Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/lg5PvjSkExsK9ycRfaL_WKotiGA.roa
File: lg5PvjSkExsK9ycRfaL_WKotiGA.roa (raw, json)
Hash identifier: Ag0pjFpZAYiIABprqIyI06LBTiPlpLOJ7kmTvXZFsb0=
Subject key identifier: 96:0E:4F:BE:34:A4:13:1B:0A:F7:27:11:7D:A2:FF:58:AA:2D:88:60
Certificate issuer: /CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Certificate serial: 0198D1F9EC0719EA7DA54B8987734E224950
Authority key identifier: FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/lg5PvjSkExsK9ycRfaL_WKotiGA.roa
Signing time: Fri 22 Aug 2025 13:31:13 +0000
ROA not before: Fri 22 Aug 2025 13:31:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.122.29.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 23 Aug 2025 06:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:f9:ec:07:19:ea:7d:a5:4b:89:87:73:4e:22:49:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffa3e55141c1a1f9f2e28811ed7e77fad378a579
Validity
Not Before: Aug 22 13:31:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=960e4fbe34a4131b0af727117da2ff58aa2d8860
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f3:17:5d:5b:e7:0a:b3:cc:d7:04:79:e4:9a:
f8:ab:55:69:a4:63:a5:11:cb:82:dc:fc:43:ec:3d:
3e:64:c5:b4:d1:35:d1:f0:5b:38:ba:01:e9:38:f4:
14:cd:0b:14:8c:0a:20:cd:b4:0e:28:76:87:00:c8:
d0:66:94:a4:78:93:6e:99:6c:28:e4:e0:f4:d9:08:
59:ab:3d:41:25:35:19:f7:f2:3f:16:20:9f:c4:35:
bf:d6:53:eb:32:c8:c5:b9:c7:28:27:ae:61:06:17:
15:38:7d:a5:49:02:65:1b:71:96:35:ba:d3:85:3a:
19:4c:5c:f1:a8:d6:f5:6d:0b:80:42:ba:5e:80:dc:
a1:2a:c5:7e:7c:16:4b:17:f8:79:24:4c:89:8d:46:
fa:c4:6b:2c:44:3d:d4:39:7e:64:22:f8:d4:4f:df:
e0:76:10:30:14:23:cf:42:2f:32:74:ac:fe:b0:91:
5b:76:48:a9:4a:a3:44:df:7f:b5:a2:d4:9c:66:3b:
ad:14:4c:c9:36:3e:6d:3e:a3:8a:0c:e5:93:36:09:
7f:da:d2:c1:40:95:34:00:4a:49:5d:89:74:62:92:
d7:40:35:af:b9:bf:3a:23:3c:6f:4f:e5:8c:07:73:
5c:7d:1d:6c:55:9c:e3:20:c2:9a:b9:60:6b:3a:81:
b4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:0E:4F:BE:34:A4:13:1B:0A:F7:27:11:7D:A2:FF:58:AA:2D:88:60
X509v3 Authority Key Identifier:
keyid:FF:A3:E5:51:41:C1:A1:F9:F2:E2:88:11:ED:7E:77:FA:D3:78:A5:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_6PlUUHBofny4ogR7X53-tN4pXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/lg5PvjSkExsK9ycRfaL_WKotiGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b263a2-0f6f-4f5d-af9e-a39ac2539fc5/1/_6PlUUHBofny4ogR7X53-tN4pXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.29.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:76:2b:a2:9c:77:96:99:17:84:01:25:66:7c:e3:c8:fe:fd:
cf:c9:c5:cb:01:30:aa:19:f4:f8:d6:84:39:ee:a8:52:14:97:
33:d9:23:ff:e6:5b:9d:70:3a:17:2c:89:55:5d:fa:f9:90:2c:
8f:29:44:d6:7d:5d:5c:13:1a:06:13:95:89:2c:a0:e1:5b:f2:
99:71:e8:f7:67:9a:72:b9:78:b7:cb:ec:cc:c8:5f:3c:cb:f1:
66:16:4f:96:28:1f:13:63:d6:0c:17:29:11:d4:4b:7d:be:2e:
a9:0e:f5:8a:c5:44:31:b0:8b:af:b7:8f:48:58:e1:9f:31:02:
4d:bd:0a:99:a6:0b:8f:5c:56:7c:c4:dc:8b:f4:56:b7:6e:52:
b5:01:4c:f7:75:11:94:d7:14:cc:ee:f3:56:59:90:db:1b:11:
75:a1:9e:5a:67:78:5f:aa:e1:9b:81:9f:61:71:39:c9:cf:00:
e5:87:c6:4c:8b:c0:e6:86:b7:b5:60:cb:4c:4a:51:86:30:25:
41:c8:bb:2c:7e:73:d9:4c:8c:a4:db:c5:29:f0:1a:10:07:67:
45:99:64:91:07:68:c8:86:6e:30:bd:7d:58:3a:c7:51:5b:be:
0a:4f:21:c8:bb:9c:dd:e4:48:bd:15:1c:85:27:25:85:7c:12:
c1:c0:18:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZjR+ewHGep9pUuJh3NOIklQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYTNlNTUxNDFjMWExZjlmMmUyODgxMWVkN2U3N2ZhZDM3
OGE1NzkwHhcNMjUwODIyMTMzMTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjBlNGZiZTM0YTQxMzFiMGFmNzI3MTE3ZGEyZmY1OGFhMmQ4ODYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2/MXXVvnCrPM1wR55Jr4q1VppGOl
EcuC3PxD7D0+ZMW00TXR8Fs4ugHpOPQUzQsUjAogzbQOKHaHAMjQZpSkeJNumWwo
5OD02QhZqz1BJTUZ9/I/FiCfxDW/1lPrMsjFuccoJ65hBhcVOH2lSQJlG3GWNbrT
hToZTFzxqNb1bQuAQrpegNyhKsV+fBZLF/h5JEyJjUb6xGssRD3UOX5kIvjUT9/g
dhAwFCPPQi8ydKz+sJFbdkipSqNE33+1otScZjutFEzJNj5tPqOKDOWTNgl/2tLB
QJU0AEpJXYl0YpLXQDWvub86IzxvT+WMB3NcfR1sVZzjIMKauWBrOoG0bwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJYOT740pBMbCvcnEX2i/1iqLYhgMB8GA1UdIwQY
MBaAFP+j5VFBwaH58uKIEe1+d/rTeKV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUt
YTM5YWMyNTM5ZmM1LzEvbGc1UHZqU2tFeHNLOXljUmZhTF9XS290aUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iMjYzYTItMGY2Zi00ZjVkLWFmOWUtYTM5YWMyNTM5ZmM1
LzEvXzZQbFVVSEJvZm55NG9nUjdYNTMtdE40cFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbXodMA0G
CSqGSIb3DQEBCwUAA4IBAQBbdiuinHeWmReEASVmfOPI/v3PycXLATCqGfT41oQ5
7qhSFJcz2SP/5ludcDoXLIlVXfr5kCyPKUTWfV1cExoGE5WJLKDhW/KZcej3Z5py
uXi3y+zMyF88y/FmFk+WKB8TY9YMFykR1Et9vi6pDvWKxUQxsIuvt49IWOGfMQJN
vQqZpguPXFZ8xNyL9Fa3blK1AUz3dRGU1xTM7vNWWZDbGxF1oZ5aZ3hfquGbgZ9h
cTnJzwDlh8ZMi8Dmhre1YMtMSlGGMCVByLssfnPZTIyk28Up8BoQB2dFmWSRB2jI
hm4wvX1YOsdRW74KTyHIu5zd5Ei9FRyFJyWFfBLBwBg9
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:16:59 2025 by rpki-client