Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/zwXNrT-kBuTImc2t6pwf8zPQy9I.roa
File: zwXNrT-kBuTImc2t6pwf8zPQy9I.roa (raw, json)
Hash identifier: KFbh9D5ysbWWAGVCYJIgu+zrmhPkQHRugrlyj4yVo0Y=
Subject key identifier: CF:05:CD:AD:3F:A4:06:E4:C8:99:CD:AD:EA:9C:1F:F3:33:D0:CB:D2
Certificate issuer: /CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Certificate serial: 01976F3696CB7ABDF5B7A4BD3768324E8A74
Authority key identifier: 3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/zwXNrT-kBuTImc2t6pwf8zPQy9I.roa
Signing time: Sat 14 Jun 2025 16:12:17 +0000
ROA not before: Sat 14 Jun 2025 16:12:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 37.0.72.0/21 maxlen: 24
Validation: Failed, certificate revoked on Sat 14 Jun 2025 19:04:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6f:36:96:cb:7a:bd:f5:b7:a4:bd:37:68:32:4e:8a:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec8c20e65dcd33ff8a5e3c30a645925c5c9f95f
Validity
Not Before: Jun 14 16:12:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf05cdad3fa406e4c899cdadea9c1ff333d0cbd2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:18:c9:22:fe:e6:31:cc:e3:cf:70:0f:32:ed:
1c:92:3f:9a:21:28:66:3c:e8:80:f2:7d:b1:47:15:
b5:3d:ca:0b:62:23:88:7e:57:77:77:38:b7:29:0d:
65:9e:41:10:7d:a5:10:c7:50:67:23:f3:b9:79:7d:
18:06:a5:0d:9f:e3:38:d3:98:81:ac:f5:c9:e3:dc:
da:16:6d:1d:a5:d1:c1:3d:ca:fb:96:f6:40:fc:0b:
a2:b9:6e:ba:26:17:62:f9:fa:3c:3c:22:af:84:19:
5b:ce:9f:86:57:3f:80:19:08:9f:f4:12:0a:13:1c:
4f:e1:69:26:be:7c:ca:ae:15:05:6b:ac:67:47:9b:
a0:18:7b:6f:9b:0a:d6:5f:7a:41:3a:25:a4:52:b7:
04:11:20:2b:6b:fa:5a:5e:31:a4:6e:70:d5:75:b8:
c3:5f:86:b8:ae:9c:f8:89:76:f6:0e:4b:08:88:17:
13:ac:41:ce:4c:10:97:bf:7c:21:f1:19:8a:16:45:
d7:fa:36:44:81:62:00:2c:0d:28:f5:d4:09:7c:d1:
c5:eb:de:e2:c7:21:76:9e:c4:b5:27:38:b6:f5:b5:
17:8a:7c:03:63:07:4d:3f:ac:d1:e9:cc:42:2b:7f:
08:cf:76:f4:58:f4:03:ee:b1:35:51:ce:55:8c:4a:
d4:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:05:CD:AD:3F:A4:06:E4:C8:99:CD:AD:EA:9C:1F:F3:33:D0:CB:D2
X509v3 Authority Key Identifier:
keyid:3E:C8:C2:0E:65:DC:D3:3F:F8:A5:E3:C3:0A:64:59:25:C5:C9:F9:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PsjCDmXc0z_4pePDCmRZJcXJ-V8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/zwXNrT-kBuTImc2t6pwf8zPQy9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/93f6ee-05ea-4f31-9af6-dfc5cc64a81e/1/PsjCDmXc0z_4pePDCmRZJcXJ-V8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.0.72.0/21
Signature Algorithm: sha256WithRSAEncryption
ad:ff:bf:55:12:7d:d0:67:3e:7f:5e:dd:ac:50:68:5f:a6:42:
4b:c0:b4:cc:ef:44:c7:4e:a5:74:b6:61:1d:8c:83:d7:fc:2f:
c9:1a:2a:85:e6:1e:2c:f7:28:6b:4e:9b:85:37:9d:22:1d:b3:
0d:c6:3d:7d:f9:fe:0d:30:8b:c9:62:9a:71:57:c0:d7:eb:9f:
d9:90:c9:be:8b:1e:ca:73:48:10:78:e6:9a:7e:28:35:e1:e2:
f3:9d:e3:40:22:d0:eb:2c:4a:0a:5c:17:97:9f:f1:96:46:80:
71:d3:09:dc:c2:8a:b4:63:5b:c9:1e:7d:41:37:c0:ab:df:e3:
19:45:cb:3e:5e:32:b5:a9:bb:dd:d3:6a:fc:97:09:0a:f8:05:
11:4f:34:79:f9:01:ec:7b:49:c2:d9:6f:a1:51:28:aa:9c:27:
b1:57:9e:ec:50:16:33:66:28:fe:2d:a6:16:3d:f9:12:68:9f:
b7:99:0a:78:e9:6a:03:cd:a2:a0:46:e1:22:9c:1d:57:5c:87:
82:98:99:0c:d6:fd:b6:79:1d:b6:19:e9:4b:52:fc:a5:e5:00:
50:45:98:99:20:99:e1:4b:fe:2a:32:7d:cc:68:60:54:c7:7a:
30:d0:b6:27:da:60:07:42:cc:bd:a7:d9:12:e6:9e:26:10:99:
2e:32:f7:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdvNpbLer31t6S9N2gyTop0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzhjMjBlNjVkY2QzM2ZmOGE1ZTNjMzBhNjQ1OTI1YzVj
OWY5NWYwHhcNMjUwNjE0MTYxMjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjA1Y2RhZDNmYTQwNmU0Yzg5OWNkYWRlYTljMWZmMzMzZDBjYmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhjJIv7mMczjz3APMu0ckj+aIShm
POiA8n2xRxW1PcoLYiOIfld3dzi3KQ1lnkEQfaUQx1BnI/O5eX0YBqUNn+M405iB
rPXJ49zaFm0dpdHBPcr7lvZA/AuiuW66Jhdi+fo8PCKvhBlbzp+GVz+AGQif9BIK
ExxP4WkmvnzKrhUFa6xnR5ugGHtvmwrWX3pBOiWkUrcEESAra/paXjGkbnDVdbjD
X4a4rpz4iXb2DksIiBcTrEHOTBCXv3wh8RmKFkXX+jZEgWIALA0o9dQJfNHF697i
xyF2nsS1Jzi29bUXinwDYwdNP6zR6cxCK38Iz3b0WPQD7rE1Uc5VjErUIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8Fza0/pAbkyJnNreqcH/Mz0MvSMB8GA1UdIwQY
MBaAFD7Iwg5l3NM/+KXjwwpkWSXFyflfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNqQ0RtWGMwel80cGVQRENtUlpKY1hKLVY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85M2Y2ZWUtMDVlYS00ZjMxLTlhZjYt
ZGZjNWNjNjRhODFlLzEvendYTnJULWtCdVRJbWMydDZwd2Y4elBReTlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85M2Y2ZWUtMDVlYS00ZjMxLTlhZjYtZGZjNWNjNjRhODFl
LzEvUHNqQ0RtWGMwel80cGVQRENtUlpKY1hKLVY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJQBIMA0G
CSqGSIb3DQEBCwUAA4IBAQCt/79VEn3QZz5/Xt2sUGhfpkJLwLTM70THTqV0tmEd
jIPX/C/JGiqF5h4s9yhrTpuFN50iHbMNxj19+f4NMIvJYppxV8DX65/ZkMm+ix7K
c0gQeOaafig14eLzneNAItDrLEoKXBeXn/GWRoBx0wncwoq0Y1vJHn1BN8Cr3+MZ
Rcs+XjK1qbvd02r8lwkK+AURTzR5+QHse0nC2W+hUSiqnCexV57sUBYzZij+LaYW
PfkSaJ+3mQp46WoDzaKgRuEinB1XXIeCmJkM1v22eR22GelLUvyl5QBQRZiZIJnh
S/4qMn3MaGBUx3ow0LYn2mAHQsy9p9kS5p4mEJkuMvdA
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:41:20 2025 by rpki-client