Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/eNktahjEuS45oaGxycx5S7Pg0lY.roa
File: eNktahjEuS45oaGxycx5S7Pg0lY.roa (raw, json)
Hash identifier: jF2Mh63XY8JJrtWeEW6pBKHQfpJurxuXOr9lCW9KTU4=
Subject key identifier: 78:D9:2D:6A:18:C4:B9:2E:39:A1:A1:B1:C9:CC:79:4B:B3:E0:D2:56
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0196BE72B47900666F94F0A7245DA2E96341
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/eNktahjEuS45oaGxycx5S7Pg0lY.roa
Signing time: Sun 11 May 2025 08:25:10 +0000
ROA not before: Sun 11 May 2025 08:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.208.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.11.0/24 maxlen: 24
87.229.14.0/24 maxlen: 24
87.229.34.0/24 maxlen: 24
87.229.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 12:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:be:72:b4:79:00:66:6f:94:f0:a7:24:5d:a2:e9:63:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: May 11 08:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78d92d6a18c4b92e39a1a1b1c9cc794bb3e0d256
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:98:3e:b9:90:9b:f5:0a:f2:ae:16:0e:4f:5a:
75:f3:cc:52:15:69:40:82:93:9a:de:07:24:7e:ea:
bb:62:0a:2f:89:b0:91:09:f2:1a:55:b5:99:d3:20:
72:14:65:4d:87:cb:80:c3:9d:91:b1:a8:1e:59:f1:
ce:8b:cf:5c:37:38:1d:3f:62:11:0f:a2:fa:61:7d:
3f:39:a8:d7:3f:47:11:b3:9d:46:3b:5a:01:3a:7a:
98:f3:e3:e7:20:98:92:32:b9:e3:d8:0e:90:b9:22:
94:c2:84:ef:95:f3:06:36:29:9d:46:93:35:5c:d5:
b7:b5:98:9f:24:f7:df:c0:e2:27:36:6c:a8:22:07:
3b:e1:83:a7:04:5e:2b:7e:7b:fe:d2:80:da:d3:4a:
6b:a5:97:51:e2:ac:0f:a7:b1:a7:e9:79:59:74:31:
86:3c:52:5c:0f:00:9b:25:59:b5:0b:f1:6d:aa:fa:
9e:9c:9d:a3:a0:c2:22:f3:c0:52:f6:66:bb:8f:63:
37:64:07:b1:5a:85:fe:84:a9:5f:ad:57:87:27:85:
af:9f:5c:05:51:f1:0a:44:8f:57:e4:90:1f:3e:f1:
f1:d1:1c:f8:b2:c4:80:a3:40:c7:6e:3b:45:22:ee:
c5:27:43:2e:be:b4:de:2a:d4:da:cd:4b:d6:39:ae:
5f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D9:2D:6A:18:C4:B9:2E:39:A1:A1:B1:C9:CC:79:4B:B3:E0:D2:56
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/eNktahjEuS45oaGxycx5S7Pg0lY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.208.0/24
79.172.228.0/24
87.229.8.0/22
87.229.14.0/24
87.229.34.0/24
87.229.64.0/24
Signature Algorithm: sha256WithRSAEncryption
59:d5:a4:69:82:7e:6c:e2:ce:5d:88:a7:e6:e7:90:87:51:80:
2e:8d:e5:de:c3:7b:b0:13:4f:b5:a5:ac:39:0e:b5:71:ed:b5:
44:db:86:4c:a7:dd:74:9c:73:15:a3:37:ae:ce:11:02:d6:ab:
45:25:41:e9:a9:c9:4b:cd:0b:26:f3:12:b0:ae:75:e1:54:26:
86:57:26:b3:dd:67:5f:c4:73:ce:90:20:bd:a8:6e:7a:b5:ec:
7c:6f:11:09:4e:50:78:cd:8a:e9:55:52:2d:03:23:20:da:08:
70:18:9c:1b:36:0d:65:c2:7b:98:10:10:78:a0:3c:d3:9f:bb:
19:40:f3:0d:4a:a8:02:f5:ba:d7:22:1b:32:50:a2:6e:4c:37:
67:98:79:df:e4:d6:c3:3d:8f:c0:f1:94:29:57:64:55:df:b2:
f5:37:6d:e6:69:17:f5:dd:ae:56:55:99:0f:e0:f2:3f:07:5c:
bc:2b:90:4f:af:d2:0a:b4:84:f2:1b:74:73:eb:ba:cf:24:bb:
c4:0d:a8:80:a2:5e:15:dd:bb:65:44:a1:82:b9:95:a5:9d:2b:
87:86:af:f2:fe:dc:eb:b5:06:ab:ca:7b:e6:93:e2:94:33:a7:
06:c1:d3:c9:76:49:05:5f:c3:8f:58:38:14:58:a0:9a:5f:98:
82:8f:1c:37
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZa+crR5AGZvlPCnJF2i6WNBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNTExMDgyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGQ5MmQ2YTE4YzRiOTJlMzlhMWExYjFjOWNjNzk0YmIzZTBkMjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZg+uZCb9QryrhYOT1p188xSFWlA
gpOa3gckfuq7YgovibCRCfIaVbWZ0yByFGVNh8uAw52RsageWfHOi89cNzgdP2IR
D6L6YX0/OajXP0cRs51GO1oBOnqY8+PnIJiSMrnj2A6QuSKUwoTvlfMGNimdRpM1
XNW3tZifJPffwOInNmyoIgc74YOnBF4rfnv+0oDa00prpZdR4qwPp7Gn6XlZdDGG
PFJcDwCbJVm1C/FtqvqenJ2joMIi88BS9ma7j2M3ZAexWoX+hKlfrVeHJ4Wvn1wF
UfEKRI9X5JAfPvHx0Rz4ssSAo0DHbjtFIu7FJ0MuvrTeKtTazUvWOa5f1wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHjZLWoYxLkuOaGhscnMeUuz4NJWMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvZU5rdGFoakV1UzQ1b2FHeHljeDVTN1BnMGxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAT6zQAwQA
T6zkAwQCV+UIAwQAV+UOAwQAV+UiAwQAV+VAMA0GCSqGSIb3DQEBCwUAA4IBAQBZ
1aRpgn5s4s5diKfm55CHUYAujeXew3uwE0+1paw5DrVx7bVE24ZMp910nHMVozeu
zhEC1qtFJUHpqclLzQsm8xKwrnXhVCaGVyaz3WdfxHPOkCC9qG56tex8bxEJTlB4
zYrpVVItAyMg2ghwGJwbNg1lwnuYEBB4oDzTn7sZQPMNSqgC9brXIhsyUKJuTDdn
mHnf5NbDPY/A8ZQpV2RV37L1N23maRf13a5WVZkP4PI/B1y8K5BPr9IKtITyG3Rz
67rPJLvEDaiAol4V3btlRKGCuZWlnSuHhq/y/tzrtQarynvmk+KUM6cGwdPJdkkF
X8OPWDgUWKCaX5iCjxw3
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:59:46 2025 by rpki-client