Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/DO0T4I7liFxWWPTJIa4mTzL84N4.roa
File: DO0T4I7liFxWWPTJIa4mTzL84N4.roa (raw, json)
Hash identifier: VL634aAq0PTF1pSR6v+JkVEXGb5HVyU0LA+Za33cWcQ=
Subject key identifier: 0C:ED:13:E0:8E:E5:88:5C:56:58:F4:C9:21:AE:26:4F:32:FC:E0:DE
Certificate issuer: /CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Certificate serial: 0196859890EB61F4D8775431D9A19AF63F53
Authority key identifier: B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/DO0T4I7liFxWWPTJIa4mTzL84N4.roa
Signing time: Wed 30 Apr 2025 07:28:10 +0000
ROA not before: Wed 30 Apr 2025 07:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203971
IP address blocks: 37.32.64.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 01 May 2025 07:43:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:85:98:90:eb:61:f4:d8:77:54:31:d9:a1:9a:f6:3f:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4e82ba1715d6aeae5b0102725ffe0c834735d7d
Validity
Not Before: Apr 30 07:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ced13e08ee5885c5658f4c921ae264f32fce0de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:32:9e:07:c4:7e:f4:16:89:48:d1:5b:e5:56:
a7:84:89:24:a8:4e:c7:8d:30:de:81:8e:cf:f4:e3:
9c:08:07:3c:ad:0e:97:44:32:f5:89:0e:c5:4c:ce:
a2:34:1a:c0:cc:79:fc:cc:80:f6:d9:7b:cd:44:1e:
ac:6d:91:36:95:b4:1c:0c:c6:b9:88:18:a8:4c:78:
99:cd:42:72:18:94:a3:00:32:61:78:96:ce:24:e8:
fe:44:06:58:52:79:6e:90:96:c9:eb:5b:19:d4:41:
27:0a:b9:fc:87:aa:57:25:6c:10:71:f9:58:35:23:
fa:d4:cd:5d:c6:8e:b6:fd:5b:e8:4a:21:69:ae:be:
44:2c:02:75:9b:28:34:8c:36:87:2e:3f:e9:c2:4c:
4f:9a:d0:a2:ba:7d:a9:2e:1e:3e:d0:84:10:90:8d:
40:c3:da:9e:31:cf:17:4c:be:70:60:fb:be:a8:fc:
60:d4:09:b2:c3:ac:ff:a2:37:05:f5:c9:ec:3a:57:
77:c4:aa:62:65:83:56:4b:77:d4:80:f0:70:af:1d:
ed:7e:8d:83:d2:2a:28:18:30:81:9a:e2:54:7f:0d:
cd:2c:ee:37:81:98:99:b7:2b:b4:3c:86:ca:80:6a:
11:03:d5:42:6c:8b:42:71:f0:33:da:f9:c2:71:4c:
01:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:ED:13:E0:8E:E5:88:5C:56:58:F4:C9:21:AE:26:4F:32:FC:E0:DE
X509v3 Authority Key Identifier:
keyid:B4:E8:2B:A1:71:5D:6A:EA:E5:B0:10:27:25:FF:E0:C8:34:73:5D:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tOgroXFdaurlsBAnJf_gyDRzXX0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/DO0T4I7liFxWWPTJIa4mTzL84N4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/9151c0-3326-4801-9363-c7d19930d66d/1/tOgroXFdaurlsBAnJf_gyDRzXX0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.64.0/20
Signature Algorithm: sha256WithRSAEncryption
74:a7:03:98:dc:66:41:b3:94:4e:de:43:70:74:5c:4b:09:32:
b4:c9:6f:46:9b:16:f6:4c:91:ef:ac:70:94:dd:31:b3:5a:d1:
91:a2:8b:48:bf:54:7c:28:87:6f:33:86:b9:42:ed:93:5b:80:
c3:5d:ff:b0:87:09:bc:57:c9:e2:5e:3f:14:30:9a:27:09:d8:
fd:60:4f:be:00:6a:e4:35:00:e7:af:17:6d:b8:ca:88:cb:2e:
ab:09:fc:ca:47:84:64:bb:fa:a3:4e:68:e4:20:9b:f7:58:59:
ea:70:81:ec:45:f3:4b:1c:2d:cc:87:f1:35:20:99:64:ab:cb:
01:1f:8a:c3:c2:9e:7e:97:fa:b5:cf:d0:6c:8d:d1:9d:9f:ba:
22:cb:b2:52:a7:ac:31:93:c6:31:c9:84:bd:66:3a:de:05:5f:
0e:3e:74:d4:cc:e2:d2:bd:33:c7:89:ef:bc:b6:e6:cf:af:38:
8d:ee:02:aa:d7:19:71:84:d0:c3:40:f3:1d:08:80:e2:6b:ec:
1c:48:75:65:b4:c3:88:1c:0a:c4:4a:27:6e:44:67:6a:3b:fb:
a4:13:35:ca:89:f0:46:a4:bb:d5:28:2a:00:c1:87:f6:85:a9:
65:d8:2a:04:54:fe:f0:9d:d0:5e:bd:bd:fc:f6:cb:14:21:4c:
f5:17:7d:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaFmJDrYfTYd1Qx2aGa9j9TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZTgyYmExNzE1ZDZhZWFlNWIwMTAyNzI1ZmZlMGM4MzQ3
MzVkN2QwHhcNMjUwNDMwMDcyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2VkMTNlMDhlZTU4ODVjNTY1OGY0YzkyMWFlMjY0ZjMyZmNlMGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2TKeB8R+9BaJSNFb5VanhIkkqE7H
jTDegY7P9OOcCAc8rQ6XRDL1iQ7FTM6iNBrAzHn8zID22XvNRB6sbZE2lbQcDMa5
iBioTHiZzUJyGJSjADJheJbOJOj+RAZYUnlukJbJ61sZ1EEnCrn8h6pXJWwQcflY
NSP61M1dxo62/VvoSiFprr5ELAJ1myg0jDaHLj/pwkxPmtCiun2pLh4+0IQQkI1A
w9qeMc8XTL5wYPu+qPxg1Amyw6z/ojcF9cnsOld3xKpiZYNWS3fUgPBwrx3tfo2D
0iooGDCBmuJUfw3NLO43gZiZtyu0PIbKgGoRA9VCbItCcfAz2vnCcUwB7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAztE+CO5YhcVlj0ySGuJk8y/ODeMB8GA1UdIwQY
MBaAFLToK6FxXWrq5bAQJyX/4Mg0c119MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMt
YzdkMTk5MzBkNjZkLzEvRE8wVDRJN2xpRnhXV1BUSklhNG1Uekw4NE40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy85MTUxYzAtMzMyNi00ODAxLTkzNjMtYzdkMTk5MzBkNjZk
LzEvdE9ncm9YRmRhdXJsc0JBbkpmX2d5RFJ6WFgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEJSBAMA0G
CSqGSIb3DQEBCwUAA4IBAQB0pwOY3GZBs5RO3kNwdFxLCTK0yW9Gmxb2TJHvrHCU
3TGzWtGRootIv1R8KIdvM4a5Qu2TW4DDXf+whwm8V8niXj8UMJonCdj9YE++AGrk
NQDnrxdtuMqIyy6rCfzKR4Rku/qjTmjkIJv3WFnqcIHsRfNLHC3Mh/E1IJlkq8sB
H4rDwp5+l/q1z9BsjdGdn7oiy7JSp6wxk8YxyYS9ZjreBV8OPnTUzOLSvTPHie+8
tubPrziN7gKq1xlxhNDDQPMdCIDia+wcSHVltMOIHArESiduRGdqO/ukEzXKifBG
pLvVKCoAwYf2hall2CoEVP7wndBevb389ssUIUz1F32f
-----END CERTIFICATE-----
Generated at Sun Jun 8 05:00:39 2025 by rpki-client