Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/1-aPtC_DpL3BDQFqNjCMQrRRh5aw.roa
File: 1-aPtC_DpL3BDQFqNjCMQrRRh5aw.roa (raw, json)
Hash identifier: O+mz9GsFQoEzLOmD68b2vb+62/cJ4Q9eUF+pG0uwoXY=
Subject key identifier: F9:A3:ED:0B:F0:E9:2F:70:43:40:5A:8D:8C:23:10:AD:14:61:E5:AC
Certificate issuer: /CN=f32be982060a43734d0ad126ad46da2f395c9def
Certificate serial: 0196E8DB080E92F6EB40D88D4305934B65F3
Authority key identifier: F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/1-aPtC_DpL3BDQFqNjCMQrRRh5aw.roa
Signing time: Mon 19 May 2025 14:03:10 +0000
ROA not before: Mon 19 May 2025 14:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.37.200.0/22 maxlen: 22
185.37.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 09:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:db:08:0e:92:f6:eb:40:d8:8d:43:05:93:4b:65:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f32be982060a43734d0ad126ad46da2f395c9def
Validity
Not Before: May 19 14:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9a3ed0bf0e92f7043405a8d8c2310ad1461e5ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:95:29:f2:cf:e2:a3:f6:3b:25:47:f1:21:b2:
74:8b:4e:2c:8a:fa:4b:f2:3c:05:cb:6f:ee:66:12:
e7:c0:a5:2d:fd:6b:e8:5a:1f:f7:c5:9d:64:9f:ba:
b9:b8:98:fe:0c:f9:cc:91:2e:64:2a:24:26:df:2a:
98:f2:74:bf:b1:c8:0f:50:b2:ee:8f:f0:30:41:2c:
dc:2c:71:52:fa:00:fe:a6:75:87:70:33:d9:94:09:
91:66:e8:ec:ce:b9:b7:04:fe:88:96:1d:a2:dd:87:
bd:b5:a8:72:ce:83:de:19:bf:4f:62:1f:df:fa:04:
18:e0:6b:e5:29:0b:be:81:4f:23:ea:8b:95:05:c5:
6e:a4:f1:bd:ec:1f:41:37:fc:73:b7:10:e9:58:25:
88:81:c7:ba:ed:37:22:64:12:52:38:28:91:93:48:
6c:5b:92:26:4d:e9:ac:ba:2d:19:77:19:96:fb:c6:
18:6b:1c:3f:ec:b8:83:51:cc:04:63:79:b2:25:36:
63:22:e8:63:a0:10:ce:85:95:48:2c:d4:46:08:3f:
20:0f:9a:9b:9b:b9:cd:75:0e:cb:05:e2:3e:4c:7f:
18:cd:8f:e6:64:ab:8b:4e:2e:34:e6:e1:25:cb:35:
33:cd:39:1d:6e:86:ca:42:e9:9b:f1:34:e1:eb:e3:
b6:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:A3:ED:0B:F0:E9:2F:70:43:40:5A:8D:8C:23:10:AD:14:61:E5:AC
X509v3 Authority Key Identifier:
keyid:F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/1-aPtC_DpL3BDQFqNjCMQrRRh5aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8yvpggYKQ3NNCtEmrUbaLzlcne8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.200.0/22
Signature Algorithm: sha256WithRSAEncryption
98:29:14:ce:e6:a9:27:c3:f4:33:5b:a3:fd:e5:77:d8:2e:63:
e5:1d:71:71:a2:26:b1:e0:f9:a9:4c:58:08:72:c3:a7:31:05:
d3:01:4d:99:86:9b:a9:ee:48:8e:f3:3b:08:1a:56:b3:49:d7:
11:44:dd:91:91:fb:29:4f:bf:f1:77:e3:21:f3:43:43:4d:c7:
62:27:98:59:38:2c:62:67:e2:24:5a:2d:c9:4c:a9:5a:3a:80:
4b:2e:8f:62:85:76:15:59:50:17:f7:ca:35:16:88:82:58:65:
dc:03:ee:c3:02:f9:fc:bd:57:1c:84:fe:18:7b:0b:f6:e7:12:
02:0e:33:74:a8:b6:51:00:6d:db:94:a4:05:c0:fd:b8:7f:0e:
89:74:fc:fe:f8:fe:06:2c:31:19:9d:bc:5e:cf:41:12:a1:04:
81:13:bd:15:0a:7b:f4:e9:c2:76:cc:0b:71:ba:70:36:6e:ba:
52:48:45:88:87:8d:72:00:b7:df:ff:fb:18:16:32:12:a8:9e:
53:11:3d:37:15:7a:eb:8e:3d:96:c0:50:48:a2:58:93:d6:34:
6c:16:c1:68:7a:36:dd:8b:e2:cc:c3:08:7c:ea:05:64:7f:f5:
82:06:f1:72:9f:00:cc:e0:8f:82:a5:85:28:69:fd:c5:96:3c:
79:fb:b2:5e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZbo2wgOkvbrQNiNQwWTS2XzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMmJlOTgyMDYwYTQzNzM0ZDBhZDEyNmFkNDZkYTJmMzk1
YzlkZWYwHhcNMjUwNTE5MTQwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWEzZWQwYmYwZTkyZjcwNDM0MDVhOGQ4YzIzMTBhZDE0NjFlNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZUp8s/io/Y7JUfxIbJ0i04sivpL
8jwFy2/uZhLnwKUt/WvoWh/3xZ1kn7q5uJj+DPnMkS5kKiQm3yqY8nS/scgPULLu
j/AwQSzcLHFS+gD+pnWHcDPZlAmRZujszrm3BP6Ilh2i3Ye9tahyzoPeGb9PYh/f
+gQY4GvlKQu+gU8j6ouVBcVupPG97B9BN/xztxDpWCWIgce67TciZBJSOCiRk0hs
W5ImTemsui0ZdxmW+8YYaxw/7LiDUcwEY3myJTZjIuhjoBDOhZVILNRGCD8gD5qb
m7nNdQ7LBeI+TH8YzY/mZKuLTi405uElyzUzzTkdbobKQumb8TTh6+O2NwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPmj7Qvw6S9wQ0BajYwjEK0UYeWsMB8GA1UdIwQY
MBaAFPMr6YIGCkNzTQrRJq1G2i85XJ3vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHl2cGdnWUtRM05OQ3RFbXJVYmFMemxjbmU4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYTNiMWQtN2FjZi00NTFmLWI2OGIt
OTliY2JlNmQ3ZjYzLzEvMS1hUHRDX0RwTDNCRFFGcU5qQ01RclJSaDVhdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjAvZGEzYjFkLTdhY2YtNDUxZi1iNjhiLTk5YmNiZTZkN2Y2
My8xLzh5dnBnZ1lLUTNOTkN0RW1yVWJhTHpsY25lOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEArklyDAN
BgkqhkiG9w0BAQsFAAOCAQEAmCkUzuapJ8P0M1uj/eV32C5j5R1xcaImseD5qUxY
CHLDpzEF0wFNmYabqe5IjvM7CBpWs0nXEUTdkZH7KU+/8XfjIfNDQ03HYieYWTgs
YmfiJFotyUypWjqASy6PYoV2FVlQF/fKNRaIglhl3APuwwL5/L1XHIT+GHsL9ucS
Ag4zdKi2UQBt25SkBcD9uH8OiXT8/vj+BiwxGZ28Xs9BEqEEgRO9FQp79OnCdswL
cbpwNm66UkhFiIeNcgC33//7GBYyEqieUxE9NxV66449lsBQSKJYk9Y0bBbBaHo2
3YvizMMIfOoFZH/1ggbxcp8AzOCPgqWFKGn9xZY8efuyXg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:55:52 2025 by rpki-client