Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/1-Lpqg89gKbwoSOlh0R5vsHaqDS0.roa
File: 1-Lpqg89gKbwoSOlh0R5vsHaqDS0.roa (raw, json)
Hash identifier: OP9wccDVgga8Iyo5jaTe8OCQoQogOmC4rbYPzq+gRh8=
Subject key identifier: F8:BA:6A:83:CF:60:29:BC:28:48:E9:61:D1:1E:6F:B0:76:AA:0D:2D
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0196C51A813ECB2472D948B10D3F647C9B3E
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/1-Lpqg89gKbwoSOlh0R5vsHaqDS0.roa
Signing time: Mon 12 May 2025 15:26:10 +0000
ROA not before: Mon 12 May 2025 15:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208046
IP address blocks: 109.205.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 19 May 2025 07:37:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:1a:81:3e:cb:24:72:d9:48:b1:0d:3f:64:7c:9b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: May 12 15:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f8ba6a83cf6029bc2848e961d11e6fb076aa0d2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0b:57:59:7d:1a:5c:b2:8a:74:fe:9b:4d:be:
50:cd:f3:99:7c:a8:0b:02:9e:80:1c:c4:08:2a:78:
93:60:3c:e8:25:b8:6b:b3:d3:06:05:84:24:2f:cf:
74:bc:37:4c:20:ce:42:60:7e:a7:e2:f3:d8:23:17:
aa:64:0a:c4:8e:3a:de:1c:64:f8:2f:a0:cb:ba:37:
6b:16:54:75:e7:54:c1:36:8b:26:f9:5c:96:a4:6c:
b5:70:fe:8a:9e:9b:bd:a0:b5:2f:39:19:26:c6:a0:
35:45:dc:c2:9a:92:b0:db:fc:94:14:e3:bb:97:19:
60:db:10:9b:cd:53:fe:a6:83:30:36:dc:2c:82:ab:
13:8f:57:78:2d:dc:2a:dc:40:c4:92:a8:aa:38:e7:
c1:f2:fc:c9:6b:61:b3:94:3c:c0:ff:8a:73:8c:c0:
b9:2e:52:20:c4:96:cf:f0:b5:01:f5:19:ab:cd:71:
a1:8d:6f:7f:fd:9c:65:75:28:01:28:64:5f:f9:5a:
4f:97:0c:93:f2:3e:6d:78:e4:19:62:75:92:3a:ec:
ee:7f:42:9e:1d:da:a3:14:7b:97:9b:e4:10:77:e9:
5a:92:8e:42:c8:a9:e1:e8:db:77:c5:02:83:6f:9f:
19:55:31:9c:3e:cd:bc:f0:4d:a6:76:61:16:27:6c:
a8:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:BA:6A:83:CF:60:29:BC:28:48:E9:61:D1:1E:6F:B0:76:AA:0D:2D
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/1-Lpqg89gKbwoSOlh0R5vsHaqDS0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.214.0/24
Signature Algorithm: sha256WithRSAEncryption
44:38:d4:ab:1c:be:79:81:e8:bc:4d:ca:b7:36:a6:ed:bb:10:
ef:61:dc:a2:10:2f:c8:e1:cb:0a:61:85:21:4b:58:48:bc:b5:
c2:cc:51:e1:d0:6e:4a:d4:b8:c4:72:0d:dc:b3:a8:a3:5f:bd:
1b:b6:41:cb:4c:48:cc:93:86:56:fe:aa:39:89:9c:e9:10:5b:
e4:c9:20:6c:ff:79:73:0d:21:c2:fe:fa:22:f1:e9:89:3d:95:
e8:83:03:bf:c8:e2:7a:1c:cf:ac:25:98:50:2f:d3:03:f0:8f:
1c:ca:ed:8a:45:9a:0f:2f:44:1d:4a:05:17:31:87:dc:23:30:
8a:a9:b1:6a:2e:07:3c:12:01:9d:7b:2b:6f:36:dd:77:0a:55:
00:b4:59:4b:eb:91:fd:f9:a1:95:3b:c1:8d:79:e8:ad:50:98:
7a:ae:9b:92:89:97:9f:1b:ff:7f:f7:42:e8:b0:48:5c:10:d5:
26:37:b3:e1:89:73:f9:03:79:e1:91:8c:b9:cf:96:f2:f7:fe:
69:49:92:cb:5b:19:8e:10:13:ce:6e:85:c3:d9:44:6e:6f:d8:
50:78:84:4d:ba:66:19:70:2d:e4:bc:97:fc:72:bf:98:38:84:
5d:fa:2e:bc:76:51:1d:a9:6f:eb:d5:c9:7b:13:4c:c1:dc:e2:
15:2d:0c:f3
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZbFGoE+yyRy2UixDT9kfJs+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwNTEyMTUyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGJhNmE4M2NmNjAyOWJjMjg0OGU5NjFkMTFlNmZiMDc2YWEwZDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxQtXWX0aXLKKdP6bTb5QzfOZfKgL
Ap6AHMQIKniTYDzoJbhrs9MGBYQkL890vDdMIM5CYH6n4vPYIxeqZArEjjreHGT4
L6DLujdrFlR151TBNosm+VyWpGy1cP6Knpu9oLUvORkmxqA1RdzCmpKw2/yUFOO7
lxlg2xCbzVP+poMwNtwsgqsTj1d4Ldwq3EDEkqiqOOfB8vzJa2GzlDzA/4pzjMC5
LlIgxJbP8LUB9RmrzXGhjW9//ZxldSgBKGRf+VpPlwyT8j5teOQZYnWSOuzuf0Ke
HdqjFHuXm+QQd+lako5CyKnh6Nt3xQKDb58ZVTGcPs288E2mdmEWJ2yoaQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPi6aoPPYCm8KEjpYdEeb7B2qg0tMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvMS1McHFnODlnS2J3b1NPbGgwUjV2c0hhcURTMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZWMvNzgwMDJhLTRmYzAtNGRiZi04NTg1LTJjZjgwNmIyZDBm
Mi8xL2ZRYWtLN0pFYmxIeGt1bzNXOTktN0ZwUngzOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAG3N1jAN
BgkqhkiG9w0BAQsFAAOCAQEARDjUqxy+eYHovE3Ktzam7bsQ72HcohAvyOHLCmGF
IUtYSLy1wsxR4dBuStS4xHIN3LOoo1+9G7ZBy0xIzJOGVv6qOYmc6RBb5MkgbP95
cw0hwv76IvHpiT2V6IMDv8jiehzPrCWYUC/TA/CPHMrtikWaDy9EHUoFFzGH3CMw
iqmxai4HPBIBnXsrbzbddwpVALRZS+uR/fmhlTvBjXnorVCYeq6bkomXnxv/f/dC
6LBIXBDVJjez4Ylz+QN54ZGMuc+W8vf+aUmSy1sZjhATzm6Fw9lEbm/YUHiETbpm
GXAt5LyX/HK/mDiEXfouvHZRHalv69XJexNMwdziFS0M8w==
-----END CERTIFICATE-----
Generated at Wed Jun 4 11:28:33 2025 by rpki-client