Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/5tvOpMxP5Zy3aI8hO9nYvZzBaIY.roa
File: 5tvOpMxP5Zy3aI8hO9nYvZzBaIY.roa (raw, json)
Hash identifier: Zuu90PtnvQ9edBbMsLCi2JamvDRB7RoYN9zZG1ryw+w=
Subject key identifier: E6:DB:CE:A4:CC:4F:E5:9C:B7:68:8F:21:3B:D9:D8:BD:9C:C1:68:86
Certificate issuer: /CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Certificate serial: 0197554F6C6818BAF5FAA092DC8C22BF661C
Authority key identifier: 29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/5tvOpMxP5Zy3aI8hO9nYvZzBaIY.roa
Signing time: Mon 09 Jun 2025 15:29:17 +0000
ROA not before: Mon 09 Jun 2025 15:29:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.19.34.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Jun 2025 12:57:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:55:4f:6c:68:18:ba:f5:fa:a0:92:dc:8c:22:bf:66:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2996cd68531847e3b0be0d93c65cc1fb64ecd21a
Validity
Not Before: Jun 9 15:29:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6dbcea4cc4fe59cb7688f213bd9d8bd9cc16886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b8:6a:67:7b:60:8f:e4:2a:70:25:16:b5:9a:
fb:2a:13:d8:f5:8b:9c:25:02:fb:4e:15:df:c2:de:
7c:17:34:93:bb:0f:9c:1b:40:23:2b:0c:51:90:ef:
44:ad:73:89:47:60:08:bc:dc:5b:be:55:ba:94:4b:
54:b9:06:f8:79:f2:56:9d:91:6f:5f:63:de:7a:5d:
cf:16:b0:fd:9a:06:cd:d0:8d:1a:15:06:24:d0:4e:
55:56:a9:08:da:9a:69:97:0d:3e:15:13:dd:88:a7:
c1:07:87:6e:dd:76:d5:5e:50:5f:b6:0f:0b:fa:b6:
fd:76:e9:ea:6e:f3:ca:60:3d:12:a4:b7:93:38:8d:
01:69:6c:bc:06:91:6b:d3:35:a8:3b:be:66:56:d8:
60:a8:71:54:9d:6a:84:98:59:e4:d2:3d:03:6c:21:
46:ef:8b:95:c9:4e:3b:f9:8e:cf:9d:2b:a5:65:8f:
83:bd:65:a3:be:3d:ce:b6:f2:47:82:4f:23:0d:eb:
49:f1:9c:3c:e2:d4:73:da:16:11:d9:96:08:f4:8d:
fe:02:f0:6a:de:75:6a:32:c9:0d:72:fc:1f:11:98:
93:fd:65:63:14:dc:be:62:9e:be:1c:0c:20:8a:9a:
d3:67:10:11:13:49:77:05:91:c9:d5:3b:77:11:77:
0d:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:DB:CE:A4:CC:4F:E5:9C:B7:68:8F:21:3B:D9:D8:BD:9C:C1:68:86
X509v3 Authority Key Identifier:
keyid:29:96:CD:68:53:18:47:E3:B0:BE:0D:93:C6:5C:C1:FB:64:EC:D2:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/5tvOpMxP5Zy3aI8hO9nYvZzBaIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/83cd41-7256-4d66-942f-72ecba131af8/1/KZbNaFMYR-Owvg2TxlzB-2Ts0ho.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.19.34.0/24
Signature Algorithm: sha256WithRSAEncryption
97:40:3c:37:7f:f3:c7:d8:be:24:c2:d2:a9:fd:86:92:ae:35:
b0:96:d3:4a:46:ea:77:75:ca:51:6e:58:96:87:4b:0f:f3:67:
32:42:b7:2e:81:82:19:d5:36:51:8c:8d:dd:1e:52:11:98:cb:
23:cc:4a:f4:c7:20:fc:6a:59:bb:f3:97:2d:3a:c4:af:ff:20:
22:77:a7:e4:c1:f6:62:dc:08:c1:40:46:b8:df:4c:05:19:f8:
50:28:8b:13:03:86:61:1b:d7:b1:45:6e:94:99:cd:7b:8b:c0:
98:84:f6:7a:e9:97:57:ee:6d:f4:c5:93:ca:d2:60:65:5c:07:
f9:0f:59:e5:cc:f2:af:82:3d:a3:fb:00:d3:92:6b:2e:38:68:
78:4b:47:34:a5:93:87:fc:be:c7:41:09:44:33:c4:49:da:5d:
8d:9b:79:1e:98:29:83:ff:43:88:2f:8f:78:c2:28:bf:54:d1:
7b:52:bf:8a:1e:fa:c7:93:95:ee:03:3b:61:88:0f:b7:d5:59:
af:ed:e2:3b:5c:68:7a:6a:4a:ca:b8:f0:e1:71:89:b2:4a:8f:
27:74:32:51:88:ac:c0:9e:50:cd:08:0d:db:6c:d5:0a:0d:3a:
17:fb:2a:09:89:91:e8:d2:2d:e8:c0:8e:5d:39:26:b3:5b:13:
cb:f8:d9:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdVT2xoGLr1+qCS3Iwiv2YcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5OTZjZDY4NTMxODQ3ZTNiMGJlMGQ5M2M2NWNjMWZiNjRl
Y2QyMWEwHhcNMjUwNjA5MTUyOTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmRiY2VhNGNjNGZlNTljYjc2ODhmMjEzYmQ5ZDhiZDljYzE2ODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbhqZ3tgj+QqcCUWtZr7KhPY9Yuc
JQL7ThXfwt58FzSTuw+cG0AjKwxRkO9ErXOJR2AIvNxbvlW6lEtUuQb4efJWnZFv
X2Peel3PFrD9mgbN0I0aFQYk0E5VVqkI2ppplw0+FRPdiKfBB4du3XbVXlBftg8L
+rb9dunqbvPKYD0SpLeTOI0BaWy8BpFr0zWoO75mVthgqHFUnWqEmFnk0j0DbCFG
74uVyU47+Y7PnSulZY+DvWWjvj3OtvJHgk8jDetJ8Zw84tRz2hYR2ZYI9I3+AvBq
3nVqMskNcvwfEZiT/WVjFNy+Yp6+HAwgiprTZxARE0l3BZHJ1Tt3EXcNywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFObbzqTMT+Wct2iPITvZ2L2cwWiGMB8GA1UdIwQY
MBaAFCmWzWhTGEfjsL4Nk8Zcwftk7NIaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYt
NzJlY2JhMTMxYWY4LzEvNXR2T3BNeFA1WnkzYUk4aE85bll2WnpCYUlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC84M2NkNDEtNzI1Ni00ZDY2LTk0MmYtNzJlY2JhMTMxYWY4
LzEvS1piTmFGTVlSLU93dmcyVHhsekItMlRzMGhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCXQDw3f/PH2L4kwtKp/YaSrjWwltNKRup3dcpRbliW
h0sP82cyQrcugYIZ1TZRjI3dHlIRmMsjzEr0xyD8alm785ctOsSv/yAid6fkwfZi
3AjBQEa430wFGfhQKIsTA4ZhG9exRW6Umc17i8CYhPZ66ZdX7m30xZPK0mBlXAf5
D1nlzPKvgj2j+wDTkmsuOGh4S0c0pZOH/L7HQQlEM8RJ2l2Nm3kemCmD/0OIL494
wii/VNF7Ur+KHvrHk5XuAzthiA+31Vmv7eI7XGh6akrKuPDhcYmySo8ndDJRiKzA
nlDNCA3bbNUKDToX+yoJiZHo0i3owI5dOSazWxPL+Nlu
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:19:24 2025 by rpki-client