Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/sagZf7NUXLwtWFdMU0cPtpMPcvU.roa
File: sagZf7NUXLwtWFdMU0cPtpMPcvU.roa (raw, json)
Hash identifier: krZPyZhsobmoOz6evCGkc7sjDz6HddK9mykx9dIjVus=
Subject key identifier: B1:A8:19:7F:B3:54:5C:BC:2D:58:57:4C:53:47:0F:B6:93:0F:72:F5
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 019735BC3DCF2A839DFE423569DBEE930262
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/sagZf7NUXLwtWFdMU0cPtpMPcvU.roa
Signing time: Tue 03 Jun 2025 12:20:18 +0000
ROA not before: Tue 03 Jun 2025 12:20:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 11:09:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:bc:3d:cf:2a:83:9d:fe:42:35:69:db:ee:93:02:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jun 3 12:20:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b1a8197fb3545cbc2d58574c53470fb6930f72f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:fa:4c:8e:d1:26:26:c1:cb:b9:a5:f8:a8:d6:
9a:b1:65:48:99:29:6f:7a:54:8e:44:3c:0f:e7:8d:
24:e9:b1:56:39:bf:1e:99:6b:b0:43:e9:ea:55:01:
a3:b2:bc:4a:78:1c:7e:f1:72:e4:b9:4e:44:6d:68:
98:d9:da:b3:63:8c:2f:07:27:ff:2f:c3:e5:35:77:
e4:dd:5d:a7:38:1d:33:f6:cf:90:e3:1c:b1:45:33:
88:36:d7:4b:35:81:5a:8d:b4:5c:a5:11:48:6e:ec:
97:d4:80:c6:ed:eb:90:bb:8b:5e:7a:02:5b:11:48:
59:51:7a:23:d8:25:c6:43:1f:25:3b:cc:d7:74:fd:
6a:da:e3:0a:32:e1:13:db:be:07:c4:09:2c:e2:97:
9b:db:d1:5a:16:d8:db:b9:7c:67:4a:6a:d9:43:de:
a3:b7:c9:c3:57:f8:a9:6b:40:f4:d5:27:ab:6a:cb:
47:59:48:69:aa:74:d5:8f:b9:d7:1c:82:74:2a:08:
8f:d4:61:d7:84:54:1b:39:f9:dc:86:9a:aa:c1:83:
db:e9:9e:0f:11:1b:4a:b6:4d:0c:f9:13:82:72:7c:
a6:94:a5:10:e8:33:c3:e4:60:1b:f4:0f:21:be:c3:
e0:93:20:6e:1a:8d:40:33:a9:67:26:90:02:af:83:
6e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:A8:19:7F:B3:54:5C:BC:2D:58:57:4C:53:47:0F:B6:93:0F:72:F5
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/sagZf7NUXLwtWFdMU0cPtpMPcvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
74:a8:39:fd:5c:77:01:2b:ec:2d:a4:33:41:1e:b0:53:bf:90:
46:5c:db:fb:78:17:3e:05:6d:42:0c:8b:6b:f8:11:15:3a:44:
d5:14:38:2c:47:62:a7:58:a5:a5:00:31:cb:a8:85:28:5f:d8:
73:42:41:56:35:6a:c7:a6:42:97:6b:84:b6:17:04:f0:93:da:
a2:21:1d:dc:34:16:f4:4b:13:27:a8:82:3c:97:a6:b5:61:46:
19:c4:59:bd:7b:ed:4b:02:be:3f:f8:cb:d3:a8:4e:58:eb:2b:
5d:ff:6a:3a:9d:e0:d2:c4:69:77:4a:19:85:a3:a5:a6:73:6e:
d1:0d:0c:d3:21:e9:3c:fa:64:da:bc:fb:ab:14:17:d7:ba:67:
70:cc:37:4f:11:36:dc:4a:b1:8f:5f:93:e4:4b:3f:ec:f2:d6:
0f:5a:1d:8b:64:25:13:bf:87:67:8b:44:40:71:05:36:41:0c:
be:0d:7a:3a:25:83:09:bb:f0:02:bb:3e:1b:c7:b1:94:44:1d:
58:21:5e:1a:32:16:82:45:d2:0c:c0:8f:f1:f1:5e:0c:0e:9d:
9f:83:b5:41:39:b3:cf:d4:fd:eb:b9:54:97:8a:76:cf:a0:b3:
df:d5:6e:87:13:dc:bb:68:ed:7e:8d:02:88:ef:16:0c:9b:31:
fd:ff:18:32
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZc1vD3PKoOd/kI1advukwJiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwNjAzMTIyMDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWE4MTk3ZmIzNTQ1Y2JjMmQ1ODU3NGM1MzQ3MGZiNjkzMGY3MmY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyPpMjtEmJsHLuaX4qNaasWVImSlv
elSORDwP540k6bFWOb8emWuwQ+nqVQGjsrxKeBx+8XLkuU5EbWiY2dqzY4wvByf/
L8PlNXfk3V2nOB0z9s+Q4xyxRTOINtdLNYFajbRcpRFIbuyX1IDG7euQu4teegJb
EUhZUXoj2CXGQx8lO8zXdP1q2uMKMuET274HxAks4peb29FaFtjbuXxnSmrZQ96j
t8nDV/ipa0D01SerastHWUhpqnTVj7nXHIJ0KgiP1GHXhFQbOfnchpqqwYPb6Z4P
ERtKtk0M+ROCcnymlKUQ6DPD5GAb9A8hvsPgkyBuGo1AM6lnJpACr4NuYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLGoGX+zVFy8LVhXTFNHD7aTD3L1MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvc2FnWmY3TlVYTHd0V0ZkTVUwY1B0cE1QY3ZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiViAwQA
LiVxMA0GCSqGSIb3DQEBCwUAA4IBAQB0qDn9XHcBK+wtpDNBHrBTv5BGXNv7eBc+
BW1CDItr+BEVOkTVFDgsR2KnWKWlADHLqIUoX9hzQkFWNWrHpkKXa4S2FwTwk9qi
IR3cNBb0SxMnqII8l6a1YUYZxFm9e+1LAr4/+MvTqE5Y6ytd/2o6neDSxGl3ShmF
o6Wmc27RDQzTIek8+mTavPurFBfXumdwzDdPETbcSrGPX5PkSz/s8tYPWh2LZCUT
v4dni0RAcQU2QQy+DXo6JYMJu/ACuz4bx7GURB1YIV4aMhaCRdIMwI/x8V4MDp2f
g7VBObPP1P3ruVSXinbPoLPf1W6HE9y7aO1+jQKI7xYMmzH9/xgy
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:25:03 2025 by rpki-client