Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/tAOmpLl0ZrtmRnieuyfa2PiwiUk.roa
File: tAOmpLl0ZrtmRnieuyfa2PiwiUk.roa (raw, json)
Hash identifier: NI31sswKjT2lx9DP3okFXa1huFSCJGsTpzQdWbBNUcY=
Subject key identifier: B4:03:A6:A4:B9:74:66:BB:66:46:78:9E:BB:27:DA:D8:F8:B0:89:49
Certificate issuer: /CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Certificate serial: 019816D1D13AE4C289EB3ED81408BA964B1A
Authority key identifier: FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/tAOmpLl0ZrtmRnieuyfa2PiwiUk.roa
Signing time: Thu 17 Jul 2025 05:18:25 +0000
ROA not before: Thu 17 Jul 2025 05:18:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204104
IP address blocks: 178.236.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Jul 2025 07:57:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:16:d1:d1:3a:e4:c2:89:eb:3e:d8:14:08:ba:96:4b:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa3d0bc11b29da44ad57304c3f8568870a019c24
Validity
Not Before: Jul 17 05:18:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b403a6a4b97466bb6646789ebb27dad8f8b08949
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c3:bf:1a:4d:d3:00:68:da:b7:70:f7:a5:5a:
46:49:09:94:06:65:86:cc:91:ed:8e:d8:7a:79:eb:
ef:46:49:94:f0:3c:36:38:cf:c3:ce:3d:a4:47:bb:
6a:1d:77:de:bc:ce:40:40:28:3a:95:1f:9a:29:2f:
8e:88:a9:96:b4:b5:d7:75:36:9f:42:5f:7f:82:b6:
ea:bf:72:ca:5b:6b:d1:85:cd:cc:2e:d8:08:cb:cd:
26:a0:53:41:24:d4:cd:21:b2:7f:87:51:eb:e0:49:
6a:dd:b5:a8:8e:b7:a3:a0:f0:b8:85:dc:16:1a:b5:
3e:63:77:1b:d9:da:43:fe:89:aa:23:68:13:c2:6b:
51:d9:13:14:f4:f1:8f:ce:31:6f:5e:5a:19:e5:f0:
49:99:21:a3:6b:e5:8a:4b:1a:4b:de:9d:ef:12:6c:
c2:4e:1a:7d:da:5b:87:7b:e5:84:a6:a9:53:02:da:
fa:88:3a:33:c8:00:4f:89:9f:4a:ad:15:de:1f:1d:
22:e8:e9:4b:cb:f9:a9:0e:94:6e:6d:ec:da:5c:3b:
ee:24:aa:ec:88:cb:91:dd:28:1f:10:37:77:61:49:
80:59:20:77:68:00:ed:20:94:58:0b:df:60:be:bb:
92:75:96:a6:bb:dc:4a:0f:51:f2:79:97:84:40:7f:
e0:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:03:A6:A4:B9:74:66:BB:66:46:78:9E:BB:27:DA:D8:F8:B0:89:49
X509v3 Authority Key Identifier:
keyid:FA:3D:0B:C1:1B:29:DA:44:AD:57:30:4C:3F:85:68:87:0A:01:9C:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-j0LwRsp2kStVzBMP4VohwoBnCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/tAOmpLl0ZrtmRnieuyfa2PiwiUk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/aa6629-d149-4197-a315-d21071ef735b/1/1-j0LwRsp2kStVzBMP4VohwoBnCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.32.0/24
Signature Algorithm: sha256WithRSAEncryption
19:e0:a0:12:b2:63:be:60:96:60:df:17:b4:c9:92:ea:fb:21:
31:2c:3a:ed:6b:1c:e3:06:30:46:7a:70:14:03:9f:5e:1c:c1:
91:66:ca:55:36:32:e3:7c:a2:3c:be:a8:60:b0:b4:2a:ff:31:
04:67:16:4d:33:6f:3a:a2:f3:ea:e2:49:1a:e3:20:2e:63:c9:
77:30:f2:16:76:af:97:0a:49:7b:5f:72:69:df:60:b4:16:64:
4f:89:d3:dc:a8:d5:af:08:ba:a8:45:db:21:bc:21:84:90:30:
d2:00:d2:33:84:87:cf:6d:37:ee:48:ea:cd:0e:2f:48:0f:e2:
48:a5:3c:f1:35:15:20:ff:aa:b5:a3:12:42:76:ee:d1:b7:61:
d9:95:62:33:ae:84:3e:55:df:c7:97:51:35:af:6c:39:a9:a9:
69:86:1d:ad:1c:0d:f6:09:7d:19:17:e6:7b:0d:39:02:15:1d:
9f:a9:36:12:27:64:b4:e8:74:a9:bc:4f:8c:51:be:45:78:20:
97:a2:59:32:d2:37:0e:9d:e1:01:c1:06:1f:cb:27:ab:7f:9e:
4a:07:0b:09:f3:57:bd:e5:ee:53:6d:fd:19:e7:bf:bd:0f:9c:
55:e8:39:5f:60:e6:69:a4:3a:44:f5:17:ab:98:4d:5e:99:27:
c9:9f:46:5f
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZgW0dE65MKJ6z7YFAi6lksaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhM2QwYmMxMWIyOWRhNDRhZDU3MzA0YzNmODU2ODg3MGEw
MTljMjQwHhcNMjUwNzE3MDUxODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDAzYTZhNGI5NzQ2NmJiNjY0Njc4OWViYjI3ZGFkOGY4YjA4OTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8O/Gk3TAGjat3D3pVpGSQmUBmWG
zJHtjth6eevvRkmU8Dw2OM/Dzj2kR7tqHXfevM5AQCg6lR+aKS+OiKmWtLXXdTaf
Ql9/grbqv3LKW2vRhc3MLtgIy80moFNBJNTNIbJ/h1Hr4Elq3bWojrejoPC4hdwW
GrU+Y3cb2dpD/omqI2gTwmtR2RMU9PGPzjFvXloZ5fBJmSGja+WKSxpL3p3vEmzC
Thp92luHe+WEpqlTAtr6iDozyABPiZ9KrRXeHx0i6OlLy/mpDpRubezaXDvuJKrs
iMuR3SgfEDd3YUmAWSB3aADtIJRYC99gvruSdZamu9xKD1HyeZeEQH/g+QIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFLQDpqS5dGa7ZkZ4nrsn2tj4sIlJMB8GA1UdIwQY
MBaAFPo9C8EbKdpErVcwTD+FaIcKAZwkMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1qMEx3UnNwMmtTdFZ6Qk1QNFZvaHdvQm5DUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1
LWQyMTA3MWVmNzM1Yi8xL3RBT21wTGwwWnJ0bVJuaWV1eWZhMlBpd2lVay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzMvYWE2NjI5LWQxNDktNDE5Ny1hMzE1LWQyMTA3MWVmNzM1
Yi8xLzEtajBMd1JzcDJrU3RWekJNUDRWb2h3b0JuQ1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACy7CAw
DQYJKoZIhvcNAQELBQADggEBABngoBKyY75glmDfF7TJkur7ITEsOu1rHOMGMEZ6
cBQDn14cwZFmylU2MuN8ojy+qGCwtCr/MQRnFk0zbzqi8+riSRrjIC5jyXcw8hZ2
r5cKSXtfcmnfYLQWZE+J09yo1a8IuqhF2yG8IYSQMNIA0jOEh89tN+5I6s0OL0gP
4kilPPE1FSD/qrWjEkJ27tG3YdmVYjOuhD5V38eXUTWvbDmpqWmGHa0cDfYJfRkX
5nsNOQIVHZ+pNhInZLTodKm8T4xRvkV4IJeiWTLSNw6d4QHBBh/LJ6t/nkoHCwnz
V73l7lNt/Rnnv70PnFXoOV9g5mmkOkT1F6uYTV6ZJ8mfRl8=
-----END CERTIFICATE-----
Generated at Sun Jul 27 09:13:55 2025 by rpki-client