Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ikvMC4sdYsp6MFpDv5ph5a-jYEU.roa
File: ikvMC4sdYsp6MFpDv5ph5a-jYEU.roa (raw, json)
Hash identifier: Z105us8gs3ywmB/uwrJSsOaWlZ914NJkKfeJGpzzwI8=
Subject key identifier: 8A:4B:CC:0B:8B:1D:62:CA:7A:30:5A:43:BF:9A:61:E5:AF:A3:60:45
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0196388F37FB806C73964F3C4C159875478F
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ikvMC4sdYsp6MFpDv5ph5a-jYEU.roa
Signing time: Tue 15 Apr 2025 08:27:11 +0000
ROA not before: Tue 15 Apr 2025 08:27:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215137
IP address blocks: 85.202.203.0/24 maxlen: 24
2a0e:97c1::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 15 Apr 2025 11:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:38:8f:37:fb:80:6c:73:96:4f:3c:4c:15:98:75:47:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Apr 15 08:27:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a4bcc0b8b1d62ca7a305a43bf9a61e5afa36045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:b8:d8:6d:84:83:0b:d5:f2:07:d5:71:f1:4b:
62:0c:68:f6:c2:3e:df:bd:71:86:2a:3b:e4:fc:37:
07:f4:13:64:26:6a:fe:6b:e0:e7:f6:3c:53:45:56:
7a:18:98:4a:8c:74:79:1c:35:04:eb:0e:db:c9:e6:
14:97:5c:d9:82:61:2b:b3:c3:c6:53:09:31:c2:0f:
16:43:ac:43:08:58:1d:0e:2d:e3:e2:9c:b4:78:5c:
4f:c9:e2:c0:8d:52:88:c6:3f:8e:32:05:19:ad:19:
80:8e:d0:e9:a3:1b:b9:17:49:e4:40:55:47:0a:ae:
c7:76:80:47:a8:fa:92:2d:60:e3:54:33:65:59:13:
0b:a1:d4:5a:3a:85:eb:4a:ec:87:7f:04:55:4e:29:
44:f1:51:c5:aa:12:e9:f3:46:04:1f:be:30:97:c7:
00:ff:89:ca:4b:59:21:8a:93:99:60:eb:82:2b:36:
fc:42:81:b6:89:0d:5f:e5:ca:26:33:34:20:1d:a5:
bc:22:4b:c8:e1:97:be:37:4c:6d:b5:34:64:cd:e4:
ae:94:87:a0:54:57:32:e2:06:84:3e:c8:ba:24:69:
39:f9:61:1c:97:08:2e:3a:5b:53:11:22:33:03:47:
c9:cb:df:1b:62:05:fe:00:7c:08:1f:4a:b6:13:95:
22:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4B:CC:0B:8B:1D:62:CA:7A:30:5A:43:BF:9A:61:E5:AF:A3:60:45
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/ikvMC4sdYsp6MFpDv5ph5a-jYEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.203.0/24
IPv6:
2a0e:97c1::/40
Signature Algorithm: sha256WithRSAEncryption
36:11:10:2e:98:fc:87:8e:3e:6b:c4:58:08:e5:24:c2:6e:b6:
41:01:35:b8:de:09:2f:dd:70:e5:2a:f6:c5:7c:81:59:86:25:
39:eb:ac:b0:ec:66:06:1a:5b:06:93:29:a7:2d:cb:5a:14:37:
86:ef:5e:a3:9f:5c:b0:56:85:b2:a3:83:20:50:66:99:e2:b1:
47:af:88:5a:9d:47:80:ad:18:a1:f5:ea:be:54:a5:a4:8f:5e:
1f:96:d4:70:63:e7:b3:84:ae:a4:b0:45:08:e6:c2:d8:60:6a:
aa:c9:ac:a7:93:40:6c:fb:a2:dc:94:b1:cb:b9:23:f1:8b:1a:
53:fc:51:c3:09:db:06:46:61:b8:65:02:68:96:8c:e6:6f:6d:
c0:a8:1b:34:5e:9f:e3:8c:77:22:a7:2b:11:82:e9:ff:bc:05:
08:07:29:10:fb:30:d7:d4:a6:88:49:9e:c4:5e:f9:82:4b:b5:
c3:8b:0e:e0:4d:b7:c3:5d:0b:24:99:a0:ae:1c:fd:62:2d:43:
0b:90:2a:4d:2a:98:48:0b:1d:93:81:7d:39:38:b3:c1:28:d7:
85:a4:45:22:c6:a6:d3:50:e4:30:8d:b8:6a:dc:d6:c2:15:b4:
f7:a5:2f:b0:3b:41:6f:5c:b6:25:16:af:1e:64:d7:89:73:0e:
9e:4e:de:d4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZY4jzf7gGxzlk88TBWYdUePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwNDE1MDgyNzExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRiY2MwYjhiMWQ2MmNhN2EzMDVhNDNiZjlhNjFlNWFmYTM2MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9rjYbYSDC9XyB9Vx8UtiDGj2wj7f
vXGGKjvk/DcH9BNkJmr+a+Dn9jxTRVZ6GJhKjHR5HDUE6w7byeYUl1zZgmErs8PG
Uwkxwg8WQ6xDCFgdDi3j4py0eFxPyeLAjVKIxj+OMgUZrRmAjtDpoxu5F0nkQFVH
Cq7HdoBHqPqSLWDjVDNlWRMLodRaOoXrSuyHfwRVTilE8VHFqhLp80YEH74wl8cA
/4nKS1khipOZYOuCKzb8QoG2iQ1f5comMzQgHaW8IkvI4Ze+N0xttTRkzeSulIeg
VFcy4gaEPsi6JGk5+WEclwguOltTESIzA0fJy98bYgX+AHwIH0q2E5Ui7QIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFIpLzAuLHWLKejBaQ7+aYeWvo2BFMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvaWt2TUM0c2RZc3A2TUZwRHY1cGg1YS1qWUVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAVcrLMA4E
AgACMAgDBgAqDpfBADANBgkqhkiG9w0BAQsFAAOCAQEANhEQLpj8h44+a8RYCOUk
wm62QQE1uN4JL91w5Sr2xXyBWYYlOeussOxmBhpbBpMppy3LWhQ3hu9eo59csFaF
sqODIFBmmeKxR6+IWp1HgK0YofXqvlSlpI9eH5bUcGPns4SupLBFCObC2GBqqsms
p5NAbPui3JSxy7kj8YsaU/xRwwnbBkZhuGUCaJaM5m9twKgbNF6f44x3IqcrEYLp
/7wFCAcpEPsw19SmiEmexF75gku1w4sO4E23w10LJJmgrhz9Yi1DC5AqTSqYSAsd
k4F9OTizwSjXhaRFIsam01DkMI24atzWwhW096UvsDtBb1y2JRavHmTXiXMOnk7e
1A==
-----END CERTIFICATE-----
Generated at Mon Jun 16 18:52:38 2025 by rpki-client