Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/foGw3kL_FAfbDBIJjnL41mOx7Ws.roa
File: foGw3kL_FAfbDBIJjnL41mOx7Ws.roa (raw, json)
Hash identifier: ePAMByvzo6icP1qP6PGUHgZ0LposfdtCyIsBb0cLbEE=
Subject key identifier: 7E:81:B0:DE:42:FF:14:07:DB:0C:12:09:8E:72:F8:D6:63:B1:ED:6B
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0197F17E312BF228C442FD19655A5DE9A1BA
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/foGw3kL_FAfbDBIJjnL41mOx7Ws.roa
Signing time: Wed 09 Jul 2025 23:21:08 +0000
ROA not before: Wed 09 Jul 2025 23:21:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.253.0/24 maxlen: 24
45.155.254.0/24 maxlen: 24
45.157.211.0/24 maxlen: 24
185.199.151.0/24 maxlen: 24
185.199.213.0/24 maxlen: 24
185.221.25.0/24 maxlen: 24
185.221.26.0/24 maxlen: 24
185.250.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 11 Jul 2025 09:21:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f1:7e:31:2b:f2:28:c4:42:fd:19:65:5a:5d:e9:a1:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jul 9 23:21:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e81b0de42ff1407db0c12098e72f8d663b1ed6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:1d:9a:3e:57:8b:59:7e:79:c8:67:9d:b7:38:
69:1d:1d:1a:b8:31:97:00:ec:d0:25:00:30:29:50:
88:57:ac:13:87:d1:2f:2d:7e:bc:28:8a:4f:d7:01:
4d:a0:be:1a:31:fc:22:ba:f9:5f:1d:18:94:a3:f8:
72:8d:a5:d6:ee:d9:c2:7b:a4:74:19:72:48:10:81:
0e:28:12:25:26:01:d3:48:6e:36:0d:8f:16:2d:c9:
e8:56:89:6d:a0:80:f0:f5:65:62:e8:54:e6:aa:da:
0e:f9:cb:64:08:08:e0:c3:63:82:82:f2:ed:af:4d:
b6:21:be:80:92:cd:56:8b:b9:f4:39:3b:39:54:f0:
2a:c7:7c:df:e6:a3:dc:4c:06:94:db:b9:47:9c:59:
e6:e3:22:58:08:a6:c8:30:1f:42:74:98:b8:2e:2f:
2e:9f:9b:7a:fa:73:14:a4:84:11:83:a3:e9:91:0a:
60:d8:28:84:9b:67:4c:f6:7c:41:0f:27:d4:4c:c3:
ea:f3:6a:67:9a:1f:c5:71:f7:36:35:2f:27:c4:d1:
ed:13:47:ff:58:62:dd:92:b4:87:f6:60:6a:74:7a:
37:cb:73:91:b8:55:f4:9a:b8:05:3a:45:b6:c7:74:
df:26:2d:3b:ed:38:73:64:05:84:79:37:91:f8:a7:
84:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:81:B0:DE:42:FF:14:07:DB:0C:12:09:8E:72:F8:D6:63:B1:ED:6B
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/foGw3kL_FAfbDBIJjnL41mOx7Ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.253.0-45.155.254.255
45.157.211.0/24
185.199.151.0/24
185.199.213.0/24
185.221.25.0-185.221.26.255
185.250.26.0/24
Signature Algorithm: sha256WithRSAEncryption
63:75:cb:9d:4b:2e:1d:f4:48:6b:6c:df:90:4b:e3:16:3b:5f:
6b:ba:f2:05:cb:ef:06:82:77:74:48:63:33:23:02:e8:94:44:
10:c5:0c:0a:88:55:91:af:fe:7b:f7:ae:f9:6a:8d:e8:e9:a0:
61:e5:47:4a:42:41:a2:09:1a:ff:26:e4:9e:78:53:06:33:22:
62:db:44:8c:71:53:d4:bc:a1:c6:88:76:fa:a9:b2:76:d4:65:
a8:11:33:39:12:f3:d3:6f:65:30:de:83:f0:9b:d6:fd:28:70:
26:8b:3a:a0:68:5b:8d:a2:10:89:26:64:9b:9e:63:56:cb:f7:
c2:23:6c:db:03:4e:2c:8b:9d:cd:6b:61:a2:49:84:b8:4a:a5:
fc:26:d4:9c:ae:87:09:76:26:68:5f:9f:17:bf:39:8f:25:a4:
42:6c:57:cb:39:88:23:71:9f:19:13:88:bd:25:87:2c:4d:f5:
18:6e:2e:58:de:d7:7c:e6:bf:fb:1c:12:8c:3d:2b:5d:45:d2:
a1:e0:80:10:69:cb:ab:ad:13:60:61:5d:f6:56:b6:cf:82:1d:
a5:5c:1e:90:69:66:d7:eb:78:71:7b:2b:3c:bf:57:71:7b:fd:
b3:c7:b4:a0:2b:17:be:2f:7d:38:a2:5e:ae:f7:9a:33:e4:0c:
c9:f9:65:b2
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZfxfjEr8ijEQv0ZZVpd6aG6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwNzA5MjMyMTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTgxYjBkZTQyZmYxNDA3ZGIwYzEyMDk4ZTcyZjhkNjYzYjFlZDZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjh2aPleLWX55yGedtzhpHR0auDGX
AOzQJQAwKVCIV6wTh9EvLX68KIpP1wFNoL4aMfwiuvlfHRiUo/hyjaXW7tnCe6R0
GXJIEIEOKBIlJgHTSG42DY8WLcnoVoltoIDw9WVi6FTmqtoO+ctkCAjgw2OCgvLt
r022Ib6Aks1Wi7n0OTs5VPAqx3zf5qPcTAaU27lHnFnm4yJYCKbIMB9CdJi4Li8u
n5t6+nMUpIQRg6PpkQpg2CiEm2dM9nxBDyfUTMPq82pnmh/Fcfc2NS8nxNHtE0f/
WGLdkrSH9mBqdHo3y3ORuFX0mrgFOkW2x3TfJi077ThzZAWEeTeR+KeE/QIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFH6BsN5C/xQH2wwSCY5y+NZjse1rMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvZm9HdzNrTF9GQWZiREJJSmpuTDQxbU94N1dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAAtm/0D
BAAtm/4DBAAtndMDBAC5x5cDBAC5x9UwDAMEALndGQMEALndGgMEALn6GjANBgkq
hkiG9w0BAQsFAAOCAQEAY3XLnUsuHfRIa2zfkEvjFjtfa7ryBcvvBoJ3dEhjMyMC
6JREEMUMCohVka/+e/eu+WqN6OmgYeVHSkJBogka/ybknnhTBjMiYttEjHFT1Lyh
xoh2+qmydtRlqBEzORLz029lMN6D8JvW/ShwJos6oGhbjaIQiSZkm55jVsv3wiNs
2wNOLIudzWthokmEuEql/CbUnK6HCXYmaF+fF785jyWkQmxXyzmII3GfGROIvSWH
LE31GG4uWN7XfOa/+xwSjD0rXUXSoeCAEGnLq60TYGFd9la2z4IdpVwekGlm1+t4
cXsrPL9XcXv9s8e0oCsXvi99OKJerveaM+QMyfllsg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:25:38 2025 by rpki-client