Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/PQKBEz--SSKWDIAiw6k8NvS0ZZs.roa
File: PQKBEz--SSKWDIAiw6k8NvS0ZZs.roa (raw, json)
Hash identifier: TvoYYI7+8jxDhFJ70WTx3yHFZVU6aLMt2T6AsfLH8xI=
Subject key identifier: 3D:02:81:13:3F:BE:49:22:96:0C:80:22:C3:A9:3C:36:F4:B4:65:9B
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 01982A1C2BACD4AF9F32FA52C00D316D3F29
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/PQKBEz--SSKWDIAiw6k8NvS0ZZs.roa
Signing time: Sun 20 Jul 2025 23:12:25 +0000
ROA not before: Sun 20 Jul 2025 23:12:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 95.164.15.0/24 maxlen: 24
95.164.40.0/22 maxlen: 22
95.164.49.0/24 maxlen: 24
95.164.50.0/24 maxlen: 24
95.164.56.0/22 maxlen: 22
95.164.72.0/22 maxlen: 22
95.164.76.0/24 maxlen: 24
95.164.80.0/22 maxlen: 22
95.164.120.0/24 maxlen: 24
95.164.121.0/24 maxlen: 24
95.164.170.0/23 maxlen: 23
95.164.172.0/22 maxlen: 22
95.164.248.0/24 maxlen: 24
185.234.254.0/24 maxlen: 24
2a10:eb80::/29 maxlen: 48
Validation: Failed, certificate revoked on Wed 23 Jul 2025 11:55:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2a:1c:2b:ac:d4:af:9f:32:fa:52:c0:0d:31:6d:3f:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Jul 20 23:12:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d0281133fbe4922960c8022c3a93c36f4b4659b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:70:54:dc:5b:d0:04:ce:f4:98:1e:75:3d:c5:
f8:66:41:06:8e:7e:6a:63:12:77:ef:f9:59:4a:00:
fc:45:b2:ad:fb:c7:40:ec:bc:5c:77:17:3d:e4:45:
b4:e2:e2:59:c9:62:ca:01:1f:b3:b0:5b:83:5b:cb:
0b:ce:e5:1a:cb:86:67:0b:4f:1b:ac:19:b0:bc:dd:
93:ed:d7:23:fc:e1:02:69:01:87:ec:a2:93:5a:e6:
0a:4b:92:0f:83:fa:68:2a:bc:2d:fe:27:fb:c4:9d:
95:54:50:6f:42:90:67:61:1a:3d:e8:e2:b4:61:14:
8b:3a:3f:6a:d0:da:8f:8d:77:59:80:ed:42:8a:ad:
89:3c:99:3b:e7:67:98:9e:b8:36:fc:c0:eb:4b:a6:
bc:da:e8:6b:35:b3:4d:67:1f:25:60:8e:c1:25:d3:
57:82:72:7a:4e:d2:ba:5d:05:ca:1d:1e:d8:d3:01:
3f:81:12:c3:15:16:79:d4:22:3c:7a:ad:6d:6e:2c:
e3:bd:1d:0c:19:6d:b3:e7:c6:6a:e8:7a:00:90:f5:
e5:ae:1a:dc:c4:1c:fb:a7:f8:0d:9c:5d:0e:e2:6e:
8d:2a:76:12:5d:55:b7:a9:b6:6f:51:f6:88:ed:37:
1a:e3:bd:80:6b:76:d2:be:b5:f4:2b:a1:c9:c5:c7:
69:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:02:81:13:3F:BE:49:22:96:0C:80:22:C3:A9:3C:36:F4:B4:65:9B
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/PQKBEz--SSKWDIAiw6k8NvS0ZZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.15.0/24
95.164.40.0/22
95.164.49.0-95.164.50.255
95.164.56.0/22
95.164.72.0-95.164.76.255
95.164.80.0/22
95.164.120.0/23
95.164.170.0-95.164.175.255
95.164.248.0/24
185.234.254.0/24
IPv6:
2a10:eb80::/29
Signature Algorithm: sha256WithRSAEncryption
4d:86:3c:89:ad:2d:08:ce:f8:20:63:71:81:2b:ea:a4:84:47:
f7:42:54:5e:82:84:0e:36:68:c0:f7:21:bd:25:ee:f1:0a:ca:
26:d1:b8:ca:e4:b7:e7:a4:06:a9:9e:17:12:34:1e:a9:4b:e0:
9a:a3:46:c3:50:f6:d3:cb:19:7e:a8:ec:f9:1d:54:45:c6:44:
72:a2:8b:10:7d:cb:a8:f7:e1:75:e3:07:0c:a8:d7:18:82:aa:
e8:94:43:81:be:ad:3e:8f:8a:a8:52:84:d7:80:fd:be:26:9b:
c5:bd:d3:3e:a2:5b:81:bb:5c:c3:be:69:f6:7f:dd:91:10:ce:
c1:8b:a9:57:b1:bb:f6:26:29:7c:d7:33:15:51:f7:1b:f2:f8:
2d:a5:32:f0:17:c1:8d:b8:3e:bc:13:1d:a6:35:9c:6f:64:4c:
dd:f1:37:68:37:50:be:d6:09:9a:c6:22:c0:a1:29:e6:88:09:
3a:d1:fd:42:f5:5a:9c:1f:46:1a:67:9f:2d:ef:cb:43:82:0a:
7b:b3:71:3b:b6:f6:af:0e:af:2f:28:33:6b:07:dd:c1:f7:19:
99:ae:47:ea:7a:c2:33:1e:50:7f:cc:1e:8f:9a:c7:85:e4:25:
f8:15:0d:43:ca:65:2f:30:3c:af:82:48:ac:d5:f2:5d:80:9a:
a8:0b:0b:aa
-----BEGIN CERTIFICATE-----
MIIFWjCCBEKgAwIBAgISAZgqHCus1K+fMvpSwA0xbT8pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwNzIwMjMxMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDAyODExMzNmYmU0OTIyOTYwYzgwMjJjM2E5M2MzNmY0YjQ2NTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXBU3FvQBM70mB51PcX4ZkEGjn5q
YxJ37/lZSgD8RbKt+8dA7Lxcdxc95EW04uJZyWLKAR+zsFuDW8sLzuUay4ZnC08b
rBmwvN2T7dcj/OECaQGH7KKTWuYKS5IPg/poKrwt/if7xJ2VVFBvQpBnYRo96OK0
YRSLOj9q0NqPjXdZgO1Ciq2JPJk752eYnrg2/MDrS6a82uhrNbNNZx8lYI7BJdNX
gnJ6TtK6XQXKHR7Y0wE/gRLDFRZ51CI8eq1tbizjvR0MGW2z58Zq6HoAkPXlrhrc
xBz7p/gNnF0O4m6NKnYSXVW3qbZvUfaI7Tca472Aa3bSvrX0K6HJxcdpywIDAQAB
o4ICZjCCAmIwHQYDVR0OBBYEFD0CgRM/vkkilgyAIsOpPDb0tGWbMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvUFFLQkV6LS1TU0tXRElBaXc2azhOdlMwWlpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHwGCCsGAQUFBwEHAQH/BG0wazBaBAIAATBUAwQAX6QPAwQC
X6QoMAwDBABfpDEDBABfpDIDBAJfpDgwDAMEA1+kSAMEAF+kTAMEAl+kUAMEAV+k
eDAMAwQBX6SqAwQEX6SgAwQAX6T4AwQAuer+MA0EAgACMAcDBQMqEOuAMA0GCSqG
SIb3DQEBCwUAA4IBAQBNhjyJrS0IzvggY3GBK+qkhEf3QlRegoQONmjA9yG9Je7x
Csom0bjK5LfnpAapnhcSNB6pS+Cao0bDUPbTyxl+qOz5HVRFxkRyoosQfcuo9+F1
4wcMqNcYgqrolEOBvq0+j4qoUoTXgP2+JpvFvdM+oluBu1zDvmn2f92REM7Bi6lX
sbv2Jil81zMVUfcb8vgtpTLwF8GNuD68Ex2mNZxvZEzd8TdoN1C+1gmaxiLAoSnm
iAk60f1C9VqcH0YaZ58t78tDggp7s3E7tvavDq8vKDNrB93B9xmZrkfqesIzHlB/
zB6PmseF5CX4FQ1DymUvMDyvgkis1fJdgJqoCwuq
-----END CERTIFICATE-----
Generated at Wed Jul 23 16:04:59 2025 by rpki-client