Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8ZfV7zzIwaOjq5SMXmtzFAobu34.roa
File: 8ZfV7zzIwaOjq5SMXmtzFAobu34.roa (raw, json)
Hash identifier: OueWyp/HQwApxMuOApIiNmy/i1pp4FxN7RUtpQmiGn0=
Subject key identifier: F1:97:D5:EF:3C:C8:C1:A3:A3:AB:94:8C:5E:6B:73:14:0A:1B:BB:7E
Certificate issuer: /CN=f32be982060a43734d0ad126ad46da2f395c9def
Certificate serial: 0196E8DB06EC9E269E148FA61FD3E1064EEE
Authority key identifier: F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8ZfV7zzIwaOjq5SMXmtzFAobu34.roa
Signing time: Mon 19 May 2025 14:03:10 +0000
ROA not before: Mon 19 May 2025 14:03:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 185.37.200.0/22 maxlen: 22
185.37.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 20 May 2025 09:29:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e8:db:06:ec:9e:26:9e:14:8f:a6:1f:d3:e1:06:4e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f32be982060a43734d0ad126ad46da2f395c9def
Validity
Not Before: May 19 14:03:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f197d5ef3cc8c1a3a3ab948c5e6b73140a1bbb7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9e:82:07:a1:23:bb:61:15:ad:a5:85:67:c3:
a6:b5:36:c8:0c:31:86:02:12:40:e1:69:b8:6f:7c:
80:32:7b:f5:24:51:7f:0f:23:11:e3:b4:69:c0:e8:
7d:da:85:d7:c4:ff:04:4f:10:62:0c:ca:76:4f:0c:
80:be:c7:c1:d3:78:17:76:52:93:57:63:ae:0c:ac:
be:bb:fc:d2:0c:7b:59:e9:d9:14:3c:31:bb:b3:97:
f2:10:de:93:01:40:9a:bf:23:32:12:b2:d3:60:8e:
73:a7:a7:0b:f5:1e:4e:9b:0a:d7:d0:20:c8:af:6a:
d0:48:86:0a:d4:3f:52:5f:2b:4b:92:59:7d:0f:1c:
28:e2:b6:4a:c4:c5:0a:28:61:5c:df:69:ff:a1:b8:
a6:78:19:40:e6:9f:08:90:3e:40:cb:49:37:16:c9:
82:95:5a:18:ce:b0:b9:a9:dc:6e:69:6a:67:03:18:
d2:8a:a4:71:5e:3a:0a:2a:90:79:03:aa:1e:84:fc:
45:42:de:63:7a:c6:cc:c6:ef:ea:67:2b:87:e4:64:
8e:36:8a:98:d5:5f:c6:96:73:22:c6:7a:80:46:f3:
6e:31:30:38:f8:3c:d0:5d:0b:ea:6c:0b:4f:55:dd:
c5:b4:06:0e:04:6e:8b:bf:a4:e0:a7:b3:c0:7b:77:
f2:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:97:D5:EF:3C:C8:C1:A3:A3:AB:94:8C:5E:6B:73:14:0A:1B:BB:7E
X509v3 Authority Key Identifier:
keyid:F3:2B:E9:82:06:0A:43:73:4D:0A:D1:26:AD:46:DA:2F:39:5C:9D:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8yvpggYKQ3NNCtEmrUbaLzlcne8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8ZfV7zzIwaOjq5SMXmtzFAobu34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/da3b1d-7acf-451f-b68b-99bcbe6d7f63/1/8yvpggYKQ3NNCtEmrUbaLzlcne8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.37.200.0/22
Signature Algorithm: sha256WithRSAEncryption
53:b6:ca:9b:99:a7:d8:3b:8e:ad:39:ba:ac:86:3f:86:c7:17:
94:0a:15:ea:d0:e7:57:54:cd:a8:c2:d0:24:72:75:48:f3:42:
b3:bc:96:62:70:02:e8:69:17:dc:5b:b7:5a:06:58:5b:9c:9d:
14:f6:03:1c:6d:c8:d0:3f:b6:fe:3a:47:06:0d:03:70:dc:9f:
69:e0:c8:8b:70:88:80:d0:fe:6f:2f:87:a2:bd:33:25:a4:52:
56:15:94:6e:fb:eb:5b:93:08:e2:79:45:fa:b5:12:4c:76:87:
46:16:ac:dd:31:7b:4d:ed:60:59:71:3a:07:22:79:a5:a4:5d:
51:5b:7f:1d:c1:0a:56:5f:26:f0:96:a6:00:0a:69:1c:ea:ce:
49:29:b3:5c:eb:63:a3:50:cc:e4:c6:41:58:4b:2a:b8:b0:32:
93:0e:d8:87:f1:ed:ab:19:a9:24:f1:19:2d:27:38:e1:21:8d:
6b:97:49:dd:b8:af:60:eb:5a:be:51:cf:e8:65:c5:9c:53:ca:
0a:5b:82:1e:69:87:09:23:11:55:23:53:d0:a2:a0:45:3b:db:
84:94:9f:58:93:31:39:8b:c2:e9:56:a9:2e:2d:57:f8:ad:ef:
24:cf:bf:b0:51:c8:75:05:e5:ec:f4:98:ae:23:cc:93:95:a7:
a6:b4:01:3f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbo2wbsniaeFI+mH9PhBk7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYzMmJlOTgyMDYwYTQzNzM0ZDBhZDEyNmFkNDZkYTJmMzk1
YzlkZWYwHhcNMjUwNTE5MTQwMzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMTk3ZDVlZjNjYzhjMWEzYTNhYjk0OGM1ZTZiNzMxNDBhMWJiYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzp6CB6Eju2EVraWFZ8OmtTbIDDGG
AhJA4Wm4b3yAMnv1JFF/DyMR47RpwOh92oXXxP8ETxBiDMp2TwyAvsfB03gXdlKT
V2OuDKy+u/zSDHtZ6dkUPDG7s5fyEN6TAUCavyMyErLTYI5zp6cL9R5OmwrX0CDI
r2rQSIYK1D9SXytLkll9Dxwo4rZKxMUKKGFc32n/obimeBlA5p8IkD5Ay0k3FsmC
lVoYzrC5qdxuaWpnAxjSiqRxXjoKKpB5A6oehPxFQt5jesbMxu/qZyuH5GSONoqY
1V/GlnMixnqARvNuMTA4+DzQXQvqbAtPVd3FtAYOBG6Lv6Tgp7PAe3fyIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPGX1e88yMGjo6uUjF5rcxQKG7t+MB8GA1UdIwQY
MBaAFPMr6YIGCkNzTQrRJq1G2i85XJ3vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOHl2cGdnWUtRM05OQ3RFbXJVYmFMemxjbmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC9kYTNiMWQtN2FjZi00NTFmLWI2OGIt
OTliY2JlNmQ3ZjYzLzEvOFpmVjd6ekl3YU9qcTVTTVhtdHpGQW9idTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC9kYTNiMWQtN2FjZi00NTFmLWI2OGItOTliY2JlNmQ3ZjYz
LzEvOHl2cGdnWUtRM05OQ3RFbXJVYmFMemxjbmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSXIMA0G
CSqGSIb3DQEBCwUAA4IBAQBTtsqbmafYO46tObqshj+GxxeUChXq0OdXVM2owtAk
cnVI80KzvJZicALoaRfcW7daBlhbnJ0U9gMcbcjQP7b+OkcGDQNw3J9p4MiLcIiA
0P5vL4eivTMlpFJWFZRu++tbkwjieUX6tRJMdodGFqzdMXtN7WBZcToHInmlpF1R
W38dwQpWXybwlqYACmkc6s5JKbNc62OjUMzkxkFYSyq4sDKTDtiH8e2rGakk8Rkt
JzjhIY1rl0nduK9g61q+Uc/oZcWcU8oKW4IeaYcJIxFVI1PQoqBFO9uElJ9YkzE5
i8LpVqkuLVf4re8kz7+wUch1BeXs9JiuI8yTlaemtAE/
-----END CERTIFICATE-----
Generated at Wed Jun 11 03:37:03 2025 by rpki-client