Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/O0OqJIng2AYL2vE7dHEyZgGmUCg.roa
File: O0OqJIng2AYL2vE7dHEyZgGmUCg.roa (raw, json)
Hash identifier: cytp81LYQsjKv5qKvpW7qYcyLyaHWk3BydjbcA2cn4I=
Subject key identifier: 3B:43:AA:24:89:E0:D8:06:0B:DA:F1:3B:74:71:32:66:01:A6:50:28
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0197F8C9DE90C2ECB17F2AF60671428DF041
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/O0OqJIng2AYL2vE7dHEyZgGmUCg.roa
Signing time: Fri 11 Jul 2025 09:21:08 +0000
ROA not before: Fri 11 Jul 2025 09:21:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.253.0/24 maxlen: 24
45.155.254.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
176.125.251.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Jul 2025 10:36:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f8:c9:de:90:c2:ec:b1:7f:2a:f6:06:71:42:8d:f0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 11 09:21:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b43aa2489e0d8060bdaf13b7471326601a65028
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:15:f5:ef:f8:82:fa:2a:2c:31:63:51:56:18:
46:98:50:59:86:ff:ce:82:06:6d:56:9b:68:05:6a:
93:e6:c0:5f:df:d8:e0:3f:d7:57:4a:b1:25:ac:32:
db:5e:e2:72:e9:fc:4c:2b:8b:23:c3:93:0d:7c:64:
a0:ae:78:3e:99:51:59:6a:c9:fc:64:74:ec:b4:4b:
cd:d6:86:a4:a4:f6:a8:99:a3:0c:e9:be:cb:31:72:
62:77:cc:3b:22:36:c2:be:fd:39:50:72:cb:74:72:
63:e4:c0:ec:f6:1f:92:29:e0:37:83:70:06:6a:1e:
c9:bd:d2:04:49:28:fa:fd:b4:13:0d:6b:4f:ee:fa:
fa:0d:5f:c4:ed:d9:36:34:87:52:c1:e5:91:80:68:
a2:d8:6b:28:ac:ad:29:0d:19:02:d8:fb:20:07:af:
91:9c:38:b3:37:26:d0:ae:c0:8b:1c:24:3e:c9:11:
f4:0c:c5:8e:fe:36:1a:ff:98:1b:ce:08:02:d2:f4:
84:70:27:e7:c4:9c:9a:23:e4:3d:54:6e:73:37:9f:
3e:42:51:ae:47:4e:be:b5:38:ed:2e:38:f3:1d:f1:
39:b1:70:3a:8d:e0:89:c8:33:6c:0e:eb:ad:18:bd:
f0:90:9b:6a:ba:5a:40:29:6a:e6:8c:5a:31:5b:22:
23:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:43:AA:24:89:E0:D8:06:0B:DA:F1:3B:74:71:32:66:01:A6:50:28
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/O0OqJIng2AYL2vE7dHEyZgGmUCg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.253.0-45.155.254.255
45.157.211.0/24
176.125.251.0/24
185.199.151.0/24
185.199.213.0/24
185.221.25.0-185.221.26.255
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:0e:6c:6e:73:66:82:65:63:45:fc:f4:59:36:ce:97:04:56:
10:d7:39:f9:46:6c:13:33:89:a8:00:4e:01:4a:cb:76:4e:37:
31:b1:39:c3:a4:4e:59:84:9d:fc:92:9b:0b:29:a3:6f:3a:52:
1b:ff:63:a1:30:be:15:f8:ca:8b:e1:ec:d5:b2:a3:7f:c8:e0:
e8:11:39:95:8a:1a:ba:5f:fa:6e:ff:a5:dd:18:7b:38:e0:08:
c5:dd:47:a8:44:4c:4f:e1:3b:02:94:e9:4e:a5:22:2c:ff:19:
e5:15:14:0c:a8:b2:95:43:c9:c6:08:74:7d:6d:d0:62:e9:c8:
4b:5c:c6:c2:1c:bd:c0:48:e8:4c:ed:76:4e:f4:54:c0:98:f0:
b5:f3:e6:5d:25:19:c9:f0:bd:c0:e9:81:03:17:2f:b4:5b:ce:
31:9e:d0:30:1a:d5:40:4f:62:18:b3:65:36:62:05:1a:2f:d1:
62:63:50:5c:6d:ef:a3:f6:65:72:6f:82:ee:10:0d:16:51:a3:
e4:fb:02:13:66:7e:33:01:4f:81:01:e4:74:7c:45:70:b6:92:
03:3b:e0:b4:67:df:79:4b:a5:47:4d:30:96:ae:d7:40:1f:52:
93:b0:62:ad:43:50:86:9c:cb:c5:db:1b:fe:e7:6d:b7:b2:0a:
bd:98:0c:86
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZf4yd6Qwuyxfyr2BnFCjfBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNzExMDkyMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQzYWEyNDg5ZTBkODA2MGJkYWYxM2I3NDcxMzI2NjAxYTY1MDI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRX17/iC+iosMWNRVhhGmFBZhv/O
ggZtVptoBWqT5sBf39jgP9dXSrElrDLbXuJy6fxMK4sjw5MNfGSgrng+mVFZasn8
ZHTstEvN1oakpPaomaMM6b7LMXJid8w7IjbCvv05UHLLdHJj5MDs9h+SKeA3g3AG
ah7JvdIESSj6/bQTDWtP7vr6DV/E7dk2NIdSweWRgGii2GsorK0pDRkC2PsgB6+R
nDizNybQrsCLHCQ+yRH0DMWO/jYa/5gbzggC0vSEcCfnxJyaI+Q9VG5zN58+QlGu
R06+tTjtLjjzHfE5sXA6jeCJyDNsDuutGL3wkJtqulpAKWrmjFoxWyIjlwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFDtDqiSJ4NgGC9rxO3RxMmYBplAoMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvTzBPcUpJbmcyQVlMMnZFN2RIRXlaZ0dtVUNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAAtm/0D
BAAtm/4DBAAtndMDBACwffsDBAC5x5cDBAC5x9UwDAMEALndGQMEALndGgMEALn6
GjANBgkqhkiG9w0BAQsFAAOCAQEAfA5sbnNmgmVjRfz0WTbOlwRWENc5+UZsEzOJ
qABOAUrLdk43MbE5w6ROWYSd/JKbCymjbzpSG/9joTC+FfjKi+Hs1bKjf8jg6BE5
lYoaul/6bv+l3Rh7OOAIxd1HqERMT+E7ApTpTqUiLP8Z5RUUDKiylUPJxgh0fW3Q
YunIS1zGwhy9wEjoTO12TvRUwJjwtfPmXSUZyfC9wOmBAxcvtFvOMZ7QMBrVQE9i
GLNlNmIFGi/RYmNQXG3vo/Zlcm+C7hANFlGj5PsCE2Z+MwFPgQHkdHxFcLaSAzvg
tGffeUulR00wlq7XQB9Sk7BirUNQhpzLxdsb/udtt7IKvZgMhg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:28:18 2025 by rpki-client