Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/dt8oqZT6LVwOYEfYPRL9fPq_8ZY.roa
File: dt8oqZT6LVwOYEfYPRL9fPq_8ZY.roa (raw, json)
Hash identifier: t7uGyxre//znS4mbJ1FGezZXt43mAcSJ7Pb4H+HoSH0=
Subject key identifier: 76:DF:28:A9:94:FA:2D:5C:0E:60:47:D8:3D:12:FD:7C:FA:BF:F1:96
Certificate issuer: /CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Certificate serial: 0197DF5200402D2146374E8C4D4822294B68
Authority key identifier: A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/dt8oqZT6LVwOYEfYPRL9fPq_8ZY.roa
Signing time: Sun 06 Jul 2025 10:39:42 +0000
ROA not before: Sun 06 Jul 2025 10:39:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152179
IP address blocks: 46.236.204.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Jul 2025 07:35:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:df:52:00:40:2d:21:46:37:4e:8c:4d:48:22:29:4b:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2b12e8df3abd5559f9cf9680af65dd16589de86
Validity
Not Before: Jul 6 10:39:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76df28a994fa2d5c0e6047d83d12fd7cfabff196
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6d:97:aa:8b:7e:86:af:5c:05:b1:65:b5:df:
f5:fa:47:40:3c:79:63:b6:0b:bb:8c:31:22:4f:22:
8a:0a:0c:81:f0:fb:12:4e:e9:f7:c9:58:d3:66:93:
fe:0d:2a:f8:ff:e0:63:3b:28:be:52:c6:38:ba:cb:
4b:90:f6:84:86:7d:a3:16:8e:d0:7f:3f:4e:1e:3a:
55:7a:14:1d:3c:3e:ff:ca:3a:df:ef:07:38:85:16:
68:61:8a:ba:a4:37:ae:75:86:97:2e:81:69:22:db:
a9:b9:9e:bb:c9:64:f7:66:4a:1b:8d:ab:d0:b6:9e:
d9:a7:78:7a:da:5a:c0:5b:ca:93:27:18:77:60:9e:
09:05:57:17:e0:0c:35:8b:a3:ed:24:5d:2b:43:85:
eb:0d:df:04:04:0c:45:0e:c9:0d:a9:3d:c4:92:c7:
06:d0:6b:7a:0d:10:a3:7c:86:62:95:a6:b9:57:6a:
69:62:0a:87:06:b3:29:e7:5d:6c:bc:4a:ec:30:fb:
8e:d0:7e:44:6d:ac:d1:ac:b4:04:03:ae:b7:e5:a5:
96:8c:4c:c6:bd:63:f2:dc:3d:cd:77:6d:30:a9:bb:
34:de:e0:4f:40:2c:e2:19:41:d8:d2:8b:4c:a7:55:
9a:3c:6a:43:c5:2d:de:37:fa:0a:19:af:39:38:bb:
f4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:DF:28:A9:94:FA:2D:5C:0E:60:47:D8:3D:12:FD:7C:FA:BF:F1:96
X509v3 Authority Key Identifier:
keyid:A2:B1:2E:8D:F3:AB:D5:55:9F:9C:F9:68:0A:F6:5D:D1:65:89:DE:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/orEujfOr1VWfnPloCvZd0WWJ3oY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/dt8oqZT6LVwOYEfYPRL9fPq_8ZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ec44ea-ef43-4b3a-a69a-b4cb637da8c3/1/orEujfOr1VWfnPloCvZd0WWJ3oY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.236.204.0/23
Signature Algorithm: sha256WithRSAEncryption
62:07:4e:95:08:a9:1b:e7:6b:e2:a2:29:4f:1e:80:f9:07:df:
17:52:bc:9f:4b:3b:85:d1:72:e4:f1:34:d3:ce:fd:87:d6:86:
ea:b8:fd:ae:7d:74:83:f9:ae:3c:f1:c9:94:64:c0:f6:9e:92:
16:90:cb:70:dd:4f:96:f0:20:87:f0:10:4b:c9:af:02:fa:04:
4a:8f:30:bb:1d:f3:e9:2e:75:a4:f0:3c:86:0d:21:15:35:62:
09:1d:65:70:dd:f7:a2:3e:96:7d:7f:1c:3c:d0:b4:b8:5c:a8:
91:e3:1d:95:0e:0f:ae:15:22:cb:52:b0:b3:88:0a:34:20:9a:
32:87:d5:38:2b:45:0d:f5:5c:74:61:99:0c:e7:01:04:50:1f:
fe:9e:4e:f2:28:62:99:71:35:4c:f8:ca:02:a9:7e:12:d8:b0:
1e:ed:f1:aa:53:b3:85:cf:a8:f2:14:b1:c2:87:e7:eb:b7:4f:
fe:cf:fd:53:8e:98:cd:e4:bc:e0:2f:34:74:d4:56:44:fe:d3:
bd:c1:37:4b:07:d2:ac:af:cd:ce:94:90:52:8a:ee:5f:0b:0a:
c2:64:9f:64:a7:f5:72:fd:48:83:66:69:47:c0:1a:ff:6e:ff:
d7:30:c0:58:d3:ac:79:88:2b:3b:a1:e0:18:c2:5e:8e:9b:fd:
4c:20:f8:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZffUgBALSFGN06MTUgiKUtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyYjEyZThkZjNhYmQ1NTU5ZjljZjk2ODBhZjY1ZGQxNjU4
OWRlODYwHhcNMjUwNzA2MTAzOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmRmMjhhOTk0ZmEyZDVjMGU2MDQ3ZDgzZDEyZmQ3Y2ZhYmZmMTk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5W2Xqot+hq9cBbFltd/1+kdAPHlj
tgu7jDEiTyKKCgyB8PsSTun3yVjTZpP+DSr4/+BjOyi+UsY4ustLkPaEhn2jFo7Q
fz9OHjpVehQdPD7/yjrf7wc4hRZoYYq6pDeudYaXLoFpItupuZ67yWT3ZkobjavQ
tp7Zp3h62lrAW8qTJxh3YJ4JBVcX4Aw1i6PtJF0rQ4XrDd8EBAxFDskNqT3EkscG
0Gt6DRCjfIZilaa5V2ppYgqHBrMp511svErsMPuO0H5EbazRrLQEA6635aWWjEzG
vWPy3D3Nd20wqbs03uBPQCziGUHY0otMp1WaPGpDxS3eN/oKGa85OLv0vwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHbfKKmU+i1cDmBH2D0S/Xz6v/GWMB8GA1UdIwQY
MBaAFKKxLo3zq9VVn5z5aAr2XdFlid6GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEt
YjRjYjYzN2RhOGMzLzEvZHQ4b3FaVDZMVndPWUVmWVBSTDlmUHFfOFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9lYzQ0ZWEtZWY0My00YjNhLWE2OWEtYjRjYjYzN2RhOGMz
LzEvb3JFdWpmT3IxVldmblBsb0N2WmQwV1dKM29ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLuzMMA0G
CSqGSIb3DQEBCwUAA4IBAQBiB06VCKkb52vioilPHoD5B98XUryfSzuF0XLk8TTT
zv2H1obquP2ufXSD+a488cmUZMD2npIWkMtw3U+W8CCH8BBLya8C+gRKjzC7HfPp
LnWk8DyGDSEVNWIJHWVw3feiPpZ9fxw80LS4XKiR4x2VDg+uFSLLUrCziAo0IJoy
h9U4K0UN9Vx0YZkM5wEEUB/+nk7yKGKZcTVM+MoCqX4S2LAe7fGqU7OFz6jyFLHC
h+frt0/+z/1TjpjN5LzgLzR01FZE/tO9wTdLB9Ksr83OlJBSiu5fCwrCZJ9kp/Vy
/UiDZmlHwBr/bv/XMMBY06x5iCs7oeAYwl6Om/1MIPgm
-----END CERTIFICATE-----
Generated at Fri Jul 25 17:24:07 2025 by rpki-client