Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/07zKKpWIzTf3YtVr8zdOuOAYfsE.roa
File: 07zKKpWIzTf3YtVr8zdOuOAYfsE.roa (raw, json)
Hash identifier: 7xOB8ad4eZ9a3Rw3lyfmLM+B6MPMGMF0oGfo66Ys7xY=
Subject key identifier: D3:BC:CA:2A:95:88:CD:37:F7:62:D5:6B:F3:37:4E:B8:E0:18:7E:C1
Certificate issuer: /CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Certificate serial: 019824015D72A109AF841015A27AE8FEA64D
Authority key identifier: D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/07zKKpWIzTf3YtVr8zdOuOAYfsE.roa
Signing time: Sat 19 Jul 2025 18:45:25 +0000
ROA not before: Sat 19 Jul 2025 18:45:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213835
IP address blocks: 45.153.182.0/23 maxlen: 24
91.220.176.0/24 maxlen: 24
94.154.134.0/23 maxlen: 24
185.4.236.0/24 maxlen: 24
185.4.237.0/24 maxlen: 24
185.4.238.0/23 maxlen: 24
185.83.72.0/22 maxlen: 24
185.106.36.0/24 maxlen: 24
185.117.35.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Jul 2025 21:17:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:24:01:5d:72:a1:09:af:84:10:15:a2:7a:e8:fe:a6:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3600cbafd26fee5064fc89f301dfc8e3c1d3ca5
Validity
Not Before: Jul 19 18:45:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3bcca2a9588cd37f762d56bf3374eb8e0187ec1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:57:d3:77:c2:bf:6a:0f:b5:26:83:6e:00:68:
27:9e:31:a1:58:db:ee:f9:36:2d:c9:f6:ff:b1:e5:
35:9d:5e:c9:9b:82:fd:91:e9:6d:91:12:fe:85:2c:
e7:db:e0:26:f8:6b:40:11:24:c8:5c:80:a2:1c:c4:
e6:4c:db:c3:cf:5c:55:e2:91:e0:50:28:f3:e6:67:
0a:f2:98:e5:bb:f2:07:fe:a6:18:75:55:b9:4b:34:
db:0b:05:ff:2f:8d:44:61:f0:2e:3b:6e:2f:8b:79:
69:45:fc:2c:b6:db:d4:92:a8:a0:71:73:4f:ac:f2:
0d:ae:8e:b5:78:2c:97:58:b5:54:f1:9f:23:c4:71:
36:85:0f:94:0f:92:4b:99:bd:66:30:35:57:73:63:
6e:8e:3b:ab:3b:53:a0:6c:2b:5d:f1:83:40:08:19:
92:35:81:bd:46:bf:86:c7:b3:c9:e4:ca:4c:93:d1:
1c:4b:18:44:2a:5b:bc:4d:17:bf:ad:2c:af:45:d3:
78:3a:0c:ae:93:7e:0a:d1:a3:04:a2:cf:fd:c3:7e:
93:6f:ed:b0:1b:59:44:13:c1:99:43:6f:40:fb:c4:
63:f9:8e:cb:2b:f5:e1:48:69:4b:96:08:2b:71:08:
50:72:a7:bc:6c:aa:17:63:f6:8d:c8:b5:3d:66:f7:
02:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:BC:CA:2A:95:88:CD:37:F7:62:D5:6B:F3:37:4E:B8:E0:18:7E:C1
X509v3 Authority Key Identifier:
keyid:D3:60:0C:BA:FD:26:FE:E5:06:4F:C8:9F:30:1D:FC:8E:3C:1D:3C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/02AMuv0m_uUGT8ifMB38jjwdPKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/07zKKpWIzTf3YtVr8zdOuOAYfsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/b70658-e1dc-4944-a06b-1c680adf7a26/1/02AMuv0m_uUGT8ifMB38jjwdPKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.182.0/23
91.220.176.0/24
94.154.134.0/23
185.4.236.0/22
185.83.72.0/22
185.106.36.0/24
185.117.35.0/24
Signature Algorithm: sha256WithRSAEncryption
79:7f:2c:0a:7f:18:2f:49:2f:8d:67:d6:e3:b2:2e:ec:16:55:
d9:a3:c9:a2:6e:1b:a9:03:e0:02:bd:a9:41:d4:b1:6c:32:e5:
d7:ee:f3:74:92:02:69:c2:4d:e7:b4:0b:d7:af:64:03:ed:ca:
63:74:33:32:c1:fb:2d:a2:ce:06:9d:20:da:45:9f:b7:41:c9:
e4:6f:67:3f:6f:c4:74:c9:a2:1e:ad:b0:78:81:11:18:b6:98:
8e:81:8f:c9:d2:ad:12:1c:ae:a8:40:e4:98:d6:a4:e1:ba:bd:
2c:7b:90:18:9e:b1:c2:ee:7b:35:a4:50:5d:d8:77:2b:9e:c0:
2d:72:39:28:f0:d3:4c:b7:36:5b:5f:0f:83:6e:96:35:61:75:
93:d1:d1:3f:07:72:8b:70:07:3e:dd:db:20:8f:30:ae:91:e6:
e3:7c:f1:4f:a3:8c:b5:66:97:66:81:df:f6:81:db:b9:a8:bd:
f0:a5:d8:e8:fa:e2:f1:1a:65:e9:dc:e1:96:1f:13:2a:c3:1a:
3d:d8:a8:0a:73:6f:b6:b8:71:40:07:ee:15:81:47:f1:32:bb:
b8:77:b4:d2:2b:e7:16:e7:b7:e1:c3:0a:a8:a1:19:d7:a5:4d:
b7:45:df:33:86:a9:f9:51:0d:c4:c2:2f:3e:a1:0e:ca:0a:b0:
2c:9f:45:14
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZgkAV1yoQmvhBAVonro/qZNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNjAwY2JhZmQyNmZlZTUwNjRmYzg5ZjMwMWRmYzhlM2Mx
ZDNjYTUwHhcNMjUwNzE5MTg0NTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2JjY2EyYTk1ODhjZDM3Zjc2MmQ1NmJmMzM3NGViOGUwMTg3ZWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1fTd8K/ag+1JoNuAGgnnjGhWNvu
+TYtyfb/seU1nV7Jm4L9keltkRL+hSzn2+Am+GtAESTIXICiHMTmTNvDz1xV4pHg
UCjz5mcK8pjlu/IH/qYYdVW5SzTbCwX/L41EYfAuO24vi3lpRfwsttvUkqigcXNP
rPINro61eCyXWLVU8Z8jxHE2hQ+UD5JLmb1mMDVXc2NujjurO1OgbCtd8YNACBmS
NYG9Rr+Gx7PJ5MpMk9EcSxhEKlu8TRe/rSyvRdN4Ogyuk34K0aMEos/9w36Tb+2w
G1lEE8GZQ29A+8Rj+Y7LK/XhSGlLlggrcQhQcqe8bKoXY/aNyLU9ZvcCSQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNO8yiqViM0392LVa/M3TrjgGH7BMB8GA1UdIwQY
MBaAFNNgDLr9Jv7lBk/InzAd/I48HTylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmIt
MWM2ODBhZGY3YTI2LzEvMDd6S0twV0l6VGYzWXRWcjh6ZE91T0FZZnNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9iNzA2NTgtZTFkYy00OTQ0LWEwNmItMWM2ODBhZGY3YTI2
LzEvMDJBTXV2MG1fdVVHVDhpZk1CMzhqandkUEtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQBLZm2AwQA
W9ywAwQBXpqGAwQCuQTsAwQCuVNIAwQAuWokAwQAuXUjMA0GCSqGSIb3DQEBCwUA
A4IBAQB5fywKfxgvSS+NZ9bjsi7sFlXZo8mibhupA+ACvalB1LFsMuXX7vN0kgJp
wk3ntAvXr2QD7cpjdDMywfstos4GnSDaRZ+3Qcnkb2c/b8R0yaIerbB4gREYtpiO
gY/J0q0SHK6oQOSY1qThur0se5AYnrHC7ns1pFBd2HcrnsAtcjko8NNMtzZbXw+D
bpY1YXWT0dE/B3KLcAc+3dsgjzCukebjfPFPo4y1Zpdmgd/2gdu5qL3wpdjo+uLx
GmXp3OGWHxMqwxo92KgKc2+2uHFAB+4VgUfxMru4d7TSK+cW57fhwwqooRnXpU23
Rd8zhqn5UQ3Ewi8+oQ7KCrAsn0UU
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:31:11 2025 by rpki-client