04:af:2c:d9:68:
24:81:00:78:9a:a3:63:72:4d:a2:39:29:4e:75:bb:
78:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:7A:94:1E:35:C8:76:40:A3:89:80:B6:01:5D:70:64:52:72:07:98
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/cXqUHjXIdkCjiYC2AV1wZFJyB5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.83.206.0/24
193.176.22.0/24
Signature Algorithm: sha256WithRSAEncryption
59:89:cc:31:f3:1c:ac:bd:c6:be:e1:0e:5d:8b:2e:f6:cc:48:
cd:7f:3e:20:72:38:3b:c4:81:5c:21:e3:a4:26:96:71:37:5d:
d3:55:a5:d7:2a:6e:4c:54:19:9e:e8:d6:8c:8b:69:57:f4:24:
fd:40:2a:58:0c:27:26:cd:c3:a5:92:c2:b2:ab:e5:21:50:0b:
b1:e4:1d:ce:94:e2:c2:65:73:8a:10:d2:e0:ef:6c:5c:df:64:
e2:0a:34:d7:db:fa:00:34:94:6f:e8:9d:15:8e:32:4b:f8:ff:
ff:98:54:b3:60:dd:1f:73:37:c1:01:92:38:f8:47:3b:d9:bc:
a4:b1:32:f4:c9:0b:c5:d4:c8:b8:fa:a9:30:1a:1a:a6:c2:e0:
5e:00:e7:75:fe:29:e9:1a:cd:78:8f:75:85:9c:4c:a9:0b:16:
07:ab:ab:b6:e2:12:e8:e1:de:1b:d3:3b:d7:18:d0:e8:b6:bc:
c2:b8:d3:53:c2:47:75:26:10:c4:ba:35:13:f6:25:97:7a:72:
fd:ba:61:99:7e:ed:40:cd:10:e3:01:e8:cf:29:c6:9f:fc:52:
ab:4c:69:25:cd:37:29:cb:2b:5b:56:46:b2:a1:fd:58:1a:de:
1f:de:1c:2c:37:d2:84:35:1e:03:db:e9:3a:fd:d1:60:98:33:
e7:c2:32:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbaMV7xrhSXuPB/GBvbYneOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNTE2MTc0MzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTdhOTQxZTM1Yzg3NjQwYTM4OTgwYjYwMTVkNzA2NDUyNzIwNzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur9q7o1WB65IKs/4qhBLhkDo8HFX
82tDGLDEe5TkO4+MjLD7oyxhaN38dVIPUcdVkaio/ZS4xpTkf2a+JjVnHdQCjCAw
KJcYHq6F74+tT5xFHonVOj89heQ4K5Z6NiiCAU/plSg/sHiUpe7RBZWVAn4vV6hA
Vd1Pz/CaUDBiJohbVGBK5p/OCiRmlPOZGcRdaX0b0dfLKl96htH32kORsOQ9vJy2
eWzhiUdBR6cYPMJv0lO2ozUog/kQJx8IvvafG12U/K5/cbbJ0AjdqHnJsY+VfzB8
F2OIH42Up1jAa3Ms/4myRGPVV4NkBK8s2WgkgQB4mqNjck2iOSlOdbt4oQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHF6lB41yHZAo4mAtgFdcGRScgeYMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvY1hxVUhqWElka0NqaVlDMkFWMXdaRkp5QjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVPOAwQA
wbAWMA0GCSqGSIb3DQEBCwUAA4IBAQBZicwx8xysvca+4Q5diy72zEjNfz4gcjg7
xIFcIeOkJpZxN13TVaXXKm5MVBme6NaMi2lX9CT9QCpYDCcmzcOlksKyq+UhUAux
5B3OlOLCZXOKENLg72xc32TiCjTX2/oANJRv6J0VjjJL+P//mFSzYN0fczfBAZI4
+Ec72byksTL0yQvF1Mi4+qkwGhqmwuBeAOd1/inpGs14j3WFnEypCxYHq6u24hLo
4d4b0zvXGNDotrzCuNNTwkd1JhDEujUT9iWXenL9umGZfu1AzRDjAejPKcaf/FKr
TGklzTcpyytbVkayof1YGt4f3hwsN9KENR4D2+k6/dFgmDPnwjL/
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:12:54 2025 by rpki-client