Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/CxRPJOd4GZcexVZwOM_5t50OsKQ.roa
File: CxRPJOd4GZcexVZwOM_5t50OsKQ.roa (raw, json)
Hash identifier: GL8iwB930t5jskyH6B2hImn40fZZMbewiU/H3pa+oQc=
Subject key identifier: 0B:14:4F:24:E7:78:19:97:1E:C5:56:70:38:CF:F9:B7:9D:0E:B0:A4
Certificate issuer: /CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Certificate serial: 01982D9AA2C0FA2B76E7A2DBA6AEC487944C
Authority key identifier: D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/CxRPJOd4GZcexVZwOM_5t50OsKQ.roa
Signing time: Mon 21 Jul 2025 15:29:25 +0000
ROA not before: Mon 21 Jul 2025 15:29:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22612
IP address blocks: 37.61.232.0/21 maxlen: 24
37.61.232.0/24 maxlen: 24
37.61.233.0/24 maxlen: 24
37.61.234.0/24 maxlen: 24
37.61.235.0/24 maxlen: 24
37.61.236.0/24 maxlen: 24
37.61.238.0/24 maxlen: 24
37.61.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Jul 2025 00:49:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2d:9a:a2:c0:fa:2b:76:e7:a2:db:a6:ae:c4:87:94:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7219ec7383fa0610480ddfa62c3f82c400cd56f
Validity
Not Before: Jul 21 15:29:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0b144f24e77819971ec5567038cff9b79d0eb0a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:84:51:bb:1c:70:ca:8a:2d:52:d7:74:f3:dc:
aa:81:1d:a1:cd:31:de:22:ee:b9:f6:b2:7b:7b:4a:
1a:51:d8:0f:6a:28:ec:88:bb:76:a7:3d:00:d0:1d:
25:f0:43:7d:57:39:bb:f5:6c:fb:1f:fc:ba:03:b0:
3e:82:61:d2:6e:25:16:e6:25:af:07:6a:e2:3d:13:
b7:30:e3:f9:54:82:a0:8c:52:22:f7:e5:fe:a5:ef:
72:a3:e4:1d:e7:ff:6c:cc:8e:31:68:70:d4:8d:51:
ec:a2:1d:ba:9e:2a:f3:80:d1:2f:64:61:75:0b:de:
b3:a0:be:7c:f9:01:c2:92:33:4b:de:3e:00:ec:5f:
c4:4e:6a:6e:0e:78:74:6c:c5:f1:22:28:15:ff:fc:
46:ff:9d:80:7a:09:8a:e8:3a:a8:fe:e0:f2:f7:a8:
ee:e6:d1:3f:2e:75:b9:35:b4:66:c7:55:96:5b:c4:
9a:a1:fd:22:0a:ea:15:31:9a:ad:2b:f8:45:a7:09:
f1:7c:80:49:7b:53:a1:d5:a4:14:8d:36:95:80:fb:
83:12:a0:50:8a:2a:23:c4:bb:2d:10:64:36:97:13:
9f:ce:5e:7a:7e:f3:b5:6a:c0:57:e9:50:96:6a:74:
66:c9:db:62:73:41:30:4e:24:fd:2c:d0:d5:11:03:
98:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:14:4F:24:E7:78:19:97:1E:C5:56:70:38:CF:F9:B7:9D:0E:B0:A4
X509v3 Authority Key Identifier:
keyid:D7:21:9E:C7:38:3F:A0:61:04:80:DD:FA:62:C3:F8:2C:40:0C:D5:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1yGexzg_oGEEgN36YsP4LEAM1W8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/CxRPJOd4GZcexVZwOM_5t50OsKQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/fbffbc-ab82-4058-b8b7-d0c82a3cf4b6/1/1yGexzg_oGEEgN36YsP4LEAM1W8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.61.232.0/21
Signature Algorithm: sha256WithRSAEncryption
0b:59:b4:c2:ab:51:bd:94:85:90:1b:e1:e4:a7:1a:d8:f5:8c:
64:e7:0d:db:ae:86:02:be:3f:50:98:ce:bf:b0:5c:bd:b3:35:
14:a3:01:6a:2f:42:f9:8c:7d:44:7e:9b:d1:65:cd:41:c4:4c:
43:9b:80:a9:b0:d9:2f:ad:ec:db:05:e2:46:43:80:d5:16:c3:
59:08:d5:36:6e:6a:a8:6c:bf:62:a6:d4:5d:53:b1:bd:94:f6:
d6:9c:d2:60:4e:62:83:47:5a:4d:3e:3a:e9:1a:8a:b0:86:9e:
0b:60:f3:62:44:43:23:a6:b3:c7:6e:4e:bc:ab:12:b3:fa:e4:
ff:82:33:de:8a:03:b6:17:a4:e2:9a:67:63:f9:63:2f:b3:d7:
c2:7b:4b:f5:d6:5c:56:df:80:2d:d1:44:69:01:55:d1:db:18:
a8:e5:b3:3f:c1:18:88:74:87:a0:42:87:1b:e2:92:b0:83:1c:
b4:43:21:51:6a:a7:c7:95:b1:9e:f0:04:d4:48:7a:26:4d:20:
c5:4c:20:7b:bb:86:fa:9c:fc:df:b3:7d:aa:b7:6c:cf:3d:6c:
07:d1:eb:6b:1f:80:34:e8:17:ed:f3:6b:e5:28:45:e9:4e:82:
26:58:c0:02:5f:b7:96:50:2a:bd:4d:f1:42:64:0b:ad:fa:5f:
1f:f0:c4:1f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZgtmqLA+it256Lbpq7Eh5RMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3MjE5ZWM3MzgzZmEwNjEwNDgwZGRmYTYyYzNmODJjNDAw
Y2Q1NmYwHhcNMjUwNzIxMTUyOTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjE0NGYyNGU3NzgxOTk3MWVjNTU2NzAzOGNmZjliNzlkMGViMGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwoRRuxxwyootUtd089yqgR2hzTHe
Iu659rJ7e0oaUdgPaijsiLt2pz0A0B0l8EN9Vzm79Wz7H/y6A7A+gmHSbiUW5iWv
B2riPRO3MOP5VIKgjFIi9+X+pe9yo+Qd5/9szI4xaHDUjVHsoh26nirzgNEvZGF1
C96zoL58+QHCkjNL3j4A7F/ETmpuDnh0bMXxIigV//xG/52AegmK6Dqo/uDy96ju
5tE/LnW5NbRmx1WWW8Saof0iCuoVMZqtK/hFpwnxfIBJe1Oh1aQUjTaVgPuDEqBQ
iiojxLstEGQ2lxOfzl56fvO1asBX6VCWanRmydtic0EwTiT9LNDVEQOYTQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAsUTyTneBmXHsVWcDjP+bedDrCkMB8GA1UdIwQY
MBaAFNchnsc4P6BhBIDd+mLD+CxADNVvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4Yjct
ZDBjODJhM2NmNGI2LzEvQ3hSUEpPZDRHWmNleFZad09NXzV0NTBPc0tRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mYmZmYmMtYWI4Mi00MDU4LWI4YjctZDBjODJhM2NmNGI2
LzEvMXlHZXh6Z19vR0VFZ04zNllzUDRMRUFNMVc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDJT3oMA0G
CSqGSIb3DQEBCwUAA4IBAQALWbTCq1G9lIWQG+HkpxrY9Yxk5w3broYCvj9QmM6/
sFy9szUUowFqL0L5jH1EfpvRZc1BxExDm4CpsNkvrezbBeJGQ4DVFsNZCNU2bmqo
bL9iptRdU7G9lPbWnNJgTmKDR1pNPjrpGoqwhp4LYPNiREMjprPHbk68qxKz+uT/
gjPeigO2F6Timmdj+WMvs9fCe0v11lxW34At0URpAVXR2xio5bM/wRiIdIegQocb
4pKwgxy0QyFRaqfHlbGe8ATUSHomTSDFTCB7u4b6nPzfs32qt2zPPWwH0etrH4A0
6Bft82vlKEXpToImWMACX7eWUCq9TfFCZAut+l8f8MQf
-----END CERTIFICATE-----
Generated at Sun Jul 27 03:16:44 2025 by rpki-client