Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XM75zEEohTwn-tGpooxJHJWIKFw.roa
File: XM75zEEohTwn-tGpooxJHJWIKFw.roa (raw, json)
Hash identifier: vxZstzWVW+f8DXK57KuP4ZQWMcskzI4ggqKXbPI+j1M=
Subject key identifier: 5C:CE:F9:CC:41:28:85:3C:27:FA:D1:A9:A2:8C:49:1C:95:88:28:5C
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0194F3DE4FF0285E2F76A544432AA5959DF7
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XM75zEEohTwn-tGpooxJHJWIKFw.roa
Signing time: Tue 11 Feb 2025 07:17:00 +0000
ROA not before: Tue 11 Feb 2025 07:17:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.229.48.0/24 maxlen: 24
87.229.50.0/24 maxlen: 24
87.229.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 12 Feb 2025 09:42:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f3:de:4f:f0:28:5e:2f:76:a5:44:43:2a:a5:95:9d:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Feb 11 07:17:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5ccef9cc4128853c27fad1a9a28c491c9588285c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:8c:c1:35:06:8f:f5:9a:1c:58:5e:9c:27:51:
08:76:bf:06:ba:67:78:e2:54:03:6e:c9:92:83:f0:
ba:2f:99:3c:73:32:b3:42:0a:ae:95:bf:44:55:71:
a1:db:9f:bf:b0:c4:1a:9d:74:ba:ce:7a:6d:4f:0b:
35:ea:6f:6b:28:3c:19:8b:4d:a6:68:0b:60:fb:d2:
e9:28:71:11:26:be:da:70:7e:d7:4e:cc:73:88:db:
f8:e2:da:e2:7e:f0:ea:02:9f:e0:be:61:ac:87:86:
9a:73:8c:02:d7:03:0e:46:33:1d:65:c0:5b:57:8d:
19:17:f9:a0:3b:6a:ec:af:da:68:ab:71:80:be:97:
b0:3c:01:78:90:db:b0:e0:45:03:73:11:7a:ff:78:
67:92:80:a0:dd:68:84:ff:66:d2:75:c1:ad:e3:e1:
d2:7a:e1:3e:72:ed:e6:c1:fe:c8:54:d7:02:82:50:
16:ec:dc:59:87:1c:d9:d6:bb:6c:cf:b1:80:60:5f:
44:c3:8b:3e:60:41:1b:df:fc:b3:6c:0d:6a:13:d5:
a9:9f:6c:04:bd:eb:84:70:b5:94:5a:68:7a:82:69:
77:f0:d3:cc:71:d3:39:86:c9:cd:5a:4f:5a:14:94:
ef:34:ee:bd:ff:70:c7:2a:da:72:d2:dd:6d:77:f5:
63:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:CE:F9:CC:41:28:85:3C:27:FA:D1:A9:A2:8C:49:1C:95:88:28:5C
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/XM75zEEohTwn-tGpooxJHJWIKFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.48.0/24
87.229.50.0/24
87.229.81.0/24
Signature Algorithm: sha256WithRSAEncryption
98:92:f1:b8:68:a5:25:bf:b0:a8:72:8e:81:b1:63:1b:88:b3:
78:f0:6e:6c:a9:62:ca:f2:ae:d6:0a:00:8e:b2:da:ba:84:3f:
f1:39:3b:6d:71:1b:fd:39:67:fd:a2:f8:31:9f:4f:4a:e5:da:
ef:e9:20:34:b2:9d:7e:94:b0:bf:15:0e:df:26:b4:a7:49:c9:
13:2d:01:50:54:d4:45:4d:62:22:b8:cd:ad:98:d1:af:8c:6c:
82:5e:a6:60:80:75:b6:2a:d2:74:58:1f:10:b1:96:8b:7c:1d:
df:d9:f7:c0:ae:19:bf:9c:c7:94:fe:76:8d:73:af:8c:a4:5a:
ce:74:fd:ed:f3:d3:4e:6b:63:47:a3:5d:7b:ca:4c:25:61:49:
a1:0e:4f:5c:4c:a8:14:8a:db:c3:0b:01:9a:bc:4e:10:c4:82:
da:65:ec:54:65:b3:e9:67:72:98:e6:9a:48:6f:98:43:77:89:
0f:65:da:58:87:6c:ad:5e:5f:fb:ec:ed:5d:00:8a:d4:d6:aa:
d8:5a:4d:d0:e8:29:eb:0e:2e:f2:aa:70:92:c1:0c:bb:f8:53:
55:18:57:6b:a2:1c:3e:a1:40:e6:29:1f:36:d1:aa:ba:ce:48:
3c:b2:57:32:0d:52:d1:0d:02:96:c7:6e:4e:fe:d4:69:63:cc:
44:7c:a8:0f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZTz3k/wKF4vdqVEQyqllZ33MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwMjExMDcxNzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Y2NlZjljYzQxMjg4NTNjMjdmYWQxYTlhMjhjNDkxYzk1ODgyODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYzBNQaP9ZocWF6cJ1EIdr8Gumd4
4lQDbsmSg/C6L5k8czKzQgqulb9EVXGh25+/sMQanXS6znptTws16m9rKDwZi02m
aAtg+9LpKHERJr7acH7XTsxziNv44trifvDqAp/gvmGsh4aac4wC1wMORjMdZcBb
V40ZF/mgO2rsr9poq3GAvpewPAF4kNuw4EUDcxF6/3hnkoCg3WiE/2bSdcGt4+HS
euE+cu3mwf7IVNcCglAW7NxZhxzZ1rtsz7GAYF9Ew4s+YEEb3/yzbA1qE9Wpn2wE
veuEcLWUWmh6gml38NPMcdM5hsnNWk9aFJTvNO69/3DHKtpy0t1td/VjXQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFzO+cxBKIU8J/rRqaKMSRyViChcMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvWE03NXpFRW9oVHduLXRHcG9veEpISldJS0Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAV+UwAwQA
V+UyAwQAV+VRMA0GCSqGSIb3DQEBCwUAA4IBAQCYkvG4aKUlv7Coco6BsWMbiLN4
8G5sqWLK8q7WCgCOstq6hD/xOTttcRv9OWf9ovgxn09K5drv6SA0sp1+lLC/FQ7f
JrSnSckTLQFQVNRFTWIiuM2tmNGvjGyCXqZggHW2KtJ0WB8QsZaLfB3f2ffArhm/
nMeU/naNc6+MpFrOdP3t89NOa2NHo117ykwlYUmhDk9cTKgUitvDCwGavE4QxILa
ZexUZbPpZ3KY5ppIb5hDd4kPZdpYh2ytXl/77O1dAIrU1qrYWk3Q6CnrDi7yqnCS
wQy7+FNVGFdrohw+oUDmKR820aq6zkg8slcyDVLRDQKWx25O/tRpY8xEfKgP
-----END CERTIFICATE-----
Generated at Sat Apr 12 21:01:14 2025 by rpki-client