Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/aqQXXSoJXeVmQA7RlLyPHqUpHEw.roa
File: aqQXXSoJXeVmQA7RlLyPHqUpHEw.roa (raw, json)
Hash identifier: xtIa9c4+f5F3tzg5gQ70zg9BLu2twVNUeiYw9Rnp9bU=
Subject key identifier: 6A:A4:17:5D:2A:09:5D:E5:66:40:0E:D1:94:BC:8F:1E:A5:29:1C:4C
Certificate issuer: /CN=b754652a9e989145a059f78883d536e92c43b53f
Certificate serial: 019735453696E0CDF9BBD52DF1B6749FDBB2
Authority key identifier: B7:54:65:2A:9E:98:91:45:A0:59:F7:88:83:D5:36:E9:2C:43:B5:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t1RlKp6YkUWgWfeIg9U26SxDtT8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/aqQXXSoJXeVmQA7RlLyPHqUpHEw.roa
Signing time: Tue 03 Jun 2025 10:10:17 +0000
ROA not before: Tue 03 Jun 2025 10:10:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199878
IP address blocks: 82.118.146.0/24 maxlen: 24
82.118.147.0/24 maxlen: 24
95.171.236.0/24 maxlen: 24
95.171.237.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 09:48:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:45:36:96:e0:cd:f9:bb:d5:2d:f1:b6:74:9f:db:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b754652a9e989145a059f78883d536e92c43b53f
Validity
Not Before: Jun 3 10:10:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6aa4175d2a095de566400ed194bc8f1ea5291c4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:09:22:08:a1:d3:66:3f:ee:fc:33:8d:07:2b:
ac:11:6c:37:7a:0d:49:bf:43:6e:5c:23:e5:78:e0:
63:ee:2f:78:3d:4d:eb:c4:82:27:6b:ad:80:05:8c:
32:40:43:15:a2:f0:1c:1a:4c:2a:35:b2:01:61:9a:
61:00:98:68:9f:2c:3e:49:bc:a6:5b:0d:d3:41:a2:
45:8d:00:e6:f8:b8:0f:ce:4f:a1:be:8e:e9:85:6e:
78:73:05:3b:71:d1:c0:c9:95:ab:4d:be:bd:11:50:
d1:83:98:05:17:9a:44:86:56:e2:f9:76:82:a0:a4:
be:a4:ed:16:b1:b9:d9:7f:b4:6f:a3:4a:b2:e2:66:
2b:b0:b9:55:e4:09:94:7e:a1:66:d6:4a:aa:03:6a:
2c:83:94:b1:e4:e3:71:98:b0:56:d0:40:e0:91:b4:
7c:e9:da:7c:85:28:ca:d7:62:91:28:47:0a:85:dd:
4d:57:16:ba:75:95:fd:74:84:6f:c6:25:e2:32:f4:
bc:0f:a4:39:2a:f7:d6:cd:77:2c:5a:cb:84:37:b4:
d1:b1:3a:57:5a:40:26:fa:c4:35:b2:29:1a:04:07:
12:3a:1d:5f:f9:bb:b7:33:42:16:56:34:a7:05:57:
06:7c:07:0c:36:68:83:ea:8d:bd:a7:d8:c8:3c:1e:
d3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:A4:17:5D:2A:09:5D:E5:66:40:0E:D1:94:BC:8F:1E:A5:29:1C:4C
X509v3 Authority Key Identifier:
keyid:B7:54:65:2A:9E:98:91:45:A0:59:F7:88:83:D5:36:E9:2C:43:B5:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t1RlKp6YkUWgWfeIg9U26SxDtT8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/aqQXXSoJXeVmQA7RlLyPHqUpHEw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/afd6b9-6c4e-40e0-ae96-b4da20a757cf/1/t1RlKp6YkUWgWfeIg9U26SxDtT8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.118.146.0/23
95.171.236.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:f1:5f:3a:f9:95:60:29:99:54:a8:a5:b5:a5:98:09:4e:2b:
83:6b:84:83:60:87:fd:c7:f4:82:e1:68:1d:7b:36:5b:f8:0e:
cd:68:73:fb:2e:7e:ec:0a:97:9e:e3:18:33:e3:c2:9c:2c:f5:
a8:e8:7c:23:2e:f6:90:cf:fd:da:f5:57:df:64:48:b9:fe:ad:
e5:e8:ec:a3:f1:14:af:34:b4:f0:58:98:d2:5a:a8:f2:06:18:
84:aa:d5:6b:1c:e4:0a:d4:80:af:f5:33:fc:04:13:4c:90:46:
4a:2e:2c:b1:d3:0a:dd:25:df:d4:2d:d2:e3:f5:9f:1b:5b:60:
5b:9f:b3:a3:8f:59:6d:09:69:70:99:fd:06:ef:9f:a1:5a:8d:
f3:2c:c0:bd:74:61:f3:a8:22:97:61:aa:f4:56:de:f9:b7:67:
cb:1b:dd:ea:4f:67:e0:06:04:38:8f:05:5d:7d:e7:86:70:b4:
82:26:e4:71:1b:1a:1a:22:ae:fb:ba:40:18:4e:24:b2:4b:77:
94:ed:cb:ca:90:85:73:64:13:e3:0d:1e:91:13:56:16:90:b8:
63:76:c5:0d:a0:b3:f5:3d:69:7f:f8:11:95:48:c5:44:40:91:
3e:6a:f5:b0:f6:f9:9c:a7:91:d9:6f:60:13:22:14:1b:61:32:
b8:a6:fe:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc1RTaW4M35u9Ut8bZ0n9uyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3NTQ2NTJhOWU5ODkxNDVhMDU5Zjc4ODgzZDUzNmU5MmM0
M2I1M2YwHhcNMjUwNjAzMTAxMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWE0MTc1ZDJhMDk1ZGU1NjY0MDBlZDE5NGJjOGYxZWE1MjkxYzRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1wkiCKHTZj/u/DONByusEWw3eg1J
v0NuXCPleOBj7i94PU3rxIIna62ABYwyQEMVovAcGkwqNbIBYZphAJhonyw+Sbym
Ww3TQaJFjQDm+LgPzk+hvo7phW54cwU7cdHAyZWrTb69EVDRg5gFF5pEhlbi+XaC
oKS+pO0WsbnZf7Rvo0qy4mYrsLlV5AmUfqFm1kqqA2osg5Sx5ONxmLBW0EDgkbR8
6dp8hSjK12KRKEcKhd1NVxa6dZX9dIRvxiXiMvS8D6Q5KvfWzXcsWsuEN7TRsTpX
WkAm+sQ1sikaBAcSOh1f+bu3M0IWVjSnBVcGfAcMNmiD6o29p9jIPB7TnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGqkF10qCV3lZkAO0ZS8jx6lKRxMMB8GA1UdIwQY
MBaAFLdUZSqemJFFoFn3iIPVNuksQ7U/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDFSbEtwNllrVVdnV2ZlSWc5VTI2U3hEdFQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9hZmQ2YjktNmM0ZS00MGUwLWFlOTYt
YjRkYTIwYTc1N2NmLzEvYXFRWFhTb0pYZVZtUUE3UmxMeVBIcVVwSEV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9hZmQ2YjktNmM0ZS00MGUwLWFlOTYtYjRkYTIwYTc1N2Nm
LzEvdDFSbEtwNllrVVdnV2ZlSWc5VTI2U3hEdFQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBUnaSAwQB
X6vsMA0GCSqGSIb3DQEBCwUAA4IBAQCe8V86+ZVgKZlUqKW1pZgJTiuDa4SDYIf9
x/SC4WgdezZb+A7NaHP7Ln7sCpee4xgz48KcLPWo6HwjLvaQz/3a9VffZEi5/q3l
6Oyj8RSvNLTwWJjSWqjyBhiEqtVrHOQK1ICv9TP8BBNMkEZKLiyx0wrdJd/ULdLj
9Z8bW2Bbn7Ojj1ltCWlwmf0G75+hWo3zLMC9dGHzqCKXYar0Vt75t2fLG93qT2fg
BgQ4jwVdfeeGcLSCJuRxGxoaIq77ukAYTiSyS3eU7cvKkIVzZBPjDR6RE1YWkLhj
dsUNoLP1PWl/+BGVSMVEQJE+avWw9vmcp5HZb2ATIhQbYTK4pv7K
-----END CERTIFICATE-----
Generated at Sun Jun 15 03:44:12 2025 by rpki-client