Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/ba7b33-5cd8-404f-bffd-65bcc8cefdd2/1/ky5_nXXOyV_dQCZp844KjFvRE3w.roa
File: ky5_nXXOyV_dQCZp844KjFvRE3w.roa (raw, json)
Hash identifier: Ac0Ww3lAM8EMVK8DvT7n7JDX86pnjdHpiRREyXIEXJ0=
Subject key identifier: 93:2E:7F:9D:75:CE:C9:5F:DD:40:26:69:F3:8E:0A:8C:5B:D1:13:7C
Certificate issuer: /CN=9374b853dfd9973f2cd994b2e3b75461d9a3fc44
Certificate serial: 0197CBCC228FCB4A59188A60701F3DAFF4D7
Authority key identifier: 93:74:B8:53:DF:D9:97:3F:2C:D9:94:B2:E3:B7:54:61:D9:A3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k3S4U9_Zlz8s2ZSy47dUYdmj_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/ba7b33-5cd8-404f-bffd-65bcc8cefdd2/1/ky5_nXXOyV_dQCZp844KjFvRE3w.roa
Signing time: Wed 02 Jul 2025 15:40:42 +0000
ROA not before: Wed 02 Jul 2025 15:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216344
IP address blocks: 95.128.198.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Jul 2025 11:09:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:cc:22:8f:cb:4a:59:18:8a:60:70:1f:3d:af:f4:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9374b853dfd9973f2cd994b2e3b75461d9a3fc44
Validity
Not Before: Jul 2 15:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=932e7f9d75cec95fdd402669f38e0a8c5bd1137c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e1:bf:d6:75:2c:c5:12:a3:71:2b:b3:b1:ca:
e5:e3:50:e3:d1:89:e7:47:d0:0c:74:f3:06:a0:db:
80:93:9e:e4:d4:a5:99:a8:2a:02:b8:df:37:2a:e2:
5b:10:b5:02:ed:3a:3a:b4:c1:a9:7e:d8:cb:ee:5e:
e9:01:87:71:b3:f9:23:50:d6:dc:42:c5:cf:12:a8:
e9:c9:7d:20:dc:ae:68:17:5e:09:d7:00:4d:ee:4b:
a4:fd:2f:3d:fa:3e:2b:36:bf:dd:22:6a:77:46:7d:
6e:78:2d:eb:27:7c:3b:a9:a1:8b:59:93:37:52:85:
48:f9:47:b4:e3:a5:b3:60:d2:c3:7a:99:b0:53:f9:
cb:c1:4a:49:68:75:7a:7f:0f:92:6b:2b:20:98:9c:
2c:95:c9:e6:cb:ba:10:d4:39:53:9b:a7:48:fa:37:
01:8f:f2:fb:b4:c9:15:82:91:ef:e7:02:7a:dd:45:
c1:13:5b:f3:ce:8f:72:e5:4e:71:2a:35:1c:85:e5:
e3:2d:1a:47:0a:03:af:4d:3f:9d:41:cb:7e:d8:07:
70:5e:af:5e:a0:aa:80:16:36:24:5f:9c:7a:71:bf:
5b:4b:1e:c9:c0:68:bc:06:23:f2:00:ff:f5:f4:8f:
25:77:3f:16:7b:7a:e1:78:9f:a2:de:12:71:22:bb:
c6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:2E:7F:9D:75:CE:C9:5F:DD:40:26:69:F3:8E:0A:8C:5B:D1:13:7C
X509v3 Authority Key Identifier:
keyid:93:74:B8:53:DF:D9:97:3F:2C:D9:94:B2:E3:B7:54:61:D9:A3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k3S4U9_Zlz8s2ZSy47dUYdmj_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ba7b33-5cd8-404f-bffd-65bcc8cefdd2/1/ky5_nXXOyV_dQCZp844KjFvRE3w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/ba7b33-5cd8-404f-bffd-65bcc8cefdd2/1/k3S4U9_Zlz8s2ZSy47dUYdmj_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.128.198.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:77:b2:43:44:89:80:f4:ba:3a:a0:78:64:9c:94:61:2b:7a:
5a:bf:6c:f9:c6:35:84:32:71:5c:0d:6b:14:8b:60:57:36:71:
3d:ae:12:d4:37:81:42:ef:2e:49:60:38:d2:74:be:12:e4:df:
b5:ff:d5:49:6e:de:91:df:6c:0e:bb:70:67:03:70:ea:6c:a6:
b1:ce:d3:ae:62:52:2d:1b:bf:a8:de:c9:41:78:89:42:7f:95:
52:7b:86:21:46:28:17:f1:4e:39:c7:c9:a5:30:14:93:64:f4:
91:e5:fc:35:15:18:b8:e4:e2:fd:90:9b:17:1e:40:f9:7d:1d:
0c:3e:e0:6b:50:95:f9:50:da:5a:cc:6c:95:9c:c2:cb:34:b2:
1f:21:5f:b4:5d:09:c3:91:f4:01:32:46:b4:52:0b:9a:1d:49:
75:55:31:78:03:07:4d:d7:e3:cf:4a:05:9e:cd:11:65:e2:da:
4f:3a:2d:62:4b:6e:50:82:a1:cc:67:67:25:be:04:7d:b6:83:
83:7d:e5:24:f0:15:17:25:71:b1:e7:08:56:9b:af:f9:d1:03:
f5:3f:1e:8a:ce:1e:8b:9c:be:1d:b4:5a:67:04:e5:5b:4b:f7:
3c:b1:5d:0c:c0:f5:13:9e:57:de:2d:22:df:31:e3:1a:b7:8f:
25:cd:c8:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZfLzCKPy0pZGIpgcB89r/TXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNzRiODUzZGZkOTk3M2YyY2Q5OTRiMmUzYjc1NDYxZDlh
M2ZjNDQwHhcNMjUwNzAyMTU0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzJlN2Y5ZDc1Y2VjOTVmZGQ0MDI2NjlmMzhlMGE4YzViZDExMzdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuG/1nUsxRKjcSuzscrl41Dj0Ynn
R9AMdPMGoNuAk57k1KWZqCoCuN83KuJbELUC7To6tMGpftjL7l7pAYdxs/kjUNbc
QsXPEqjpyX0g3K5oF14J1wBN7kuk/S89+j4rNr/dImp3Rn1ueC3rJ3w7qaGLWZM3
UoVI+Ue046WzYNLDepmwU/nLwUpJaHV6fw+SaysgmJwslcnmy7oQ1DlTm6dI+jcB
j/L7tMkVgpHv5wJ63UXBE1vzzo9y5U5xKjUcheXjLRpHCgOvTT+dQct+2AdwXq9e
oKqAFjYkX5x6cb9bSx7JwGi8BiPyAP/19I8ldz8We3rheJ+i3hJxIrvGLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJMuf511zslf3UAmafOOCoxb0RN8MB8GA1UdIwQY
MBaAFJN0uFPf2Zc/LNmUsuO3VGHZo/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazNTNFU5X1psejhzMlpTeTQ3ZFVZZG1qX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9iYTdiMzMtNWNkOC00MDRmLWJmZmQt
NjViY2M4Y2VmZGQyLzEva3k1X25YWE95Vl9kUUNacDg0NEtqRnZSRTN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9iYTdiMzMtNWNkOC00MDRmLWJmZmQtNjViY2M4Y2VmZGQy
LzEvazNTNFU5X1psejhzMlpTeTQ3ZFVZZG1qX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAX4DGMA0G
CSqGSIb3DQEBCwUAA4IBAQANd7JDRImA9Lo6oHhknJRhK3pav2z5xjWEMnFcDWsU
i2BXNnE9rhLUN4FC7y5JYDjSdL4S5N+1/9VJbt6R32wOu3BnA3DqbKaxztOuYlIt
G7+o3slBeIlCf5VSe4YhRigX8U45x8mlMBSTZPSR5fw1FRi45OL9kJsXHkD5fR0M
PuBrUJX5UNpazGyVnMLLNLIfIV+0XQnDkfQBMka0UguaHUl1VTF4AwdN1+PPSgWe
zRFl4tpPOi1iS25QgqHMZ2clvgR9toODfeUk8BUXJXGx5whWm6/50QP1Px6Kzh6L
nL4dtFpnBOVbS/c8sV0MwPUTnlfeLSLfMeMat48lzchJ
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:09:22 2025 by rpki-client