Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/fCuPbMo0pVUEastYIaxWIKHqyhE.roa
File: fCuPbMo0pVUEastYIaxWIKHqyhE.roa (raw, json)
Hash identifier: MtQRGK51nzIdwlaDSu7nsdbdWy4IiVoIFcct1roF0UA=
Subject key identifier: 7C:2B:8F:6C:CA:34:A5:55:04:6A:CB:58:21:AC:56:20:A1:EA:CA:11
Certificate issuer: /CN=ca61478e4d659bece8203c5e8ba8e8f82f0470d7
Certificate serial: 0198FF0CA8CDDEF667AD3B6A491138502EFF
Authority key identifier: CA:61:47:8E:4D:65:9B:EC:E8:20:3C:5E:8B:A8:E8:F8:2F:04:70:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ymFHjk1lm-zoIDxei6jo-C8EcNc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/fCuPbMo0pVUEastYIaxWIKHqyhE.roa
Signing time: Sun 31 Aug 2025 07:34:36 +0000
ROA not before: Sun 31 Aug 2025 07:34:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201194
IP address blocks: 176.117.107.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Sep 2025 15:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ff:0c:a8:cd:de:f6:67:ad:3b:6a:49:11:38:50:2e:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca61478e4d659bece8203c5e8ba8e8f82f0470d7
Validity
Not Before: Aug 31 07:34:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c2b8f6cca34a555046acb5821ac5620a1eaca11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:27:ef:48:3e:41:bb:04:95:5e:90:d7:9f:66:
29:d4:c4:f4:f6:27:6e:fb:12:d8:08:6d:f7:a9:72:
9f:bf:f1:78:4b:99:e3:83:03:52:fb:7c:fb:82:56:
e2:f3:87:5a:bf:a0:31:e6:0c:df:c1:e6:98:ce:b2:
a0:29:6d:06:cc:3d:d5:1d:5d:47:c5:f7:25:e2:5e:
03:f8:50:41:6f:e1:f2:1a:f4:92:1b:c7:a9:f4:44:
25:ad:cf:d6:4c:67:51:72:a6:9b:88:c9:59:e0:73:
3a:a7:6e:35:99:0d:26:54:6e:4c:26:b5:f6:da:d6:
54:f8:92:9e:59:c3:8c:6d:bc:d2:2f:dd:f0:05:4b:
4f:e6:87:79:08:c0:e1:f7:80:09:15:6c:c0:b7:84:
21:b3:13:3b:cf:14:fe:ef:24:4b:29:e2:c1:12:51:
a0:00:ae:dc:1b:87:6b:4f:0c:b9:a1:af:a4:a6:e0:
5e:c1:80:4a:f7:f6:e3:ba:98:84:23:9b:60:d7:1d:
8d:62:a4:7e:a5:6c:a3:19:cc:a3:ba:3d:e2:8c:2a:
64:5a:59:8f:fa:47:13:4b:4d:b9:46:46:89:f3:94:
35:d4:bd:23:d7:2d:63:e8:9f:4e:b4:72:51:20:06:
5f:32:ca:81:44:ab:e3:66:10:d4:d0:71:1f:ae:6e:
c9:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:2B:8F:6C:CA:34:A5:55:04:6A:CB:58:21:AC:56:20:A1:EA:CA:11
X509v3 Authority Key Identifier:
keyid:CA:61:47:8E:4D:65:9B:EC:E8:20:3C:5E:8B:A8:E8:F8:2F:04:70:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ymFHjk1lm-zoIDxei6jo-C8EcNc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/fCuPbMo0pVUEastYIaxWIKHqyhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/279b66-38f1-41a5-90e2-946da5f5efbb/1/ymFHjk1lm-zoIDxei6jo-C8EcNc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.117.107.0/24
Signature Algorithm: sha256WithRSAEncryption
96:c8:60:e1:cc:63:d7:0f:6c:17:f3:f2:78:a0:c9:dc:3e:d4:
8c:1f:a8:d3:3d:1e:40:66:04:92:b1:3a:0a:5c:df:b8:a5:7b:
60:b1:66:94:de:bd:d5:96:eb:b5:37:d3:09:24:47:c9:8c:05:
34:49:ff:e8:a0:5d:9c:84:b8:f2:e6:e0:ed:36:00:b9:33:50:
5f:36:b3:4c:1f:dc:e7:5d:1a:95:8f:23:74:42:e5:45:f0:aa:
e1:08:fa:b1:66:d5:72:dd:6c:e5:ca:40:72:a6:7c:3c:bc:b9:
c3:dd:83:e3:22:e1:5b:63:aa:22:fb:8b:3d:dc:11:67:15:7f:
9b:ce:a0:3f:56:d2:69:3f:16:dc:7d:6f:6e:8e:07:9f:40:b4:
08:13:cb:a4:07:90:82:9f:54:29:18:4f:66:2c:c2:8b:2b:3f:
51:ab:90:7b:cd:97:a9:6a:78:62:55:30:82:3f:68:7d:71:f7:
e3:6a:f7:31:ba:b7:ee:85:aa:3a:ce:95:83:ad:c4:36:5e:b4:
0d:ec:51:9c:73:48:b9:49:bb:75:57:44:12:b5:71:de:6f:82:
cc:01:cc:48:77:4f:86:83:ff:b2:c8:e0:1d:6e:20:78:eb:94:
27:05:0a:dc:72:3d:66:bd:28:a6:39:07:b9:bd:e0:60:0b:3c:
68:8f:9e:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZj/DKjN3vZnrTtqSRE4UC7/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhNjE0NzhlNGQ2NTliZWNlODIwM2M1ZThiYThlOGY4MmYw
NDcwZDcwHhcNMjUwODMxMDczNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzJiOGY2Y2NhMzRhNTU1MDQ2YWNiNTgyMWFjNTYyMGExZWFjYTExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSfvSD5BuwSVXpDXn2Yp1MT09idu
+xLYCG33qXKfv/F4S5njgwNS+3z7glbi84dav6Ax5gzfweaYzrKgKW0GzD3VHV1H
xfcl4l4D+FBBb+HyGvSSG8ep9EQlrc/WTGdRcqabiMlZ4HM6p241mQ0mVG5MJrX2
2tZU+JKeWcOMbbzSL93wBUtP5od5CMDh94AJFWzAt4QhsxM7zxT+7yRLKeLBElGg
AK7cG4drTwy5oa+kpuBewYBK9/bjupiEI5tg1x2NYqR+pWyjGcyjuj3ijCpkWlmP
+kcTS025RkaJ85Q11L0j1y1j6J9OtHJRIAZfMsqBRKvjZhDU0HEfrm7JjQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHwrj2zKNKVVBGrLWCGsViCh6soRMB8GA1UdIwQY
MBaAFMphR45NZZvs6CA8Xouo6PgvBHDXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveW1GSGprMWxtLXpvSUR4ZWk2am8tQzhFY05jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8yNzliNjYtMzhmMS00MWE1LTkwZTIt
OTQ2ZGE1ZjVlZmJiLzEvZkN1UGJNbzBwVlVFYXN0WUlheFdJS0hxeWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8yNzliNjYtMzhmMS00MWE1LTkwZTItOTQ2ZGE1ZjVlZmJi
LzEveW1GSGprMWxtLXpvSUR4ZWk2am8tQzhFY05jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsHVrMA0G
CSqGSIb3DQEBCwUAA4IBAQCWyGDhzGPXD2wX8/J4oMncPtSMH6jTPR5AZgSSsToK
XN+4pXtgsWaU3r3Vluu1N9MJJEfJjAU0Sf/ooF2chLjy5uDtNgC5M1BfNrNMH9zn
XRqVjyN0QuVF8KrhCPqxZtVy3WzlykBypnw8vLnD3YPjIuFbY6oi+4s93BFnFX+b
zqA/VtJpPxbcfW9ujgefQLQIE8ukB5CCn1QpGE9mLMKLKz9Rq5B7zZepanhiVTCC
P2h9cffjavcxurfuhao6zpWDrcQ2XrQN7FGcc0i5Sbt1V0QStXHeb4LMAcxId0+G
g/+yyOAdbiB465QnBQrccj1mvSimOQe5veBgCzxoj55Q
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:46:14 2025 by rpki-client