Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/k-UrQqD1YYaF7ySlF2yP6OR6bDA.roa
File: k-UrQqD1YYaF7ySlF2yP6OR6bDA.roa (raw, json)
Hash identifier: QkIe2S+f+/vk2xV1hlW3V4qs9itdgIx6p52IzblGyHk=
Subject key identifier: 93:E5:2B:42:A0:F5:61:86:85:EF:24:A5:17:6C:8F:E8:E4:7A:6C:30
Certificate issuer: /CN=44e9101a29c938f84f86045d6be5df4b3f517bd1
Certificate serial: 0196C5ECB5ACFFD2E0B9BC38AFDC49EF7827
Authority key identifier: 44:E9:10:1A:29:C9:38:F8:4F:86:04:5D:6B:E5:DF:4B:3F:51:7B:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROkQGinJOPhPhgRda-XfSz9Re9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/k-UrQqD1YYaF7ySlF2yP6OR6bDA.roa
Signing time: Mon 12 May 2025 19:15:46 +0000
ROA not before: Mon 12 May 2025 19:15:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206318
IP address blocks: 185.185.196.0/22 maxlen: 22
193.32.212.0/22 maxlen: 22
2a0b:6380::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 21 May 2025 07:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:ec:b5:ac:ff:d2:e0:b9:bc:38:af:dc:49:ef:78:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e9101a29c938f84f86045d6be5df4b3f517bd1
Validity
Not Before: May 12 19:15:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93e52b42a0f5618685ef24a5176c8fe8e47a6c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:2c:61:0a:cd:7d:07:0c:a4:a8:58:f4:a6:e9:
a9:fd:90:96:87:e2:21:fb:0c:cd:8e:08:d0:61:6e:
38:e0:52:23:db:8a:75:19:b6:2c:25:51:e4:a0:18:
d6:76:98:34:50:17:ea:04:77:52:40:a7:f8:72:f3:
5c:73:d3:e0:a1:d3:2d:d4:a5:46:a0:66:7b:21:8d:
a5:7d:d7:04:5c:b2:eb:2c:6f:d2:2a:97:5f:f2:dd:
99:e4:86:39:ff:3b:1c:93:a5:ab:32:e1:58:9e:3d:
74:e8:10:d1:68:bd:8c:ed:45:75:2f:d4:54:18:95:
0b:a2:04:6b:42:46:0c:09:ef:1a:8c:c1:0f:8e:cb:
96:45:ba:14:82:21:e5:1e:eb:4e:fa:f2:76:9e:0c:
6e:ca:6a:ad:66:92:09:5e:c1:4b:c6:90:2b:27:56:
43:db:5d:bc:23:0a:f2:2d:9a:48:aa:85:7b:79:c0:
26:04:a3:3c:b8:d1:6c:03:d6:f0:e3:c3:0f:7c:c6:
5a:4d:03:d9:c8:83:18:66:57:3a:a5:69:05:42:8a:
e5:ec:83:9a:d9:22:8d:58:4b:eb:a3:d9:ec:8e:1f:
f9:41:d4:3f:2c:cd:90:a8:3f:26:1c:cd:e3:e6:82:
75:e9:cb:60:78:98:23:5c:4b:88:30:e0:10:fc:b0:
88:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:E5:2B:42:A0:F5:61:86:85:EF:24:A5:17:6C:8F:E8:E4:7A:6C:30
X509v3 Authority Key Identifier:
keyid:44:E9:10:1A:29:C9:38:F8:4F:86:04:5D:6B:E5:DF:4B:3F:51:7B:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROkQGinJOPhPhgRda-XfSz9Re9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/k-UrQqD1YYaF7ySlF2yP6OR6bDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/bce18c-7203-44c9-bec8-df01b4eb25e9/1/ROkQGinJOPhPhgRda-XfSz9Re9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.185.196.0/22
193.32.212.0/22
IPv6:
2a0b:6380::/29
Signature Algorithm: sha256WithRSAEncryption
52:37:40:dc:ea:49:57:63:18:4c:01:ea:bf:a3:5f:c4:03:d3:
d6:a4:c5:65:1e:dc:90:55:76:c6:1b:88:31:7d:ef:f3:f2:71:
49:ca:cc:4e:6b:e2:7f:5b:ba:28:71:36:20:12:b3:7f:db:53:
37:ed:e2:f0:4f:bd:78:18:df:3c:f9:9f:c5:e0:1f:65:7e:a2:
c8:a7:b5:87:fd:01:63:f5:86:84:97:1e:bf:35:85:ba:50:3b:
b1:db:fc:30:e9:ca:b9:90:ce:f9:1c:ac:6c:25:fd:1c:05:ea:
9a:fa:15:d7:94:ea:fc:cf:bf:f9:40:b6:7a:22:4c:f0:43:4c:
d2:19:29:d2:10:16:d5:24:14:cb:4b:0f:8c:e7:e7:2e:29:41:
94:fa:9f:b1:ee:20:15:1f:12:4f:d1:23:44:55:09:47:66:08:
0e:ca:74:0c:df:b1:7f:db:a0:23:aa:b7:20:ab:b9:ea:7d:49:
08:f0:f0:8a:5c:81:15:0d:c4:d5:39:46:c6:51:0b:19:be:df:
e1:7f:f0:2b:eb:0d:a8:ca:c0:73:59:06:d4:e6:5e:d5:93:c4:
31:bf:17:be:4f:17:33:37:44:06:36:cc:80:2c:cc:a4:c2:dd:
26:3d:4b:fa:b3:9f:e2:f5:de:55:10:7f:a6:84:0e:d6:2a:5a:
93:9d:07:5a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZbF7LWs/9Lgubw4r9xJ73gnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTkxMDFhMjljOTM4Zjg0Zjg2MDQ1ZDZiZTVkZjRiM2Y1
MTdiZDEwHhcNMjUwNTEyMTkxNTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2U1MmI0MmEwZjU2MTg2ODVlZjI0YTUxNzZjOGZlOGU0N2E2YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyxhCs19BwykqFj0pump/ZCWh+Ih
+wzNjgjQYW444FIj24p1GbYsJVHkoBjWdpg0UBfqBHdSQKf4cvNcc9PgodMt1KVG
oGZ7IY2lfdcEXLLrLG/SKpdf8t2Z5IY5/zsck6WrMuFYnj106BDRaL2M7UV1L9RU
GJULogRrQkYMCe8ajMEPjsuWRboUgiHlHutO+vJ2ngxuymqtZpIJXsFLxpArJ1ZD
2128IwryLZpIqoV7ecAmBKM8uNFsA9bw48MPfMZaTQPZyIMYZlc6pWkFQorl7IOa
2SKNWEvro9nsjh/5QdQ/LM2QqD8mHM3j5oJ16ctgeJgjXEuIMOAQ/LCIpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJPlK0Kg9WGGhe8kpRdsj+jkemwwMB8GA1UdIwQY
MBaAFETpEBopyTj4T4YEXWvl30s/UXvRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9rUUdpbkpPUGhQaGdSZGEtWGZTejlSZTlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9iY2UxOGMtNzIwMy00NGM5LWJlYzgt
ZGYwMWI0ZWIyNWU5LzEvay1VclFxRDFZWWFGN3lTbEYyeVA2T1I2YkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9iY2UxOGMtNzIwMy00NGM5LWJlYzgtZGYwMWI0ZWIyNWU5
LzEvUk9rUUdpbkpPUGhQaGdSZGEtWGZTejlSZTlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCubnEAwQC
wSDUMA0EAgACMAcDBQMqC2OAMA0GCSqGSIb3DQEBCwUAA4IBAQBSN0Dc6klXYxhM
Aeq/o1/EA9PWpMVlHtyQVXbGG4gxfe/z8nFJysxOa+J/W7oocTYgErN/21M37eLw
T714GN88+Z/F4B9lfqLIp7WH/QFj9YaElx6/NYW6UDux2/ww6cq5kM75HKxsJf0c
Beqa+hXXlOr8z7/5QLZ6IkzwQ0zSGSnSEBbVJBTLSw+M5+cuKUGU+p+x7iAVHxJP
0SNEVQlHZggOynQM37F/26Ajqrcgq7nqfUkI8PCKXIEVDcTVOUbGUQsZvt/hf/Ar
6w2oysBzWQbU5l7Vk8Qxvxe+TxczN0QGNsyALMykwt0mPUv6s5/i9d5VEH+mhA7W
KlqTnQda
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:29:24 2025 by rpki-client