Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BA8qmFXxKJo1OglTbhBiFuab7VU.roa
File: BA8qmFXxKJo1OglTbhBiFuab7VU.roa (raw, json)
Hash identifier: wD1c1h0OpwBGG1Qgm80w9YLQi8Cx/7kPtfrgZB8tiVI=
Subject key identifier: 04:0F:2A:98:55:F1:28:9A:35:3A:09:53:6E:10:62:16:E6:9B:ED:55
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0197DF3A3255D9E6CF2F0FC435588598BD5A
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BA8qmFXxKJo1OglTbhBiFuab7VU.roa
Signing time: Sun 06 Jul 2025 10:13:42 +0000
ROA not before: Sun 06 Jul 2025 10:13:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.104.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
185.92.45.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Jul 2025 21:20:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:df:3a:32:55:d9:e6:cf:2f:0f:c4:35:58:85:98:bd:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jul 6 10:13:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=040f2a9855f1289a353a09536e106216e69bed55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:65:c3:a8:b8:73:99:d8:62:59:4b:24:f0:10:
ce:9a:62:0e:17:56:8f:82:d3:e0:42:19:54:b3:8f:
54:cc:66:aa:30:4a:d4:95:b1:8f:c0:d1:89:2d:a4:
55:d1:ac:95:dd:11:71:2b:85:36:57:7b:26:5c:d2:
b7:af:50:8d:a9:fa:c2:a0:dd:b5:31:89:47:3b:62:
04:4c:a9:ec:76:55:3b:7d:c0:14:34:4f:87:75:7d:
72:57:28:6a:a9:4a:73:1c:75:c1:d8:19:10:06:0f:
28:2d:0a:53:53:43:90:a5:55:e4:3e:fd:fc:93:ce:
73:9a:bd:a1:6b:33:f8:48:e6:f7:24:8d:b9:31:e2:
d9:ef:c2:25:56:c6:da:ae:87:24:90:13:21:a1:77:
16:ce:1e:45:95:c5:01:42:a6:98:06:ed:4f:aa:bf:
5a:6b:7a:50:eb:8e:ca:45:f9:c2:59:2c:d7:95:fc:
87:82:02:7d:f9:f7:94:ab:7b:34:0c:e5:8c:9f:40:
cd:2b:fc:77:7e:fb:30:2e:10:0e:32:7a:f2:f5:fc:
2b:79:ee:55:2a:8f:2c:1d:2a:73:35:43:23:f4:fc:
60:32:f8:dc:09:e9:a1:ed:c0:fe:c7:fa:6a:44:a4:
2a:86:36:2c:a5:9c:a2:41:e3:67:c2:d5:6a:79:19:
ad:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:0F:2A:98:55:F1:28:9A:35:3A:09:53:6E:10:62:16:E6:9B:ED:55
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/BA8qmFXxKJo1OglTbhBiFuab7VU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.104.0/24
46.37.113.0/24
185.92.45.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:e5:94:df:a5:ef:1f:46:55:d2:0a:e1:b3:e5:06:cd:d8:19:
33:c6:d1:90:98:39:d0:df:e1:73:10:ec:0e:e0:19:36:6b:12:
52:52:80:86:42:f4:ca:26:28:72:de:ff:cb:63:65:9c:10:3c:
5f:ac:85:6a:96:29:fe:0f:24:77:de:32:b6:cb:cd:4d:5b:48:
82:12:74:d8:b5:1b:cf:e0:f1:0a:ad:7f:be:cb:42:88:ef:79:
0b:cf:b6:26:9a:7f:1f:13:7c:15:68:4e:50:65:66:0e:3c:2d:
d8:35:f0:d1:16:b9:33:66:36:a2:44:08:e0:42:5b:b0:e8:80:
8b:79:1f:f0:b4:a3:04:10:18:16:28:05:26:93:fe:77:ce:85:
91:a3:56:d8:be:cd:0e:3a:b7:da:44:7b:64:53:53:c0:90:6a:
53:54:2d:3a:01:18:1b:66:fd:09:4d:dd:e4:93:8e:a9:9d:64:
b5:f4:63:d8:b6:fa:cc:7d:04:71:c8:d0:0c:71:0b:2d:6c:47:
1e:83:70:80:bc:ff:d9:5a:34:df:47:10:33:5e:28:c4:f8:f3:
09:7e:f7:4f:a4:41:3b:c0:7a:53:19:14:eb:2e:cc:5b:8e:99:
0e:60:ed:9c:7e:1d:67:42:0f:49:11:94:63:d1:86:42:b8:33:
26:2f:2b:06
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZffOjJV2ebPLw/ENViFmL1aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwNzA2MTAxMzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDBmMmE5ODU1ZjEyODlhMzUzYTA5NTM2ZTEwNjIxNmU2OWJlZDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmXDqLhzmdhiWUsk8BDOmmIOF1aP
gtPgQhlUs49UzGaqMErUlbGPwNGJLaRV0ayV3RFxK4U2V3smXNK3r1CNqfrCoN21
MYlHO2IETKnsdlU7fcAUNE+HdX1yVyhqqUpzHHXB2BkQBg8oLQpTU0OQpVXkPv38
k85zmr2hazP4SOb3JI25MeLZ78IlVsbarockkBMhoXcWzh5FlcUBQqaYBu1Pqr9a
a3pQ647KRfnCWSzXlfyHggJ9+feUq3s0DOWMn0DNK/x3fvswLhAOMnry9fwree5V
Ko8sHSpzNUMj9PxgMvjcCemh7cD+x/pqRKQqhjYspZyiQeNnwtVqeRmtHwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAQPKphV8SiaNToJU24QYhbmm+1VMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvQkE4cW1GWHhLSm8xT2dsVGJoQmlGdWFiN1ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiViAwQA
LiVoAwQALiVxAwQAuVwtMA0GCSqGSIb3DQEBCwUAA4IBAQA85ZTfpe8fRlXSCuGz
5QbN2BkzxtGQmDnQ3+FzEOwO4Bk2axJSUoCGQvTKJihy3v/LY2WcEDxfrIVqlin+
DyR33jK2y81NW0iCEnTYtRvP4PEKrX++y0KI73kLz7Ymmn8fE3wVaE5QZWYOPC3Y
NfDRFrkzZjaiRAjgQluw6ICLeR/wtKMEEBgWKAUmk/53zoWRo1bYvs0OOrfaRHtk
U1PAkGpTVC06ARgbZv0JTd3kk46pnWS19GPYtvrMfQRxyNAMcQstbEceg3CAvP/Z
WjTfRxAzXijE+PMJfvdPpEE7wHpTGRTrLsxbjpkOYO2cfh1nQg9JEZRj0YZCuDMm
LysG
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:22:38 2025 by rpki-client