Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/BXfAHBKb2WHXUDbPo8UngM-41PQ.roa
File: BXfAHBKb2WHXUDbPo8UngM-41PQ.roa (raw, json)
Hash identifier: 5zLoIFqC6QDZSbwZOZg9PiLUnXBF7aSIIBaKJfywnyM=
Subject key identifier: 05:77:C0:1C:12:9B:D9:61:D7:50:36:CF:A3:C5:27:80:CF:B8:D4:F4
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 01977339CF37F8482B9739A81B936F98BE6A
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/BXfAHBKb2WHXUDbPo8UngM-41PQ.roa
Signing time: Sun 15 Jun 2025 10:54:17 +0000
ROA not before: Sun 15 Jun 2025 10:54:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.208.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.79.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 16 Jun 2025 06:33:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:73:39:cf:37:f8:48:2b:97:39:a8:1b:93:6f:98:be:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 15 10:54:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0577c01c129bd961d75036cfa3c52780cfb8d4f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:08:c5:72:05:57:b5:cc:66:96:c4:30:c2:22:
77:05:c9:70:96:f9:db:d6:b4:e5:e4:32:e9:0d:df:
e2:e9:5f:14:31:10:df:8e:71:45:f8:3d:11:16:b6:
d2:18:75:e9:57:99:ac:44:8e:5d:eb:da:5d:19:02:
b7:26:17:6a:a3:e9:1f:bd:e9:98:9b:96:ce:2d:49:
85:39:7c:df:7b:cf:45:17:8e:7b:c0:14:8f:84:e9:
57:ed:27:be:fc:a8:1a:eb:84:7d:d0:d2:6a:a2:4f:
43:4c:9d:8b:ca:10:01:b7:0d:3e:cf:a9:97:f9:76:
0c:71:29:4d:ca:61:16:b4:84:5f:9e:72:66:68:9f:
3f:48:51:9b:42:c4:9b:ad:30:f2:07:3c:eb:20:54:
e0:97:50:22:39:62:31:08:d3:19:f9:a0:9d:3c:5a:
9a:7f:3b:fd:c7:5b:1a:7a:64:ae:1c:1e:ff:4c:1d:
e0:b6:cb:ca:f6:ab:64:a3:11:e7:5c:22:ea:36:a2:
83:1e:7d:04:d4:54:76:86:c3:50:a5:da:47:51:5f:
da:40:3c:97:84:b3:37:df:95:37:5d:8f:54:bc:07:
b1:40:56:4a:67:49:b9:75:c4:c7:0a:fa:24:9b:97:
21:86:71:13:80:c3:6c:18:cf:b9:63:18:34:82:84:
a5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:77:C0:1C:12:9B:D9:61:D7:50:36:CF:A3:C5:27:80:CF:B8:D4:F4
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/BXfAHBKb2WHXUDbPo8UngM-41PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.208.0/24
79.172.228.0/24
87.229.8.0/22
87.229.79.0/24
Signature Algorithm: sha256WithRSAEncryption
71:01:2e:e1:c0:50:38:9e:22:db:5e:35:3f:eb:8e:4c:5c:9f:
32:1f:49:6c:d9:9d:5e:c0:f9:7b:63:72:87:4f:72:ac:46:27:
11:3c:3e:a8:05:df:39:aa:ee:e4:62:ae:0d:5d:be:67:8c:19:
3d:87:fa:13:68:dd:e4:2a:3a:dd:22:e9:38:b6:2d:de:9c:16:
ae:86:40:65:91:df:a3:3a:cc:8f:f0:e5:a7:51:ff:59:f6:04:
dc:b5:29:21:70:30:6f:e3:e1:dd:f6:4a:cc:21:1e:c4:59:00:
85:1e:e4:06:fa:bb:9b:94:e0:69:a5:cf:7b:ac:c9:7b:c9:b4:
80:1f:a1:d0:60:bf:1a:84:73:dc:82:4c:b8:24:e9:ea:49:41:
72:ff:4f:e2:2f:a1:8c:a6:68:38:b0:49:58:e8:0c:9c:77:7a:
76:6f:60:4a:e2:de:08:1e:07:2a:43:72:5b:8f:be:ae:16:58:
ba:f5:7e:3e:b1:37:d4:b8:da:76:1b:73:d0:9e:7d:10:07:d0:
86:44:7a:0b:6f:ab:15:1c:37:7f:0f:59:ec:c0:42:af:5e:c9:
fc:d4:62:4b:0f:a9:a7:00:0a:83:cd:fb:81:54:32:f3:ef:9f:
8b:8e:d4:35:3b:49:3b:56:7d:5e:e9:0a:88:5f:d5:02:dd:b0:
12:19:a4:1d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZdzOc83+EgrlzmoG5NvmL5qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjE1MTA1NDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTc3YzAxYzEyOWJkOTYxZDc1MDM2Y2ZhM2M1Mjc4MGNmYjhkNGY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAjFcgVXtcxmlsQwwiJ3Bclwlvnb
1rTl5DLpDd/i6V8UMRDfjnFF+D0RFrbSGHXpV5msRI5d69pdGQK3Jhdqo+kfvemY
m5bOLUmFOXzfe89FF457wBSPhOlX7Se+/Kga64R90NJqok9DTJ2LyhABtw0+z6mX
+XYMcSlNymEWtIRfnnJmaJ8/SFGbQsSbrTDyBzzrIFTgl1AiOWIxCNMZ+aCdPFqa
fzv9x1saemSuHB7/TB3gtsvK9qtkoxHnXCLqNqKDHn0E1FR2hsNQpdpHUV/aQDyX
hLM335U3XY9UvAexQFZKZ0m5dcTHCvokm5chhnETgMNsGM+5Yxg0goSl5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAV3wBwSm9lh11A2z6PFJ4DPuNT0MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvQlhmQUhCS2IyV0hYVURiUG84VW5nTS00MVBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT6zQAwQA
T6zkAwQCV+UIAwQAV+VPMA0GCSqGSIb3DQEBCwUAA4IBAQBxAS7hwFA4niLbXjU/
645MXJ8yH0ls2Z1ewPl7Y3KHT3KsRicRPD6oBd85qu7kYq4NXb5njBk9h/oTaN3k
KjrdIuk4ti3enBauhkBlkd+jOsyP8OWnUf9Z9gTctSkhcDBv4+Hd9krMIR7EWQCF
HuQG+rublOBppc97rMl7ybSAH6HQYL8ahHPcgky4JOnqSUFy/0/iL6GMpmg4sElY
6Aycd3p2b2BK4t4IHgcqQ3Jbj76uFli69X4+sTfUuNp2G3PQnn0QB9CGRHoLb6sV
HDd/D1nswEKvXsn81GJLD6mnAAqDzfuBVDLz75+LjtQ1O0k7Vn1e6QqIX9UC3bAS
GaQd
-----END CERTIFICATE-----
Generated at Sat Jul 26 19:44:26 2025 by rpki-client