Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PxbM-XDYoEF2_gpBRJAR8s5W378.roa
File: PxbM-XDYoEF2_gpBRJAR8s5W378.roa (raw, json)
Hash identifier: STOB2GMrYqLiJF0WaE6Qvw7nkGcm1jfBvs1FcnISKEU=
Subject key identifier: 3F:16:CC:F9:70:D8:A0:41:76:FE:0A:41:44:90:11:F2:CE:56:DF:BF
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019654EEFC77E0AC739A7539CD7D3ADF83EC
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PxbM-XDYoEF2_gpBRJAR8s5W378.roa
Signing time: Sun 20 Apr 2025 20:41:10 +0000
ROA not before: Sun 20 Apr 2025 20:41:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.229.8.0/22 maxlen: 22
87.229.31.0/24 maxlen: 24
87.229.64.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Apr 2025 19:32:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:54:ee:fc:77:e0:ac:73:9a:75:39:cd:7d:3a:df:83:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 20 20:41:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f16ccf970d8a04176fe0a41449011f2ce56dfbf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ba:95:3b:71:fc:58:d7:28:57:b0:90:55:04:
a0:d6:a1:f8:84:de:8d:8d:a8:3d:95:e4:5e:34:a2:
2f:54:49:da:4a:25:e1:fa:ce:29:69:1f:96:fa:0d:
c1:92:6b:69:fe:77:c3:83:c6:fc:af:61:45:a5:89:
81:d9:9b:64:37:5f:d9:e2:95:27:52:40:2a:d9:e9:
22:0b:7a:38:58:60:e1:5e:c7:37:61:93:b8:7a:57:
c3:5e:40:0d:f0:52:ae:b0:8b:1a:aa:34:51:38:d6:
10:e3:1e:90:19:ea:85:66:bf:86:1f:bb:0d:0f:63:
e6:7a:8f:3a:05:cb:78:fa:e4:7e:de:dc:e4:c9:a5:
d4:ef:7d:94:7e:fa:8c:2c:eb:e3:6c:52:6c:f9:f3:
68:5a:db:fc:87:33:ab:db:f8:11:63:2d:0c:aa:2d:
ea:4f:d5:27:b5:93:77:12:f5:12:72:37:08:3d:85:
53:bc:0b:3b:b8:af:ab:ae:94:c3:a2:cb:f1:0b:53:
37:bd:55:b5:c3:ad:3e:f0:0a:8b:5b:06:ea:ff:28:
eb:87:b4:87:7b:bf:01:7f:8f:b0:75:e1:2d:8b:25:
a4:03:64:c3:07:a3:84:fa:a8:de:4b:7e:c8:f8:bc:
13:b4:c9:7d:c4:b9:76:25:3b:a2:e4:cd:7b:8c:9d:
49:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:16:CC:F9:70:D8:A0:41:76:FE:0A:41:44:90:11:F2:CE:56:DF:BF
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/PxbM-XDYoEF2_gpBRJAR8s5W378.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.8.0/22
87.229.31.0/24
87.229.64.0/24
87.229.125.0/24
Signature Algorithm: sha256WithRSAEncryption
03:0f:41:42:30:07:1d:96:af:a9:84:4c:8b:af:7e:f5:64:0a:
16:86:ec:13:b1:11:be:c6:04:42:6a:41:71:15:d1:6f:95:5f:
ba:df:ba:e2:91:26:3d:01:c6:c2:d6:9c:60:53:0f:37:43:66:
fe:e9:89:25:16:af:d8:8f:1e:a7:0a:7b:08:b1:7f:80:75:b8:
07:9b:82:ab:46:ef:35:c4:98:f7:a1:db:dd:ed:f1:48:62:f3:
30:0c:40:a2:07:42:4c:9b:1c:dd:ba:ad:f3:0f:25:8a:07:03:
ed:ba:86:dc:2a:b2:7f:33:8a:0d:f4:de:d5:19:eb:fc:50:c8:
d8:0f:9d:70:be:7e:28:dd:7d:49:54:07:d6:13:da:bb:83:50:
e2:99:32:45:b7:ac:45:e9:29:f0:da:80:31:6d:81:90:ae:63:
f1:00:e2:78:cc:62:d6:ce:96:61:4d:58:53:15:6d:a2:20:16:
9b:7c:35:71:01:cb:53:52:e7:bf:78:77:e4:a9:81:47:ed:39:
00:41:a2:3e:9f:25:eb:d1:8b:44:40:73:32:6e:ba:7e:43:ef:
0e:b4:d3:6a:d1:0a:7f:75:38:2b:c8:9c:0f:b1:81:b7:1e:c1:
5c:5a:88:4b:1b:92:07:7b:05:79:0b:80:45:00:e6:52:4d:4d:
ed:3a:83:de
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZU7vx34KxzmnU5zX0634PsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDIwMjA0MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjE2Y2NmOTcwZDhhMDQxNzZmZTBhNDE0NDkwMTFmMmNlNTZkZmJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0LqVO3H8WNcoV7CQVQSg1qH4hN6N
jag9leReNKIvVEnaSiXh+s4paR+W+g3Bkmtp/nfDg8b8r2FFpYmB2ZtkN1/Z4pUn
UkAq2ekiC3o4WGDhXsc3YZO4elfDXkAN8FKusIsaqjRRONYQ4x6QGeqFZr+GH7sN
D2Pmeo86Bct4+uR+3tzkyaXU732UfvqMLOvjbFJs+fNoWtv8hzOr2/gRYy0Mqi3q
T9UntZN3EvUScjcIPYVTvAs7uK+rrpTDosvxC1M3vVW1w60+8AqLWwbq/yjrh7SH
e78Bf4+wdeEtiyWkA2TDB6OE+qjeS37I+LwTtMl9xLl2JTui5M17jJ1J4QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFD8WzPlw2KBBdv4KQUSQEfLOVt+/MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvUHhiTS1YRFlvRUYyX2dwQlJKQVI4czVXMzc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCV+UIAwQA
V+UfAwQAV+VAAwQAV+V9MA0GCSqGSIb3DQEBCwUAA4IBAQADD0FCMAcdlq+phEyL
r371ZAoWhuwTsRG+xgRCakFxFdFvlV+637rikSY9AcbC1pxgUw83Q2b+6YklFq/Y
jx6nCnsIsX+AdbgHm4KrRu81xJj3odvd7fFIYvMwDECiB0JMmxzduq3zDyWKBwPt
uobcKrJ/M4oN9N7VGev8UMjYD51wvn4o3X1JVAfWE9q7g1DimTJFt6xF6Snw2oAx
bYGQrmPxAOJ4zGLWzpZhTVhTFW2iIBabfDVxActTUue/eHfkqYFH7TkAQaI+nyXr
0YtEQHMybrp+Q+8OtNNq0Qp/dTgryJwPsYG3HsFcWohLG5IHewV5C4BFAOZSTU3t
OoPe
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:13:08 2025 by rpki-client