Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/A3Z6DC-jLqwyRajIkhiHGgiQ-ws.roa
File: A3Z6DC-jLqwyRajIkhiHGgiQ-ws.roa (raw, json)
Hash identifier: cpjz4QgHln6z/w8NP1IfCpQMAmaoR8hmeO/Kqyh6Ip8=
Subject key identifier: 03:76:7A:0C:2F:A3:2E:AC:32:45:A8:C8:92:18:87:1A:08:90:FB:0B
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0194D0DFF8AE73989A4C8CA038241B238E95
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/A3Z6DC-jLqwyRajIkhiHGgiQ-ws.roa
Signing time: Tue 04 Feb 2025 12:12:06 +0000
ROA not before: Tue 04 Feb 2025 12:12:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9232
IP address blocks: 87.229.31.0/24 maxlen: 24
87.229.97.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Apr 2025 08:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d0:df:f8:ae:73:98:9a:4c:8c:a0:38:24:1b:23:8e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 4 12:12:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03767a0c2fa32eac3245a8c89218871a0890fb0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:9d:8e:e0:3f:94:94:a2:e1:43:7d:17:cc:34:
d9:a8:48:d1:bb:a8:fd:98:5d:e1:2a:2f:9f:07:ed:
d7:50:bf:70:e9:b6:20:11:ff:29:e2:f3:fb:45:bb:
83:c7:17:a2:73:09:5d:9b:90:e5:dd:3d:14:aa:7a:
84:4a:b5:7a:db:d0:af:59:7c:d7:90:74:0d:95:08:
72:85:9a:c2:13:55:69:a5:0d:77:53:24:69:dc:6d:
c0:dd:65:14:2a:76:74:6f:c1:49:56:2b:62:70:cd:
02:e2:b3:7c:a9:c2:a8:50:a2:c6:0f:f3:55:7e:1f:
0d:90:56:0c:86:5d:f0:77:fc:7d:f4:4d:15:cc:7f:
8c:eb:c5:6c:5f:c4:52:d0:ac:ef:31:bd:43:30:4b:
de:00:03:73:80:2c:08:72:65:2a:8d:23:15:67:11:
fc:8d:1d:97:19:9d:31:22:ab:40:81:9b:73:bd:12:
97:ae:87:df:ae:2e:a2:d5:9b:87:a6:b6:f9:09:b9:
a1:fb:ce:36:24:23:7c:d6:c2:75:e6:a7:71:a5:70:
7c:cb:8f:5f:a4:81:d6:36:30:8b:5e:7f:a4:26:66:
b6:10:c6:21:df:07:f1:50:b5:54:da:61:45:90:a7:
9d:56:31:31:a8:04:60:9d:c0:2d:29:f4:6f:93:8a:
fe:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:76:7A:0C:2F:A3:2E:AC:32:45:A8:C8:92:18:87:1A:08:90:FB:0B
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/A3Z6DC-jLqwyRajIkhiHGgiQ-ws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.31.0/24
87.229.97.0/24
Signature Algorithm: sha256WithRSAEncryption
62:af:a2:e7:39:e0:22:a3:a8:97:94:bb:31:4c:a9:37:c6:68:
51:ec:42:58:c0:f8:ac:ba:54:e4:67:81:73:71:09:74:88:29:
de:4f:ae:12:36:70:90:9b:d1:66:fa:b1:38:bc:5e:2f:a4:b6:
d2:f5:15:e2:44:7a:b1:7e:2b:0a:b8:86:45:d6:8a:f8:61:ee:
14:7d:95:18:bf:48:ad:e1:28:98:7f:68:d0:c4:80:cf:1b:f4:
17:50:ca:39:2b:97:c7:c4:86:f1:ed:f2:8f:76:ff:f8:50:ee:
2a:76:97:cb:4e:04:63:c4:d3:1a:25:4a:7c:73:09:d6:87:43:
9e:17:30:f4:5d:39:54:81:91:7d:38:53:95:1d:ad:e4:86:08:
28:e1:cc:53:1e:f2:96:6c:32:a2:a0:e2:b9:55:d2:f0:e0:0c:
75:37:57:e2:f3:74:30:87:4a:53:3a:92:38:ce:79:e5:35:05:
51:e2:07:a8:28:5a:57:b2:2f:f7:38:95:19:d6:16:cd:ed:3c:
95:7b:20:44:98:16:01:e3:06:d4:c3:85:99:5c:5f:cd:da:db:
e0:86:d2:82:b7:6d:f2:b8:da:9b:19:90:94:b5:4f:84:d8:bb:
47:a6:5f:75:85:68:b9:3c:d0:a2:c2:01:50:ea:dc:32:b5:ef:
c7:79:e9:b4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTQ3/iuc5iaTIygOCQbI46VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMjA0MTIxMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzc2N2EwYzJmYTMyZWFjMzI0NWE4Yzg5MjE4ODcxYTA4OTBmYjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqp2O4D+UlKLhQ30XzDTZqEjRu6j9
mF3hKi+fB+3XUL9w6bYgEf8p4vP7RbuDxxeicwldm5Dl3T0UqnqESrV629CvWXzX
kHQNlQhyhZrCE1VppQ13UyRp3G3A3WUUKnZ0b8FJViticM0C4rN8qcKoUKLGD/NV
fh8NkFYMhl3wd/x99E0VzH+M68VsX8RS0KzvMb1DMEveAANzgCwIcmUqjSMVZxH8
jR2XGZ0xIqtAgZtzvRKXroffri6i1ZuHprb5Cbmh+842JCN81sJ15qdxpXB8y49f
pIHWNjCLXn+kJma2EMYh3wfxULVU2mFFkKedVjExqARgncAtKfRvk4r++QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAN2egwvoy6sMkWoyJIYhxoIkPsLMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvQTNaNkRDLWpMcXd5UmFqSWtoaUhHZ2lRLXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAV+UfAwQA
V+VhMA0GCSqGSIb3DQEBCwUAA4IBAQBir6LnOeAio6iXlLsxTKk3xmhR7EJYwPis
ulTkZ4FzcQl0iCneT64SNnCQm9Fm+rE4vF4vpLbS9RXiRHqxfisKuIZF1or4Ye4U
fZUYv0it4SiYf2jQxIDPG/QXUMo5K5fHxIbx7fKPdv/4UO4qdpfLTgRjxNMaJUp8
cwnWh0OeFzD0XTlUgZF9OFOVHa3khggo4cxTHvKWbDKioOK5VdLw4Ax1N1fi83Qw
h0pTOpI4znnlNQVR4geoKFpXsi/3OJUZ1hbN7TyVeyBEmBYB4wbUw4WZXF/N2tvg
htKCt23yuNqbGZCUtU+E2LtHpl91hWi5PNCiwgFQ6twyte/Heem0
-----END CERTIFICATE-----
Generated at Sun Apr 6 01:13:29 2025 by rpki-client