Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fUM3Bny1E34wJa9EmY7yDgBz2Rs.roa
File: fUM3Bny1E34wJa9EmY7yDgBz2Rs.roa (raw, json)
Hash identifier: epwtp4GH87Hp50DVZueYeAuCY7FyWoOZNKfuPpFuSvg=
Subject key identifier: 7D:43:37:06:7C:B5:13:7E:30:25:AF:44:99:8E:F2:0E:00:73:D9:1B
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0196AF4B9D347A525E919A7748E1998A5029
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fUM3Bny1E34wJa9EmY7yDgBz2Rs.roa
Signing time: Thu 08 May 2025 09:48:10 +0000
ROA not before: Thu 08 May 2025 09:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 79.172.208.0/24 maxlen: 24
79.172.228.0/24 maxlen: 24
87.229.8.0/22 maxlen: 22
87.229.11.0/24 maxlen: 24
87.229.64.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 May 2025 20:27:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:af:4b:9d:34:7a:52:5e:91:9a:77:48:e1:99:8a:50:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: May 8 09:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7d4337067cb5137e3025af44998ef20e0073d91b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:e7:39:73:a4:ea:cb:ef:70:75:1b:b0:d4:30:
3f:c2:e2:f9:2a:25:71:1a:41:14:36:df:ae:7f:11:
77:b5:92:cb:25:fc:5c:cc:79:37:dc:35:9a:71:57:
ab:42:05:cb:c4:67:f0:fb:91:74:39:2c:5e:f8:93:
bd:7a:ba:d4:9a:bd:6e:93:d2:fc:ca:88:9e:fa:54:
e9:ec:a0:c7:28:af:11:6e:56:50:a7:18:2c:8b:ad:
93:1f:cb:51:dd:dc:6f:55:50:e3:e7:77:52:94:21:
08:06:02:11:98:66:40:6b:1d:16:65:0a:06:8c:f6:
44:2e:44:b6:5f:07:dd:fc:15:d6:8f:08:7f:10:91:
7a:c8:9b:ca:fb:39:7b:98:7c:02:7a:dc:9e:33:c3:
79:fc:a2:13:77:ee:f6:c5:54:25:eb:75:4c:af:e0:
0d:0c:5b:9c:de:d1:07:41:8d:a2:b8:55:82:6f:f8:
18:97:d0:a3:bf:56:f1:8f:12:c7:e1:7e:28:d8:54:
24:d4:26:5b:0c:34:a1:b6:bd:5f:42:e1:04:5c:58:
cf:48:ab:8d:b0:df:28:73:7c:01:95:94:11:a4:62:
ad:8b:38:3b:9a:7d:56:32:88:54:6e:b0:58:07:51:
98:51:b0:5b:8b:12:76:8b:6e:f9:be:07:69:c6:4c:
35:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:43:37:06:7C:B5:13:7E:30:25:AF:44:99:8E:F2:0E:00:73:D9:1B
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/fUM3Bny1E34wJa9EmY7yDgBz2Rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.208.0/24
79.172.228.0/24
87.229.8.0/22
87.229.64.0/24
Signature Algorithm: sha256WithRSAEncryption
84:12:c2:b7:2b:ee:ce:cc:1e:ea:77:34:a9:b7:37:ca:59:62:
97:6c:61:05:bd:36:8b:4d:15:1f:3a:36:7b:5a:41:e4:2b:7a:
43:03:63:f8:b9:0d:e3:3c:e2:1f:46:36:23:f1:d7:56:10:e7:
e4:ce:00:ec:3e:2d:6c:de:f3:14:94:53:26:29:0f:ed:a6:74:
eb:73:d3:16:8e:27:7d:3d:a4:22:94:1a:65:b0:4b:db:e1:b9:
be:3f:b6:cc:7e:f9:59:c9:24:1e:99:6e:3f:7f:67:56:24:4b:
6b:4e:01:f4:45:d4:7a:68:36:4b:86:53:c6:fa:39:7a:72:b1:
31:e9:ee:85:13:f0:d0:96:a8:cd:78:cd:72:a7:fd:a2:17:30:
92:60:e4:8a:1f:de:f9:ac:f0:65:09:cb:46:a9:43:de:d1:c3:
51:9a:c4:c9:18:3d:b1:a9:fe:e0:0f:f4:7f:95:cf:bf:48:59:
73:53:6d:17:33:71:87:17:31:06:95:0a:24:fa:7a:05:8b:ba:
3a:f0:b4:51:e0:d2:a7:56:92:09:66:17:52:c1:18:bd:a7:26:
08:a8:bb:8d:38:ea:9a:4b:15:b5:77:1b:1f:22:a4:83:c7:46:
45:2e:f2:52:52:e9:6f:ba:41:2e:02:2e:1b:0b:1e:6c:a9:3f:
3d:21:9c:45
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZavS500elJekZp3SOGZilApMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNTA4MDk0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDQzMzcwNjdjYjUxMzdlMzAyNWFmNDQ5OThlZjIwZTAwNzNkOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx+c5c6Tqy+9wdRuw1DA/wuL5KiVx
GkEUNt+ufxF3tZLLJfxczHk33DWacVerQgXLxGfw+5F0OSxe+JO9errUmr1uk9L8
yoie+lTp7KDHKK8RblZQpxgsi62TH8tR3dxvVVDj53dSlCEIBgIRmGZAax0WZQoG
jPZELkS2Xwfd/BXWjwh/EJF6yJvK+zl7mHwCetyeM8N5/KITd+72xVQl63VMr+AN
DFuc3tEHQY2iuFWCb/gYl9Cjv1bxjxLH4X4o2FQk1CZbDDShtr1fQuEEXFjPSKuN
sN8oc3wBlZQRpGKtizg7mn1WMohUbrBYB1GYUbBbixJ2i275vgdpxkw1ZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFH1DNwZ8tRN+MCWvRJmO8g4Ac9kbMB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvZlVNM0JueTFFMzR3SmE5RW1ZN3lEZ0J6MlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAT6zQAwQA
T6zkAwQCV+UIAwQAV+VAMA0GCSqGSIb3DQEBCwUAA4IBAQCEEsK3K+7OzB7qdzSp
tzfKWWKXbGEFvTaLTRUfOjZ7WkHkK3pDA2P4uQ3jPOIfRjYj8ddWEOfkzgDsPi1s
3vMUlFMmKQ/tpnTrc9MWjid9PaQilBplsEvb4bm+P7bMfvlZySQemW4/f2dWJEtr
TgH0RdR6aDZLhlPG+jl6crEx6e6FE/DQlqjNeM1yp/2iFzCSYOSKH975rPBlCctG
qUPe0cNRmsTJGD2xqf7gD/R/lc+/SFlzU20XM3GHFzEGlQok+noFi7o68LRR4NKn
VpIJZhdSwRi9pyYIqLuNOOqaSxW1dxsfIqSDx0ZFLvJSUulvukEuAi4bCx5sqT89
IZxF
-----END CERTIFICATE-----
Generated at Sun Jun 8 11:15:03 2025 by rpki-client