Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2UaPXlodR64PVY0T1_RloEKiMcg.roa
File: 2UaPXlodR64PVY0T1_RloEKiMcg.roa (raw, json)
Hash identifier: ea75xs9bBOhhULOBXbi7lkgCXrrsz7c4xhrqngQH7qw=
Subject key identifier: D9:46:8F:5E:5A:1D:47:AE:0F:55:8D:13:D7:F4:65:A0:42:A2:31:C8
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019A530E157D8EAF93989AB3F5D7FE361842
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2UaPXlodR64PVY0T1_RloEKiMcg.roa
Signing time: Wed 05 Nov 2025 08:07:03 +0000
ROA not before: Wed 05 Nov 2025 08:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.46.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Nov 2025 08:50:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:0e:15:7d:8e:af:93:98:9a:b3:f5:d7:fe:36:18:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 5 08:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9468f5e5a1d47ae0f558d13d7f465a042a231c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:5b:62:ba:ae:a0:29:07:00:7f:4c:98:76:5a:
a9:10:91:37:d6:24:46:40:ee:a1:2c:db:2b:da:e0:
96:d4:81:ca:a1:01:4e:cd:3d:4f:f6:6e:f9:19:44:
21:d4:22:0f:61:86:2c:a7:b6:30:ab:f5:5a:35:89:
02:15:b4:90:e5:df:f3:3a:b0:cc:00:06:9f:a0:cb:
91:e7:05:1c:2b:01:c2:52:5f:45:92:c2:b2:b6:ac:
2d:63:bb:59:c1:75:e0:be:fe:37:81:ae:bb:cb:c5:
69:ec:26:77:48:98:52:f9:fe:e6:5b:49:a1:38:a9:
53:6e:b2:74:1e:ff:ef:36:b3:f1:5e:86:b4:86:69:
a8:84:df:ce:99:b2:65:8f:1f:b4:a3:e1:0f:28:8c:
b3:eb:0b:28:5a:26:8a:01:78:85:fe:17:a4:c3:e3:
68:5e:33:fa:78:e5:c6:c7:93:50:14:3a:f8:1b:14:
fa:b7:e7:29:4e:dc:d3:5a:12:ee:15:1d:4b:dc:c4:
9c:85:f7:29:84:c2:c9:06:98:03:c5:db:63:4f:62:
45:40:e5:80:84:e5:4a:c7:26:ca:66:14:c9:c2:40:
82:58:0f:92:db:79:a5:e6:fb:7c:56:97:42:40:b4:
bc:05:9f:e4:4b:8d:52:bc:cb:6e:e4:de:9a:eb:19:
70:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:46:8F:5E:5A:1D:47:AE:0F:55:8D:13:D7:F4:65:A0:42:A2:31:C8
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/2UaPXlodR64PVY0T1_RloEKiMcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.46.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:0e:eb:1b:4a:70:83:46:1b:e6:a7:2b:9c:08:6d:5b:ee:b1:
5b:60:42:fa:a8:4f:f4:b5:94:e4:2e:00:bc:5a:76:d2:dc:ca:
6d:27:05:91:ca:95:44:d7:14:77:3b:de:87:f6:1c:61:14:a5:
c8:b7:8f:89:41:0f:20:b8:26:e2:73:f2:95:04:29:e0:2b:41:
f9:3e:b4:c7:d0:12:5f:07:9a:0b:66:8f:aa:bf:f6:50:f2:e9:
5a:4f:bc:29:c0:1f:57:22:88:4e:32:d0:de:18:dc:93:a5:75:
6c:d1:c9:f4:0e:9a:33:a2:a4:36:f3:c2:e3:f1:2d:78:50:90:
08:0b:7a:ed:56:2b:ca:e3:42:d4:a1:38:07:6c:a1:08:d6:8c:
f2:c0:d0:f0:b4:a3:53:b5:27:1f:88:12:08:36:c8:89:e4:de:
64:60:02:05:f0:12:3d:cb:23:e2:57:45:a8:d6:b1:b1:3f:f6:
68:06:8f:2d:00:32:96:c8:26:c7:d3:0a:44:6e:c7:26:0e:d5:
85:b2:0d:c7:8b:cf:c3:6d:f6:6a:32:59:3e:cd:af:43:d7:d1:
6e:68:9a:17:75:59:f2:39:fa:3f:02:7c:2b:fc:51:48:fb:4b:
3e:98:70:9b:e3:41:8a:38:ca:7c:8a:24:ac:20:4e:45:f3:36:
bc:c0:5d:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZpTDhV9jq+TmJqz9df+NhhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUxMTA1MDgwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTQ2OGY1ZTVhMWQ0N2FlMGY1NThkMTNkN2Y0NjVhMDQyYTIzMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyltiuq6gKQcAf0yYdlqpEJE31iRG
QO6hLNsr2uCW1IHKoQFOzT1P9m75GUQh1CIPYYYsp7Ywq/VaNYkCFbSQ5d/zOrDM
AAafoMuR5wUcKwHCUl9FksKytqwtY7tZwXXgvv43ga67y8Vp7CZ3SJhS+f7mW0mh
OKlTbrJ0Hv/vNrPxXoa0hmmohN/OmbJljx+0o+EPKIyz6wsoWiaKAXiF/hekw+No
XjP6eOXGx5NQFDr4GxT6t+cpTtzTWhLuFR1L3MSchfcphMLJBpgDxdtjT2JFQOWA
hOVKxybKZhTJwkCCWA+S23ml5vt8VpdCQLS8BZ/kS41SvMtu5N6a6xlw6QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNlGj15aHUeuD1WNE9f0ZaBCojHIMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvMlVhUFhsb2RSNjRQVlkwVDFfUmxvRUtpTWNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXouMA0G
CSqGSIb3DQEBCwUAA4IBAQAqDusbSnCDRhvmpyucCG1b7rFbYEL6qE/0tZTkLgC8
WnbS3MptJwWRypVE1xR3O96H9hxhFKXIt4+JQQ8guCbic/KVBCngK0H5PrTH0BJf
B5oLZo+qv/ZQ8ulaT7wpwB9XIohOMtDeGNyTpXVs0cn0DpozoqQ288Lj8S14UJAI
C3rtVivK40LUoTgHbKEI1ozywNDwtKNTtScfiBIINsiJ5N5kYAIF8BI9yyPiV0Wo
1rGxP/ZoBo8tADKWyCbH0wpEbscmDtWFsg3Hi8/DbfZqMlk+za9D19FuaJoXdVny
Ofo/Anwr/FFI+0s+mHCb40GKOMp8iiSsIE5F8za8wF16
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:38 2025 by rpki-client