Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/hW4ysZvZa6MGUQJJVQivj51BS0w.roa
File: hW4ysZvZa6MGUQJJVQivj51BS0w.roa (raw, json)
Hash identifier: NR8m9l1dbVz5purZCod4ihc6YtIFnFopo+v7LBfX7mw=
Subject key identifier: 85:6E:32:B1:9B:D9:6B:A3:06:51:02:49:55:08:AF:8F:9D:41:4B:4C
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0196735238CE9984A8C90D3C75BFC1467767
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/hW4ysZvZa6MGUQJJVQivj51BS0w.roa
Signing time: Sat 26 Apr 2025 18:18:10 +0000
ROA not before: Sat 26 Apr 2025 18:18:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.229.8.0/22 maxlen: 22
87.229.64.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 27 Apr 2025 17:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:73:52:38:ce:99:84:a8:c9:0d:3c:75:bf:c1:46:77:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 26 18:18:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=856e32b19bd96ba3065102495508af8f9d414b4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e2:33:52:18:d2:94:58:7e:1e:79:54:bc:55:
59:da:af:db:82:f3:8c:6d:da:6c:8f:f0:ed:8a:41:
e0:f9:29:3c:60:ff:33:78:86:51:f4:b0:87:33:a7:
5c:d8:2f:7b:0e:72:df:e4:d7:7a:4d:fc:02:38:83:
8e:83:e6:86:2a:ca:ac:4e:0b:f4:1f:54:6d:c6:13:
2d:40:32:4a:b3:09:30:9c:10:bb:bf:3f:6c:97:0f:
37:41:34:e6:da:b6:3f:f7:b5:e8:b8:a9:3e:dd:f5:
78:4c:43:a6:31:ec:42:ed:07:81:f5:eb:0c:10:7c:
bc:d9:c6:98:ba:c9:8b:7b:cb:b3:99:2a:12:20:e7:
9c:1d:1b:82:26:f6:d5:d2:82:8a:c6:9c:f7:45:26:
bb:56:db:2d:2d:cf:72:5d:cf:b6:ef:95:6d:29:9e:
32:73:2f:bb:5a:cf:15:86:5f:3e:ab:75:e4:11:b2:
54:7c:6b:78:b0:f8:68:87:1b:60:20:66:4a:db:95:
dd:d5:65:91:14:79:cb:05:2c:91:22:a3:78:38:81:
d0:0c:5c:56:1d:50:3a:41:bf:69:97:3d:03:b0:51:
29:e1:2f:13:ac:89:5b:5e:8d:bd:e2:aa:ca:f5:1c:
db:a9:62:a3:9a:c4:58:c2:6e:be:22:ad:b3:28:19:
e6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:6E:32:B1:9B:D9:6B:A3:06:51:02:49:55:08:AF:8F:9D:41:4B:4C
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/hW4ysZvZa6MGUQJJVQivj51BS0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.8.0/22
87.229.64.0/24
87.229.125.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:78:02:6e:3f:78:8d:c4:2b:cf:f9:e5:5c:16:83:6d:4c:f9:
e3:cb:e1:4e:c1:d8:57:40:09:12:2f:3a:df:08:5d:46:e7:c4:
7e:ff:56:f1:b1:32:97:92:7b:f6:d4:90:51:08:ea:c5:85:22:
ed:a7:d1:9b:e5:fa:8e:ee:6f:cd:d0:89:d8:0e:a9:27:97:bd:
c4:91:5c:b1:c2:e0:0e:e9:61:9f:97:d1:0a:5e:53:fa:3b:4b:
4b:cb:2c:af:5f:e3:9b:fc:f6:79:2f:55:33:c5:1d:84:a5:f8:
b5:64:6f:41:1a:3f:74:43:18:2d:10:c9:4a:0f:53:5e:2b:80:
5c:c7:0e:f7:e2:1b:1e:68:3c:27:7b:42:8f:a5:21:e0:09:d7:
76:cf:a4:4b:09:0b:27:9c:89:7f:23:83:b4:55:2b:5e:33:6f:
c5:c4:48:90:a7:45:14:ab:77:c5:4d:0c:ad:8c:91:b6:66:35:
c3:2a:ed:aa:eb:aa:2e:e0:21:e7:aa:b6:c0:dd:d7:6c:2c:2f:
dc:2d:41:34:aa:d3:14:76:3d:75:05:1f:ce:ea:fb:d2:b1:66:
ad:4e:38:95:2e:94:9b:dc:cf:ef:5f:21:9f:f2:37:1f:9f:b2:
2e:d3:db:18:e2:9f:5f:70:fa:66:8f:9d:7a:6a:28:c0:9a:73:
eb:72:93:0e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZzUjjOmYSoyQ08db/BRndnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDI2MTgxODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTZlMzJiMTliZDk2YmEzMDY1MTAyNDk1NTA4YWY4ZjlkNDE0YjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+IzUhjSlFh+HnlUvFVZ2q/bgvOM
bdpsj/DtikHg+Sk8YP8zeIZR9LCHM6dc2C97DnLf5Nd6TfwCOIOOg+aGKsqsTgv0
H1RtxhMtQDJKswkwnBC7vz9slw83QTTm2rY/97XouKk+3fV4TEOmMexC7QeB9esM
EHy82caYusmLe8uzmSoSIOecHRuCJvbV0oKKxpz3RSa7VtstLc9yXc+275VtKZ4y
cy+7Ws8Vhl8+q3XkEbJUfGt4sPhohxtgIGZK25Xd1WWRFHnLBSyRIqN4OIHQDFxW
HVA6Qb9plz0DsFEp4S8TrIlbXo294qrK9RzbqWKjmsRYwm6+Iq2zKBnmGwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIVuMrGb2WujBlECSVUIr4+dQUtMMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvaFc0eXNadlphNk1HVVFKSlZRaXZqNTFCUzB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCV+UIAwQA
V+VAAwQAV+V9MA0GCSqGSIb3DQEBCwUAA4IBAQCgeAJuP3iNxCvP+eVcFoNtTPnj
y+FOwdhXQAkSLzrfCF1G58R+/1bxsTKXknv21JBRCOrFhSLtp9Gb5fqO7m/N0InY
Dqknl73EkVyxwuAO6WGfl9EKXlP6O0tLyyyvX+Ob/PZ5L1UzxR2Epfi1ZG9BGj90
QxgtEMlKD1NeK4Bcxw734hseaDwne0KPpSHgCdd2z6RLCQsnnIl/I4O0VSteM2/F
xEiQp0UUq3fFTQytjJG2ZjXDKu2q66ou4CHnqrbA3ddsLC/cLUE0qtMUdj11BR/O
6vvSsWatTjiVLpSb3M/vXyGf8jcfn7Iu09sY4p9fcPpmj516aijAmnPrcpMO
-----END CERTIFICATE-----
Generated at Wed Apr 30 05:21:05 2025 by rpki-client