Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/2DXNtGNNQdifE04f5v9I0XZo4C4.roa
File: 2DXNtGNNQdifE04f5v9I0XZo4C4.roa (raw, json)
Hash identifier: SaOvnv8EMOjStt6rExPAbq6P6kG1i3BvSAf1Lf4OGY0=
Subject key identifier: D8:35:CD:B4:63:4D:41:D8:9F:13:4E:1F:E6:FF:48:D1:76:68:E0:2E
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019753D4658FB38E27B002C82039AAC1E390
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/2DXNtGNNQdifE04f5v9I0XZo4C4.roa
Signing time: Mon 09 Jun 2025 08:35:17 +0000
ROA not before: Mon 09 Jun 2025 08:35:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.193.0/24 maxlen: 24
79.172.208.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.34.0/24 maxlen: 24
87.229.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Jun 2025 19:58:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:53:d4:65:8f:b3:8e:27:b0:02:c8:20:39:aa:c1:e3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 9 08:35:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d835cdb4634d41d89f134e1fe6ff48d17668e02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:6c:03:a9:55:7b:88:ab:2f:d7:cc:0e:33:5e:
bd:8a:b6:3b:79:38:91:3b:28:d6:00:c3:a7:42:8f:
71:22:8c:2e:52:d5:64:a4:55:64:d7:39:23:72:ac:
3f:a7:ab:4d:0f:6c:33:3e:26:90:3e:8c:c0:26:47:
ea:39:a3:03:5b:9f:4c:44:22:a7:24:e0:bb:89:f8:
0b:d7:63:17:e6:98:12:ac:93:6c:e4:da:49:88:6a:
25:49:62:98:78:75:58:9b:df:1f:f7:7c:29:1d:58:
d3:51:76:88:6e:1d:5e:da:8b:b7:10:ae:cb:8b:9e:
25:e1:5a:86:1b:13:58:6a:bd:c2:36:e9:d2:7f:5b:
e2:4a:3c:2d:d6:5e:af:c6:4e:52:6e:78:a6:36:48:
51:df:c4:80:1d:62:4a:e0:b0:90:e3:3c:b5:f3:5b:
4c:96:37:7a:d6:6b:10:49:68:99:90:6f:dc:9e:fa:
34:3a:8d:e1:7a:89:21:59:c1:8c:c6:4f:52:d0:49:
ea:cc:ab:af:86:e1:e8:87:7c:78:04:f8:e0:22:31:
06:88:99:12:88:09:ae:60:77:cf:5e:4d:d8:b6:d8:
d5:f5:82:32:e2:cc:41:7f:59:ce:b0:d9:04:6d:38:
e6:56:87:7a:a7:e1:49:b1:13:cf:48:df:48:46:2a:
eb:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:35:CD:B4:63:4D:41:D8:9F:13:4E:1F:E6:FF:48:D1:76:68:E0:2E
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/2DXNtGNNQdifE04f5v9I0XZo4C4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.193.0/24
79.172.208.0/24
79.172.228.0/24
87.229.8.0/22
87.229.34.0/24
87.229.79.0/24
Signature Algorithm: sha256WithRSAEncryption
62:82:39:b6:ba:2c:a5:bd:09:d3:2c:fc:34:d8:b1:5c:b8:0b:
71:10:2d:49:75:41:62:ae:bc:31:ca:18:a0:a3:14:e1:aa:b1:
47:ac:d3:a5:7f:29:d4:a6:5d:bf:39:7b:c7:a2:4a:e8:9e:61:
13:6f:96:1c:9c:79:7f:d4:ce:b8:64:71:aa:54:0b:e2:4b:85:
bc:b2:2e:45:61:f8:5a:50:46:0d:48:80:7a:27:bf:c2:03:42:
d2:f7:f0:15:4f:b7:34:35:8f:46:21:d1:30:7c:71:8d:d8:e9:
87:a9:65:24:09:10:40:18:e7:e5:07:9f:92:ce:a2:96:94:03:
0c:fb:7b:4f:26:1c:2a:af:cb:12:d7:c0:48:a4:98:e1:fa:52:
e3:03:6e:a6:dc:e9:c3:e9:6a:02:74:e1:4b:61:f0:94:83:dd:
95:17:eb:02:cf:b2:28:2d:35:73:12:84:7c:45:9c:61:80:f1:
9b:58:6c:96:6f:ea:38:35:9e:9d:8f:f8:6a:da:f2:6f:f9:1c:
db:04:ad:f9:0c:ce:fd:3f:e3:70:4e:ff:79:e2:5a:07:93:3e:
c3:a2:4c:ea:52:b5:dd:b1:41:42:76:6d:5f:24:a6:c1:52:71:
dc:c3:70:6e:97:aa:b9:29:0e:eb:cf:d9:b7:18:22:6f:cb:93:
3d:df:4b:03
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZdT1GWPs44nsALIIDmqweOQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjA5MDgzNTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODM1Y2RiNDYzNGQ0MWQ4OWYxMzRlMWZlNmZmNDhkMTc2NjhlMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA22wDqVV7iKsv18wOM169irY7eTiR
OyjWAMOnQo9xIowuUtVkpFVk1zkjcqw/p6tND2wzPiaQPozAJkfqOaMDW59MRCKn
JOC7ifgL12MX5pgSrJNs5NpJiGolSWKYeHVYm98f93wpHVjTUXaIbh1e2ou3EK7L
i54l4VqGGxNYar3CNunSf1viSjwt1l6vxk5SbnimNkhR38SAHWJK4LCQ4zy181tM
ljd61msQSWiZkG/cnvo0Oo3heokhWcGMxk9S0EnqzKuvhuHoh3x4BPjgIjEGiJkS
iAmuYHfPXk3YttjV9YIy4sxBf1nOsNkEbTjmVod6p+FJsRPPSN9IRirrjwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNg1zbRjTUHYnxNOH+b/SNF2aOAuMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvMkRYTnRHTk5RZGlmRTA0ZjV2OUkwWFpvNEM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT6zBAwQA
T6zQAwQAT6zkAwQCV+UIAwQAV+UiAwQAV+VPMA0GCSqGSIb3DQEBCwUAA4IBAQBi
gjm2uiylvQnTLPw02LFcuAtxEC1JdUFirrwxyhigoxThqrFHrNOlfynUpl2/OXvH
okronmETb5YcnHl/1M64ZHGqVAviS4W8si5FYfhaUEYNSIB6J7/CA0LS9/AVT7c0
NY9GIdEwfHGN2OmHqWUkCRBAGOflB5+SzqKWlAMM+3tPJhwqr8sS18BIpJjh+lLj
A26m3OnD6WoCdOFLYfCUg92VF+sCz7IoLTVzEoR8RZxhgPGbWGyWb+o4NZ6dj/hq
2vJv+RzbBK35DM79P+NwTv954loHkz7DokzqUrXdsUFCdm1fJKbBUnHcw3Bul6q5
KQ7rz9m3GCJvy5M930sD
-----END CERTIFICATE-----
Generated at Tue Jun 17 07:57:34 2025 by rpki-client