Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/lSXno5Dt5J6kLBzPmnnVZEXBFTU.roa
File: lSXno5Dt5J6kLBzPmnnVZEXBFTU.roa (raw, json)
Hash identifier: zQK7/RzTCcgVdUj9oUunG6zWsfSjW2arxGqZ/qWZ4/I=
Subject key identifier: 95:25:E7:A3:90:ED:E4:9E:A4:2C:1C:CF:9A:79:D5:64:45:C1:15:35
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0197A2348520ECD4906181C177D4F9FDF020
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/lSXno5Dt5J6kLBzPmnnVZEXBFTU.roa
Signing time: Tue 24 Jun 2025 13:50:40 +0000
ROA not before: Tue 24 Jun 2025 13:50:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32043
IP address blocks: 195.216.167.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Jul 2025 11:32:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a2:34:85:20:ec:d4:90:61:81:c1:77:d4:f9:fd:f0:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jun 24 13:50:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9525e7a390ede49ea42c1ccf9a79d56445c11535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:91:59:3c:fc:d5:ab:39:8c:8f:0e:ab:2e:92:
35:0f:1f:ae:df:2a:e4:f1:72:63:3d:b7:a3:bc:cb:
27:81:b0:34:ca:ee:dc:a1:1c:5e:67:88:dc:03:48:
86:d1:41:c7:17:9c:2d:57:d4:39:ba:d8:49:fb:09:
b2:ce:11:58:6b:51:43:ae:c4:60:5c:29:4a:0d:ec:
0f:84:2e:68:3f:b3:db:16:62:35:ae:bb:4e:89:e7:
ca:b7:1f:fe:e4:98:49:95:4c:5f:fd:b4:30:7d:98:
4e:f3:22:43:91:21:56:23:f4:f4:72:20:d7:d5:06:
ba:c0:3b:1d:1a:00:dc:17:a3:be:0a:a6:28:8e:eb:
e0:9d:00:ad:c9:31:87:a1:84:1a:86:4e:5b:62:14:
6e:a6:e1:a6:16:e3:ce:fa:3e:86:d6:ff:6e:12:17:
ad:83:8f:83:c1:da:96:34:de:d7:d3:a8:12:6d:cd:
9d:04:2d:6a:1b:ce:48:e0:d0:2b:06:4f:b3:b7:8f:
75:71:23:bd:3b:b0:4c:a2:aa:16:ca:f2:69:53:61:
5c:de:01:67:1e:90:38:08:af:9b:26:12:e6:47:cb:
70:7d:a5:e6:97:39:c9:96:eb:8b:70:d0:5b:42:53:
75:93:85:d1:84:3e:2f:b4:27:ff:e0:2c:ef:cf:3a:
21:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:25:E7:A3:90:ED:E4:9E:A4:2C:1C:CF:9A:79:D5:64:45:C1:15:35
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/lSXno5Dt5J6kLBzPmnnVZEXBFTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.167.0/24
Signature Algorithm: sha256WithRSAEncryption
94:c9:29:63:59:1a:05:b1:e4:b5:64:00:80:c5:53:26:50:24:
4a:02:4e:75:75:e5:1f:56:cf:97:d6:09:b3:b2:fa:5f:df:46:
48:75:04:0f:a4:a2:0b:bc:f3:69:8e:ca:92:fc:1c:77:6b:05:
34:8c:a3:a4:e6:e1:8d:0e:5a:ed:e4:ef:71:19:36:01:38:9b:
f3:d5:36:26:1d:46:83:1f:5d:ba:74:54:c0:d1:aa:45:60:97:
c2:e2:61:f6:ec:59:2c:05:ac:1b:89:5a:31:b3:e6:0f:f7:21:
f9:0b:8a:2f:01:0b:ea:80:b8:e8:7e:8a:1a:54:c2:89:13:f8:
62:a0:ec:c5:5c:de:bf:22:60:d9:fc:0c:27:13:56:78:ef:58:
6b:67:a9:26:2a:6c:55:ab:5c:1e:64:6a:cf:12:a0:20:3d:e3:
77:04:05:ad:f0:2a:c6:51:6f:d9:46:20:96:20:95:90:8c:68:
c7:2c:54:27:63:68:1c:fb:d4:30:53:ca:6c:ba:39:a2:7b:a7:
ba:87:98:90:71:2c:09:5b:36:a5:be:4d:a6:88:94:eb:a8:dc:
0e:b2:8a:1d:0a:b6:28:d4:3c:98:17:7e:d8:34:01:07:0b:79:
2d:bd:2a:5b:4a:27:a6:3a:9a:5c:39:e2:b4:77:99:2a:c6:48:
66:98:41:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZeiNIUg7NSQYYHBd9T5/fAgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwNjI0MTM1MDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTI1ZTdhMzkwZWRlNDllYTQyYzFjY2Y5YTc5ZDU2NDQ1YzExNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5FZPPzVqzmMjw6rLpI1Dx+u3yrk
8XJjPbejvMsngbA0yu7coRxeZ4jcA0iG0UHHF5wtV9Q5uthJ+wmyzhFYa1FDrsRg
XClKDewPhC5oP7PbFmI1rrtOiefKtx/+5JhJlUxf/bQwfZhO8yJDkSFWI/T0ciDX
1Qa6wDsdGgDcF6O+CqYojuvgnQCtyTGHoYQahk5bYhRupuGmFuPO+j6G1v9uEhet
g4+DwdqWNN7X06gSbc2dBC1qG85I4NArBk+zt491cSO9O7BMoqoWyvJpU2Fc3gFn
HpA4CK+bJhLmR8twfaXmlznJluuLcNBbQlN1k4XRhD4vtCf/4Czvzzoh1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJUl56OQ7eSepCwcz5p51WRFwRU1MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbFNYbm81RHQ1SjZrTEJ6UG1ublZaRVhCRlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw9inMA0G
CSqGSIb3DQEBCwUAA4IBAQCUySljWRoFseS1ZACAxVMmUCRKAk51deUfVs+X1gmz
svpf30ZIdQQPpKILvPNpjsqS/Bx3awU0jKOk5uGNDlrt5O9xGTYBOJvz1TYmHUaD
H126dFTA0apFYJfC4mH27FksBawbiVoxs+YP9yH5C4ovAQvqgLjofooaVMKJE/hi
oOzFXN6/ImDZ/AwnE1Z471hrZ6kmKmxVq1weZGrPEqAgPeN3BAWt8CrGUW/ZRiCW
IJWQjGjHLFQnY2gc+9QwU8psujmie6e6h5iQcSwJWzalvk2miJTrqNwOsoodCrYo
1DyYF37YNAEHC3ktvSpbSiemOppcOeK0d5kqxkhmmEFX
-----END CERTIFICATE-----
Generated at Tue Jul 1 15:14:54 2025 by rpki-client