Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/ijbWwj6gTgXEJS-MPg0X9zPmwxg.roa
File: ijbWwj6gTgXEJS-MPg0X9zPmwxg.roa (raw, json)
Hash identifier: iPHiXO+LDIiEndFXWexSu9OcnWmKGbEPRigzPAAC9ig=
Subject key identifier: 8A:36:D6:C2:3E:A0:4E:05:C4:25:2F:8C:3E:0D:17:F7:33:E6:C3:18
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0198343EC59244403766BE7F936C22F29A1E
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/ijbWwj6gTgXEJS-MPg0X9zPmwxg.roa
Signing time: Tue 22 Jul 2025 22:26:25 +0000
ROA not before: Tue 22 Jul 2025 22:26:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 45.248.55.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
103.216.196.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
193.160.80.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 22 Jul 2025 23:37:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:34:3e:c5:92:44:40:37:66:be:7f:93:6c:22:f2:9a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 22 22:26:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a36d6c23ea04e05c4252f8c3e0d17f733e6c318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ce:69:f2:00:6f:10:d6:19:86:77:7d:e4:0c:
ff:23:34:e6:d3:2f:b9:16:a8:4f:74:06:26:12:46:
b6:51:f8:54:30:ab:a7:ac:17:ba:f2:33:d1:27:88:
65:e8:d1:97:82:5d:2a:16:3e:99:76:e2:b1:da:66:
1b:65:5b:03:ab:d5:d9:7e:87:fc:ae:d6:7b:44:1a:
5d:56:be:b5:2b:59:d6:8b:67:db:fc:65:cd:22:c4:
74:02:b2:0c:b2:32:bf:8b:cb:4b:43:01:41:d9:0d:
66:59:eb:7d:54:05:f4:3e:27:04:ab:2e:19:11:6a:
8a:6a:f2:3d:eb:d0:24:da:16:b8:e2:49:f4:4a:eb:
ab:51:5f:53:d4:ab:3c:90:ae:60:0e:e6:2c:61:9b:
7b:91:90:d6:c5:40:b6:db:12:8e:a0:2c:8a:69:46:
75:91:a5:f9:b4:b7:b9:fe:a5:7e:96:7e:b7:35:0a:
4e:c6:f7:d5:15:af:9b:7a:dd:97:d0:e4:ac:4b:12:
86:d6:7a:8b:c1:e6:a1:54:50:7d:30:ab:59:fc:64:
8d:2f:b4:96:0b:f8:2d:5a:f6:7a:46:99:ca:e7:f0:
93:7c:48:15:e2:2a:8b:68:94:b0:89:cb:1c:d2:f2:
d6:11:dd:43:48:46:22:79:9f:5a:38:01:68:28:7f:
c3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:36:D6:C2:3E:A0:4E:05:C4:25:2F:8C:3E:0D:17:F7:33:E6:C3:18
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/ijbWwj6gTgXEJS-MPg0X9zPmwxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.248.55.0/24
94.154.177.0/24
103.216.196.0/24
185.52.136.0/24
185.253.122.0/24
192.145.71.0/24
193.160.80.0/22
Signature Algorithm: sha256WithRSAEncryption
84:de:33:d3:54:ad:72:b4:99:52:09:19:31:96:9a:fe:31:99:
ef:9d:70:36:19:96:d8:00:91:b7:45:36:45:b7:6e:f6:38:04:
2b:f0:09:ae:b3:6d:0a:ad:17:f3:83:e7:23:57:c8:b1:ad:c4:
b2:01:f0:07:44:79:58:2b:5d:ee:cb:81:1e:9a:42:5b:fc:35:
34:b2:ad:68:5b:25:3d:4a:a7:64:8a:35:4c:8f:3d:fc:4f:9d:
bd:b4:d2:13:6d:75:38:53:54:71:d1:92:2e:e0:5e:2b:90:92:
a5:c6:f7:f3:4a:96:3d:76:ce:2a:c0:de:61:f0:93:14:53:d6:
44:aa:a0:99:a5:4e:c5:84:9f:ca:35:9e:cd:58:29:37:27:b1:
3a:02:b2:75:ab:1f:bc:50:f1:67:42:25:0d:5d:c3:e7:7b:9f:
6f:bf:83:c2:3d:78:41:d7:f3:f2:36:9a:ae:d6:56:0a:71:ac:
f3:26:ab:ad:73:35:78:c5:f7:ea:18:37:6b:1d:e2:61:c2:f2:
80:d5:b3:ef:d7:35:c6:df:a7:27:dc:95:26:91:65:3a:ac:8d:
d6:f0:1b:ac:f8:fc:47:6f:0b:a7:f2:0f:97:57:18:c4:b1:fb:
21:80:ac:66:86:52:db:a3:b6:5d:91:da:8a:0f:2d:ec:ed:5c:
3f:d4:ff:4d
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZg0PsWSREA3Zr5/k2wi8poeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNzIyMjIyNjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTM2ZDZjMjNlYTA0ZTA1YzQyNTJmOGMzZTBkMTdmNzMzZTZjMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv85p8gBvENYZhnd95Az/IzTm0y+5
FqhPdAYmEka2UfhUMKunrBe68jPRJ4hl6NGXgl0qFj6ZduKx2mYbZVsDq9XZfof8
rtZ7RBpdVr61K1nWi2fb/GXNIsR0ArIMsjK/i8tLQwFB2Q1mWet9VAX0PicEqy4Z
EWqKavI969Ak2ha44kn0SuurUV9T1Ks8kK5gDuYsYZt7kZDWxUC22xKOoCyKaUZ1
kaX5tLe5/qV+ln63NQpOxvfVFa+bet2X0OSsSxKG1nqLweahVFB9MKtZ/GSNL7SW
C/gtWvZ6RpnK5/CTfEgV4iqLaJSwicsc0vLWEd1DSEYieZ9aOAFoKH/D2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFIo21sI+oE4FxCUvjD4NF/cz5sMYMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvaWpiV3dqNmdUZ1hFSlMtTVBnMFg5elBtd3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALfg3AwQA
XpqxAwQAZ9jEAwQAuTSIAwQAuf16AwQAwJFHAwQCwaBQMA0GCSqGSIb3DQEBCwUA
A4IBAQCE3jPTVK1ytJlSCRkxlpr+MZnvnXA2GZbYAJG3RTZFt272OAQr8Amus20K
rRfzg+cjV8ixrcSyAfAHRHlYK13uy4EemkJb/DU0sq1oWyU9SqdkijVMjz38T529
tNITbXU4U1Rx0ZIu4F4rkJKlxvfzSpY9ds4qwN5h8JMUU9ZEqqCZpU7FhJ/KNZ7N
WCk3J7E6ArJ1qx+8UPFnQiUNXcPne59vv4PCPXhB1/PyNpqu1lYKcazzJqutczV4
xffqGDdrHeJhwvKA1bPv1zXG36cn3JUmkWU6rI3W8Bus+PxHbwun8g+XVxjEsfsh
gKxmhlLbo7ZdkdqKDy3s7Vw/1P9N
-----END CERTIFICATE-----
Generated at Sun Jul 27 14:04:58 2025 by rpki-client