Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/bZZP6xtLkkDopIvHVsvBYMZotYs.roa
File: bZZP6xtLkkDopIvHVsvBYMZotYs.roa (raw, json)
Hash identifier: pLsu3dCh9NROKdzrGFdREyPbKayG4anjWEZ+Zy1wSyU=
Subject key identifier: 6D:96:4F:EB:1B:4B:92:40:E8:A4:8B:C7:56:CB:C1:60:C6:68:B5:8B
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0197B0263225052C3ADF88F0E5E5EC42D34C
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/bZZP6xtLkkDopIvHVsvBYMZotYs.roa
Signing time: Fri 27 Jun 2025 06:49:42 +0000
ROA not before: Fri 27 Jun 2025 06:49:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13347
IP address blocks: 194.231.156.0/22 maxlen: 24
194.231.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Jun 2025 06:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b0:26:32:25:05:2c:3a:df:88:f0:e5:e5:ec:42:d3:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Jun 27 06:49:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d964feb1b4b9240e8a48bc756cbc160c668b58b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a9:b2:af:9f:28:19:f7:5d:e0:f3:2b:14:e0:
90:ee:19:0e:1c:d9:4d:21:bb:38:6a:19:47:92:d3:
70:d5:7a:cf:05:e2:aa:68:93:50:02:cc:87:2c:96:
2d:85:37:a7:90:fa:82:3e:df:36:d4:12:e6:5d:18:
c9:54:73:aa:4c:df:79:fe:dd:0f:61:bf:6e:c9:87:
c6:a2:c8:f6:ab:9d:05:e0:e0:aa:50:99:f1:b0:27:
8a:77:a6:0e:0d:e2:dc:3f:02:ce:7b:f3:25:1d:1c:
70:ad:7d:30:02:f6:1a:d6:9b:6c:69:8b:66:40:04:
c7:8f:23:9d:b7:67:fc:95:90:77:b3:e7:2c:6b:97:
7c:fc:a0:2a:7d:ee:ae:4d:38:d7:41:42:e0:49:86:
a5:b6:6b:34:b5:35:ea:14:9f:ce:8b:16:b3:44:1d:
ea:9b:09:49:34:85:df:b4:13:08:9c:61:da:e2:cd:
1b:c5:7a:dd:51:67:03:7a:68:2e:cc:0b:58:00:59:
60:47:3b:da:85:b9:26:3e:f4:88:14:fb:fb:6e:36:
b9:89:88:01:b6:8c:bd:aa:97:82:9a:9b:81:86:5c:
e4:8f:29:6d:7d:9b:84:ff:a7:50:1b:31:c7:5b:e2:
c3:85:8b:c7:7f:16:5c:79:9a:24:32:48:1a:58:17:
af:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:96:4F:EB:1B:4B:92:40:E8:A4:8B:C7:56:CB:C1:60:C6:68:B5:8B
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/bZZP6xtLkkDopIvHVsvBYMZotYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.156.0/22
194.231.220.0/22
Signature Algorithm: sha256WithRSAEncryption
53:95:07:7b:06:2e:cc:ee:a3:f3:34:ff:52:f9:b8:34:a4:69:
a9:8e:26:1e:af:07:12:a3:2b:a6:79:52:9d:c3:a5:bf:38:fd:
7d:4f:cf:93:64:b3:3e:4b:b9:9f:44:bc:f0:2d:28:10:bc:c6:
a3:69:ed:ea:4b:7c:a1:7d:91:9e:5e:8e:07:af:6b:52:40:7e:
8a:be:11:c5:0e:e1:3b:c1:ea:e7:86:ae:0f:28:d3:1b:71:6a:
3f:d6:c8:1d:d9:44:fe:d0:cc:29:48:8c:3b:d5:2c:48:f1:c3:
32:82:4f:0f:8c:2f:13:ee:72:fc:e1:b5:8f:50:ae:1c:9b:6c:
3a:2e:9b:63:2a:05:a6:a7:fe:fa:bb:12:79:80:ce:90:b4:be:
0e:67:45:1e:1c:7e:35:52:8e:7d:ea:ff:04:43:a7:bd:7a:96:
3d:70:d2:c2:b1:49:e3:e7:b7:8b:86:e1:34:1d:73:46:24:04:
91:95:08:86:91:cf:e0:1f:33:91:15:3a:8e:aa:8a:bf:8e:4f:
6c:ba:37:ce:a0:91:a4:5e:f8:48:58:4d:ac:0b:b8:ee:7a:30:
7f:94:fb:f1:d6:51:3d:97:bb:bb:61:dc:39:cb:48:a1:1d:bd:
13:06:11:c0:32:01:ec:91:ae:50:57:06:9a:f9:1a:80:00:2e:
74:06:cb:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZewJjIlBSw634jw5eXsQtNMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwNjI3MDY0OTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk2NGZlYjFiNGI5MjQwZThhNDhiYzc1NmNiYzE2MGM2NjhiNThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsamyr58oGfdd4PMrFOCQ7hkOHNlN
Ibs4ahlHktNw1XrPBeKqaJNQAsyHLJYthTenkPqCPt821BLmXRjJVHOqTN95/t0P
Yb9uyYfGosj2q50F4OCqUJnxsCeKd6YODeLcPwLOe/MlHRxwrX0wAvYa1ptsaYtm
QATHjyOdt2f8lZB3s+csa5d8/KAqfe6uTTjXQULgSYaltms0tTXqFJ/OixazRB3q
mwlJNIXftBMInGHa4s0bxXrdUWcDemguzAtYAFlgRzvahbkmPvSIFPv7bja5iYgB
toy9qpeCmpuBhlzkjyltfZuE/6dQGzHHW+LDhYvHfxZceZokMkgaWBevuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG2WT+sbS5JA6KSLx1bLwWDGaLWLMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvYlpaUDZ4dExra0RvcEl2SFZzdkJZTVpvdFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwuecAwQC
wufcMA0GCSqGSIb3DQEBCwUAA4IBAQBTlQd7Bi7M7qPzNP9S+bg0pGmpjiYerwcS
oyumeVKdw6W/OP19T8+TZLM+S7mfRLzwLSgQvMajae3qS3yhfZGeXo4Hr2tSQH6K
vhHFDuE7wernhq4PKNMbcWo/1sgd2UT+0MwpSIw71SxI8cMygk8PjC8T7nL84bWP
UK4cm2w6LptjKgWmp/76uxJ5gM6QtL4OZ0UeHH41Uo596v8EQ6e9epY9cNLCsUnj
57eLhuE0HXNGJASRlQiGkc/gHzORFTqOqoq/jk9sujfOoJGkXvhIWE2sC7juejB/
lPvx1lE9l7u7Ydw5y0ihHb0TBhHAMgHska5QVwaa+RqAAC50Bssd
-----END CERTIFICATE-----
Generated at Tue Jul 1 14:29:40 2025 by rpki-client