Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/VKYhf-uvMjY3Ds51Dh53fcum4C0.roa
File: VKYhf-uvMjY3Ds51Dh53fcum4C0.roa (raw, json)
Hash identifier: TH962GNxjed6jintkar29/wNFfCSuEqgbAvA7sMV0zE=
Subject key identifier: 54:A6:21:7F:EB:AF:32:36:37:0E:CE:75:0E:1E:77:7D:CB:A6:E0:2D
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019760926B602CD5FDF071F4162A65340E20
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/VKYhf-uvMjY3Ds51Dh53fcum4C0.roa
Signing time: Wed 11 Jun 2025 19:58:17 +0000
ROA not before: Wed 11 Jun 2025 19:58:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.193.0/24 maxlen: 24
79.172.208.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 15 Jun 2025 10:54:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:92:6b:60:2c:d5:fd:f0:71:f4:16:2a:65:34:0e:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 11 19:58:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=54a6217febaf3236370ece750e1e777dcba6e02d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:81:d7:e4:3f:7c:a5:95:7b:0b:c0:d6:15:c7:
10:b2:d7:bf:02:8a:f4:2a:06:f3:40:e4:1b:88:9e:
5d:7f:f8:2e:56:58:e4:33:3d:38:bc:e3:e1:f4:34:
28:2a:45:cc:f5:94:40:15:29:5c:a8:2f:72:0c:52:
01:80:a4:a0:39:36:a9:99:5a:dd:9a:83:e4:12:47:
56:28:7a:32:80:ae:f9:c9:3e:cc:ec:5d:c3:8c:1f:
1e:c1:cc:9c:c3:78:22:e9:01:3d:3b:7a:c9:e5:3e:
ec:9b:40:3d:6c:ec:1e:c8:9f:b3:9a:50:0d:83:19:
50:04:ae:b3:fa:e8:6c:af:de:d0:22:ab:e1:ba:8e:
40:4e:0a:a1:ad:53:d9:c2:b9:3c:87:91:b4:27:34:
a7:95:8b:d5:b9:f7:a8:c7:a1:9e:1e:a8:17:1c:d4:
2a:65:b3:5b:7b:9c:a9:d6:f4:da:83:32:eb:f9:38:
bf:8b:82:05:76:06:a1:f6:51:f3:dd:e0:e6:8b:1a:
bd:bb:f0:07:53:e3:ab:37:99:a1:74:6d:d9:68:2e:
68:10:14:40:12:47:12:94:fb:e6:e0:6a:dc:ce:9c:
b5:e5:2f:b2:e1:53:11:65:29:3d:6c:c7:d3:00:8e:
4d:d9:54:f6:cb:bb:47:42:98:ad:1d:8f:99:2b:df:
19:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:A6:21:7F:EB:AF:32:36:37:0E:CE:75:0E:1E:77:7D:CB:A6:E0:2D
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/VKYhf-uvMjY3Ds51Dh53fcum4C0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.193.0/24
79.172.208.0/24
79.172.228.0/24
87.229.8.0/22
87.229.79.0/24
Signature Algorithm: sha256WithRSAEncryption
59:cf:5e:9b:10:2d:f7:19:0f:d0:23:8c:16:14:ae:9a:e8:ca:
29:9e:ed:69:1c:e6:dd:85:3c:ee:e4:b1:c3:13:7a:36:6a:ca:
21:4f:46:82:7d:d3:37:78:43:99:bc:7c:12:c3:06:51:10:54:
7f:17:fe:74:fa:6a:0e:32:d1:68:a3:f8:85:09:40:b4:e8:03:
cd:f6:47:b7:47:a9:d4:af:95:88:59:19:8e:9a:a0:cd:0c:66:
40:11:b5:b7:49:d7:b7:d2:f9:e3:fd:07:b0:d6:1a:1a:5e:a4:
14:e3:51:c9:37:56:de:f0:3b:db:ec:93:9a:b8:e2:8b:a9:25:
ad:99:ea:ee:94:b7:49:15:f6:0b:be:e8:7f:1f:37:19:3d:2d:
25:68:cf:d3:58:76:23:18:6d:50:6a:4b:69:0f:0e:f8:c0:02:
67:71:82:cb:7c:bd:0b:3c:59:bf:7e:4f:1d:0e:c4:d7:1e:0e:
53:06:89:08:7e:f5:2d:64:d0:55:5d:b7:c9:0d:18:99:60:70:
11:45:de:48:d6:8f:8e:50:b5:09:ea:2e:7d:81:2d:4f:80:91:
80:f9:3f:01:b8:cf:28:c6:c0:de:df:d8:32:15:5a:d9:fd:fd:
69:b8:4e:e1:da:83:ed:56:65:31:11:c1:74:d5:17:75:2d:76:
b2:b3:f3:c1
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZdgkmtgLNX98HH0FiplNA4gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjExMTk1ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGE2MjE3ZmViYWYzMjM2MzcwZWNlNzUwZTFlNzc3ZGNiYTZlMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIHX5D98pZV7C8DWFccQste/Aor0
KgbzQOQbiJ5df/guVljkMz04vOPh9DQoKkXM9ZRAFSlcqC9yDFIBgKSgOTapmVrd
moPkEkdWKHoygK75yT7M7F3DjB8ewcycw3gi6QE9O3rJ5T7sm0A9bOweyJ+zmlAN
gxlQBK6z+uhsr97QIqvhuo5ATgqhrVPZwrk8h5G0JzSnlYvVufeox6GeHqgXHNQq
ZbNbe5yp1vTagzLr+Ti/i4IFdgah9lHz3eDmixq9u/AHU+OrN5mhdG3ZaC5oEBRA
EkcSlPvm4Grczpy15S+y4VMRZSk9bMfTAI5N2VT2y7tHQpitHY+ZK98ZuQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFSmIX/rrzI2Nw7OdQ4ed33LpuAtMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvVktZaGYtdXZNalkzRHM1MURoNTNmY3VtNEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAT6zBAwQA
T6zQAwQAT6zkAwQCV+UIAwQAV+VPMA0GCSqGSIb3DQEBCwUAA4IBAQBZz16bEC33
GQ/QI4wWFK6a6Mopnu1pHObdhTzu5LHDE3o2asohT0aCfdM3eEOZvHwSwwZREFR/
F/50+moOMtFoo/iFCUC06APN9ke3R6nUr5WIWRmOmqDNDGZAEbW3Sde30vnj/Qew
1hoaXqQU41HJN1be8Dvb7JOauOKLqSWtmerulLdJFfYLvuh/HzcZPS0laM/TWHYj
GG1QaktpDw74wAJncYLLfL0LPFm/fk8dDsTXHg5TBokIfvUtZNBVXbfJDRiZYHAR
Rd5I1o+OULUJ6i59gS1PgJGA+T8BuM8oxsDe39gyFVrZ/f1puE7h2oPtVmUxEcF0
1Rd1LXays/PB
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:33:28 2025 by rpki-client