Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7PHYTFkOM2Ym5yRDwngldLqb48U.roa
File: 7PHYTFkOM2Ym5yRDwngldLqb48U.roa (raw, json)
Hash identifier: UZQ7yenEtaKoCuuset3SYXq2LOsSa70M4hYIBJQkUB0=
Subject key identifier: EC:F1:D8:4C:59:0E:33:66:26:E7:24:43:C2:78:25:74:BA:9B:E3:C5
Certificate issuer: /CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Certificate serial: 01970D65A5A1EC0208506417A4346140BA1D
Authority key identifier: 5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7PHYTFkOM2Ym5yRDwngldLqb48U.roa
Signing time: Mon 26 May 2025 16:20:54 +0000
ROA not before: Mon 26 May 2025 16:20:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58030
IP address blocks: 91.237.255.0/24 maxlen: 24
91.238.0.0/24 maxlen: 24
2001:67c:1158::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 27 May 2025 16:12:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:65:a5:a1:ec:02:08:50:64:17:a4:34:61:40:ba:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a5e66b2759e50bb69bb0a4409eeb3ba48c46c56
Validity
Not Before: May 26 16:20:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecf1d84c590e336626e72443c2782574ba9be3c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:e1:77:70:3d:d2:87:3e:1c:7d:03:a7:25:78:
ee:2d:b5:64:d9:37:39:d4:96:8d:e5:d0:95:9c:ae:
65:d9:1f:19:48:32:9e:09:49:b5:27:f4:96:43:05:
a5:21:2c:43:e0:9d:1f:5e:32:fe:07:62:c0:6e:b8:
42:87:cb:0a:0e:7d:27:ba:db:e6:98:27:9f:94:18:
ff:91:b6:9d:69:fe:51:3d:a5:78:8a:02:c1:ec:de:
79:a4:a7:55:0a:b6:55:2b:af:8a:97:74:23:7f:b2:
ae:c6:20:6c:48:87:cf:63:cd:b4:3a:d8:bc:73:d2:
10:e2:9e:e6:5c:af:ed:51:86:5d:7a:8d:9d:af:47:
6b:34:22:93:ba:71:77:8a:64:d2:c9:7b:3a:03:b2:
41:5a:5c:19:d4:0a:7b:92:81:b3:ee:9e:9b:ee:1d:
82:64:e6:3d:d4:4b:fd:37:2c:29:20:de:04:c7:24:
e7:a0:e9:3c:d7:a7:3f:28:1b:45:ff:79:cd:26:fd:
7e:8d:e3:47:11:9d:7d:f4:4b:cd:5d:61:13:8c:94:
84:95:c2:0d:fa:77:37:00:ca:e4:95:3f:3e:24:6f:
e4:07:6e:a0:60:ef:5f:e5:9f:f7:a7:d0:b1:c1:76:
e0:d0:2a:d0:b5:54:a8:d4:2b:cf:31:91:b5:30:c8:
44:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:F1:D8:4C:59:0E:33:66:26:E7:24:43:C2:78:25:74:BA:9B:E3:C5
X509v3 Authority Key Identifier:
keyid:5A:5E:66:B2:75:9E:50:BB:69:BB:0A:44:09:EE:B3:BA:48:C4:6C:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wl5msnWeULtpuwpECe6zukjEbFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/7PHYTFkOM2Ym5yRDwngldLqb48U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/4f76b4-7d56-47a0-ac5b-653f239fe9a0/1/Wl5msnWeULtpuwpECe6zukjEbFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.237.255.0-91.238.0.255
IPv6:
2001:67c:1158::/48
Signature Algorithm: sha256WithRSAEncryption
00:b2:13:99:bc:bd:90:2f:6d:9d:f2:a6:58:7e:ba:a2:c9:dd:
53:c0:56:37:db:9f:f2:eb:1b:02:54:35:ab:b2:d1:1d:69:fd:
21:00:78:83:3a:9f:65:1f:53:df:c1:59:31:c5:d8:45:67:69:
78:e4:27:5d:ff:8c:85:c1:8e:87:06:04:38:c2:d7:25:fb:e6:
9c:4b:ed:9e:82:7c:50:2b:ae:00:04:f1:f6:11:81:38:1c:52:
01:e9:6f:a4:90:40:82:37:8a:b1:2d:76:5e:00:9f:54:92:4e:
92:7c:8c:50:53:e5:78:03:fa:7f:52:73:a0:a1:e2:f6:78:a6:
14:e6:99:dc:33:4b:39:d3:a9:ec:7f:8b:e7:bf:14:83:61:8a:
d9:b3:ee:48:dd:41:77:56:a6:b7:61:39:c0:1c:cf:29:18:41:
e0:01:c3:e3:d0:8e:11:0e:fe:56:cd:dd:39:7c:fb:3c:47:0b:
96:f1:a9:bf:0d:36:28:1d:9b:11:02:d2:9a:a1:f5:b9:e6:4a:
6d:da:f7:f0:99:68:b6:6b:cd:b2:9f:47:dd:1d:7a:c9:29:20:
36:4e:4a:a9:01:1d:f5:06:c6:b6:3b:ea:69:40:17:31:8e:63:
ac:b8:3c:50:14:f6:45:9a:8e:df:b4:d1:f5:47:6f:9c:9d:0b:
b9:cf:15:e9
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZcNZaWh7AIIUGQXpDRhQLodMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNWU2NmIyNzU5ZTUwYmI2OWJiMGE0NDA5ZWViM2JhNDhj
NDZjNTYwHhcNMjUwNTI2MTYyMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2YxZDg0YzU5MGUzMzY2MjZlNzI0NDNjMjc4MjU3NGJhOWJlM2M1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9+F3cD3Shz4cfQOnJXjuLbVk2Tc5
1JaN5dCVnK5l2R8ZSDKeCUm1J/SWQwWlISxD4J0fXjL+B2LAbrhCh8sKDn0nutvm
mCeflBj/kbadaf5RPaV4igLB7N55pKdVCrZVK6+Kl3Qjf7KuxiBsSIfPY820Oti8
c9IQ4p7mXK/tUYZdeo2dr0drNCKTunF3imTSyXs6A7JBWlwZ1Ap7koGz7p6b7h2C
ZOY91Ev9NywpIN4ExyTnoOk816c/KBtF/3nNJv1+jeNHEZ199EvNXWETjJSElcIN
+nc3AMrklT8+JG/kB26gYO9f5Z/3p9CxwXbg0CrQtVSo1CvPMZG1MMhE2wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOzx2ExZDjNmJuckQ8J4JXS6m+PFMB8GA1UdIwQY
MBaAFFpeZrJ1nlC7absKRAnus7pIxGxWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWIt
NjUzZjIzOWZlOWEwLzEvN1BIWVRGa09NMlltNXlSRHduZ2xkTHFiNDhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi80Zjc2YjQtN2Q1Ni00N2EwLWFjNWItNjUzZjIzOWZlOWEw
LzEvV2w1bXNuV2VVTHRwdXdwRUNlNnp1a2pFYkZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBABb7f8D
BABb7gAwDwQCAAIwCQMHACABBnwRWDANBgkqhkiG9w0BAQsFAAOCAQEAALITmby9
kC9tnfKmWH66osndU8BWN9uf8usbAlQ1q7LRHWn9IQB4gzqfZR9T38FZMcXYRWdp
eOQnXf+MhcGOhwYEOMLXJfvmnEvtnoJ8UCuuAATx9hGBOBxSAelvpJBAgjeKsS12
XgCfVJJOknyMUFPleAP6f1JzoKHi9nimFOaZ3DNLOdOp7H+L578Ug2GK2bPuSN1B
d1amt2E5wBzPKRhB4AHD49COEQ7+Vs3dOXz7PEcLlvGpvw02KB2bEQLSmqH1ueZK
bdr38JlotmvNsp9H3R16ySkgNk5KqQEd9QbGtjvqaUAXMY5jrLg8UBT2RZqO37TR
9UdvnJ0Luc8V6Q==
-----END CERTIFICATE-----
Generated at Sun Jun 15 11:36:45 2025 by rpki-client