Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SfyN0yPEmwyClwz39HJHgCCV3Lc.roa
File: SfyN0yPEmwyClwz39HJHgCCV3Lc.roa (raw, json)
Hash identifier: 6PPXsIls7h2m22SsYSiUEQQi0sGKtgk/g8oUYvAP7mM=
Subject key identifier: 49:FC:8D:D3:23:C4:9B:0C:82:97:0C:F7:F4:72:47:80:20:95:DC:B7
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019808060503B9D7CA09BEB930A85331EA44
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SfyN0yPEmwyClwz39HJHgCCV3Lc.roa
Signing time: Mon 14 Jul 2025 08:21:08 +0000
ROA not before: Mon 14 Jul 2025 08:21:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213520
IP address blocks: 147.45.210.0/24 maxlen: 24
147.45.223.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 17 Jul 2025 07:07:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:06:05:03:b9:d7:ca:09:be:b9:30:a8:53:31:ea:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jul 14 08:21:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=49fc8dd323c49b0c82970cf7f47247802095dcb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:cb:ed:b3:b7:c1:18:a2:8a:b1:28:37:30:e6:
5a:0f:1b:f9:f3:4d:15:73:99:24:27:c7:0d:67:35:
c7:a4:1e:0d:23:52:55:f5:99:91:44:93:e9:93:10:
2b:44:0b:38:d0:45:fc:39:ed:64:ba:9b:0b:9f:83:
3e:ab:19:77:4e:6e:f0:7b:d8:1f:ad:ed:33:f0:0c:
77:50:98:b9:33:d1:16:b9:2b:1c:2a:67:8c:9e:d2:
79:1a:b4:a0:6e:1e:12:9e:f2:a3:ef:cf:12:3c:d4:
09:75:19:6b:88:cf:da:80:e4:c3:62:0e:ef:2e:ec:
4c:e3:92:57:2e:e3:d0:73:2e:93:06:5d:78:dd:0b:
d3:56:c0:43:e8:e1:2e:44:6e:01:56:f4:1f:7b:f7:
ba:3f:93:75:b5:c9:de:8c:20:a5:3f:d7:fc:0e:0e:
bf:31:7f:58:33:91:56:05:5e:be:dc:a6:66:9c:f4:
3c:39:c0:47:f4:00:34:85:50:7e:58:19:c8:be:c2:
4a:19:0b:a9:5b:77:4f:14:a1:49:dd:95:c3:e6:63:
b5:47:7f:61:c5:a8:d8:34:7a:09:13:5e:d8:c7:da:
9d:6a:5e:b8:af:9e:60:75:8d:4d:29:c5:2e:97:45:
36:04:92:2c:5f:42:c7:32:27:df:3a:63:fd:4f:d7:
b9:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FC:8D:D3:23:C4:9B:0C:82:97:0C:F7:F4:72:47:80:20:95:DC:B7
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/SfyN0yPEmwyClwz39HJHgCCV3Lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.210.0/24
147.45.223.0/24
Signature Algorithm: sha256WithRSAEncryption
06:82:bc:de:35:66:29:8f:95:a9:78:37:7f:ac:55:8d:ba:af:
39:2d:b1:8a:1f:de:59:24:53:c0:8d:47:59:50:8d:19:03:77:
5a:6b:b4:7c:f8:d2:85:f7:6a:46:b3:15:90:7e:8b:02:f1:d0:
7c:ab:d0:a9:aa:3d:86:38:ab:68:7f:aa:67:9c:30:5b:fc:dc:
74:83:e5:65:f5:da:a9:a5:0b:68:dd:43:4b:6b:2b:6e:67:9e:
e8:1a:a1:9f:49:8c:7c:94:a3:9b:74:7e:7f:67:45:ba:75:76:
72:96:da:c7:c0:a8:f6:4f:d9:c9:b5:3f:1b:d2:77:11:a3:76:
41:58:d6:74:db:7d:b2:c6:98:52:54:63:41:90:0c:be:9b:77:
c9:78:b7:c9:ae:4c:ec:5f:56:99:df:5e:bc:6d:1c:ef:a9:c2:
b2:8e:85:34:8a:13:82:82:4d:00:f6:e6:8c:aa:56:69:67:9f:
70:e3:e1:ed:5c:0e:62:fd:0a:b4:79:d3:33:01:93:49:72:62:
5a:97:8c:ca:8b:6f:ef:a3:d1:a2:8d:3d:de:b0:73:ac:0d:39:
b6:31:fd:68:68:b7:55:dd:99:17:aa:82:76:8c:39:aa:2e:0f:
c7:e5:4d:18:1b:00:c7:02:c5:4a:e4:0c:d4:78:95:fb:d3:d7:
ee:dc:10:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgIBgUDudfKCb65MKhTMepEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwNzE0MDgyMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZjOGRkMzIzYzQ5YjBjODI5NzBjZjdmNDcyNDc4MDIwOTVkY2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cvts7fBGKKKsSg3MOZaDxv5800V
c5kkJ8cNZzXHpB4NI1JV9ZmRRJPpkxArRAs40EX8Oe1kupsLn4M+qxl3Tm7we9gf
re0z8Ax3UJi5M9EWuSscKmeMntJ5GrSgbh4SnvKj788SPNQJdRlriM/agOTDYg7v
LuxM45JXLuPQcy6TBl143QvTVsBD6OEuRG4BVvQfe/e6P5N1tcnejCClP9f8Dg6/
MX9YM5FWBV6+3KZmnPQ8OcBH9AA0hVB+WBnIvsJKGQupW3dPFKFJ3ZXD5mO1R39h
xajYNHoJE17Yx9qdal64r55gdY1NKcUul0U2BJIsX0LHMiffOmP9T9e5BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEn8jdMjxJsMgpcM9/RyR4Agldy3MB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvU2Z5TjB5UEVtd3lDbHd6MzlISkhnQ0NWM0xjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAky3SAwQA
ky3fMA0GCSqGSIb3DQEBCwUAA4IBAQAGgrzeNWYpj5WpeDd/rFWNuq85LbGKH95Z
JFPAjUdZUI0ZA3daa7R8+NKF92pGsxWQfosC8dB8q9Cpqj2GOKtof6pnnDBb/Nx0
g+Vl9dqppQto3UNLaytuZ57oGqGfSYx8lKObdH5/Z0W6dXZyltrHwKj2T9nJtT8b
0ncRo3ZBWNZ0232yxphSVGNBkAy+m3fJeLfJrkzsX1aZ3168bRzvqcKyjoU0ihOC
gk0A9uaMqlZpZ59w4+HtXA5i/Qq0edMzAZNJcmJal4zKi2/vo9GijT3esHOsDTm2
Mf1oaLdV3ZkXqoJ2jDmqLg/H5U0YGwDHAsVK5AzUeJX709fu3BCq
-----END CERTIFICATE-----
Generated at Sun Jul 27 11:57:43 2025 by rpki-client