Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/8lUAyQjwhEc0zLLEdh6fi9UegM8.roa
File: 8lUAyQjwhEc0zLLEdh6fi9UegM8.roa (raw, json)
Hash identifier: zwq1lSFc+fhMgU+XcNEuIxnlC/uQkcaYyvy0ZBKM2Ms=
Subject key identifier: F2:55:00:C9:08:F0:84:47:34:CC:B2:C4:76:1E:9F:8B:D5:1E:80:CF
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019781A70BF8C8D802331618EB497E9AE533
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/8lUAyQjwhEc0zLLEdh6fi9UegM8.roa
Signing time: Wed 18 Jun 2025 06:08:17 +0000
ROA not before: Wed 18 Jun 2025 06:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.208.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 21 Jun 2025 21:10:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:81:a7:0b:f8:c8:d8:02:33:16:18:eb:49:7e:9a:e5:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 18 06:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f25500c908f0844734ccb2c4761e9f8bd51e80cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:7c:01:47:41:26:21:43:7e:2f:a1:14:0c:39:
2a:5d:7a:79:33:c6:26:52:c0:3a:63:82:a5:8d:27:
16:ad:b0:c0:c3:2a:f7:4a:da:a5:d6:0f:be:d6:f8:
17:36:9f:6a:9d:bc:d1:21:0d:a1:ce:24:1e:54:91:
14:7a:5b:c7:7b:03:41:fe:68:08:be:26:e8:8c:e4:
3f:bb:95:e2:d6:9b:f5:fe:b9:a6:34:5f:0a:e3:41:
df:fd:d5:b2:00:f2:e8:cd:e9:d0:45:ff:f7:b3:02:
d2:01:4e:85:a9:e0:53:00:9b:d1:ff:31:6c:da:72:
1a:cd:96:62:55:ef:d8:bf:fb:a0:16:05:f6:79:f7:
62:a5:e8:e1:d4:c4:9c:2a:db:16:b8:52:b0:bd:2d:
3c:6b:ff:f3:fe:38:41:97:cc:8b:5b:56:96:b7:6d:
90:8f:d0:ff:45:46:bb:7c:52:ac:8f:7c:22:e7:b6:
7c:c5:f5:fb:dd:8b:45:e2:29:fd:5a:e0:68:29:06:
dd:9e:72:b1:9e:bc:53:20:36:b7:0e:8b:c0:e9:a6:
0d:bc:fe:25:79:21:f6:9f:c0:db:46:7a:0d:7e:74:
5e:01:a9:d8:4d:33:03:e0:f8:c4:35:d5:77:6e:ba:
20:f0:dd:43:58:21:c5:83:e9:a2:2f:35:9f:b3:f6:
c6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:55:00:C9:08:F0:84:47:34:CC:B2:C4:76:1E:9F:8B:D5:1E:80:CF
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/8lUAyQjwhEc0zLLEdh6fi9UegM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.208.0/24
87.229.8.0/22
87.229.23.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:0d:46:d7:0a:41:25:ab:46:b8:80:78:59:f4:bd:29:3f:18:
db:15:97:83:15:cf:77:06:ed:28:2a:13:a7:d6:d6:73:57:ed:
2c:be:f2:ff:2a:ef:38:62:6a:33:61:14:e7:40:56:79:0e:61:
96:2a:9f:2f:16:35:7d:51:57:e9:14:c3:92:9e:84:a0:f1:2c:
db:da:0e:91:13:2d:f0:e1:36:b1:ea:54:ba:4d:5a:03:c6:37:
d8:74:c6:ff:3b:60:cf:2d:a9:b8:95:31:06:c5:da:73:f5:38:
d1:de:32:e5:80:46:92:fd:6e:82:56:a2:91:6d:45:c3:90:f1:
04:93:3f:61:0c:97:54:b2:08:41:11:95:ca:29:95:68:ee:d4:
2f:68:43:98:25:34:6e:2f:e7:e5:06:e8:3e:b4:c4:04:76:b4:
84:86:98:9f:5a:4a:27:6d:98:c8:87:ba:68:ef:ea:b6:5d:0e:
c2:3d:22:48:b4:30:72:e9:e9:17:ef:37:a2:79:05:eb:c1:62:
a9:2b:1c:df:90:dc:b6:ee:e5:b4:93:4a:e9:79:3a:52:80:d9:
5e:33:21:3a:6d:49:b3:8b:e4:97:e4:63:bc:b4:52:27:6a:58:
74:eb:24:59:99:53:d8:a9:2c:c1:2b:7b:a2:b7:ae:42:61:69:
a1:df:a8:a0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZeBpwv4yNgCMxYY60l+muUzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjE4MDYwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjU1MDBjOTA4ZjA4NDQ3MzRjY2IyYzQ3NjFlOWY4YmQ1MWU4MGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3wBR0EmIUN+L6EUDDkqXXp5M8Ym
UsA6Y4KljScWrbDAwyr3Stql1g++1vgXNp9qnbzRIQ2hziQeVJEUelvHewNB/mgI
vibojOQ/u5Xi1pv1/rmmNF8K40Hf/dWyAPLozenQRf/3swLSAU6FqeBTAJvR/zFs
2nIazZZiVe/Yv/ugFgX2efdipejh1MScKtsWuFKwvS08a//z/jhBl8yLW1aWt22Q
j9D/RUa7fFKsj3wi57Z8xfX73YtF4in9WuBoKQbdnnKxnrxTIDa3DovA6aYNvP4l
eSH2n8DbRnoNfnReAanYTTMD4PjENdV3brog8N1DWCHFg+miLzWfs/bGYwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPJVAMkI8IRHNMyyxHYen4vVHoDPMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvOGxVQXlRandoRWMwekxMRWRoNmZpOVVlZ004LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAT6zQAwQC
V+UIAwQAV+UXMA0GCSqGSIb3DQEBCwUAA4IBAQAdDUbXCkElq0a4gHhZ9L0pPxjb
FZeDFc93Bu0oKhOn1tZzV+0svvL/Ku84YmozYRTnQFZ5DmGWKp8vFjV9UVfpFMOS
noSg8Szb2g6REy3w4Tax6lS6TVoDxjfYdMb/O2DPLam4lTEGxdpz9TjR3jLlgEaS
/W6CVqKRbUXDkPEEkz9hDJdUsghBEZXKKZVo7tQvaEOYJTRuL+flBug+tMQEdrSE
hpifWkonbZjIh7po7+q2XQ7CPSJItDBy6ekX7zeieQXrwWKpKxzfkNy27uW0k0rp
eTpSgNleMyE6bUmzi+SX5GO8tFInalh06yRZmVPYqSzBK3uit65CYWmh36ig
-----END CERTIFICATE-----
Generated at Sat Jul 26 19:44:11 2025 by rpki-client