Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/xBzT6GRIBLp7EUtH_Vwv3M8xb2g.roa
File: xBzT6GRIBLp7EUtH_Vwv3M8xb2g.roa (raw, json)
Hash identifier: GawIpwCyhOfFRd4mj8587c1h90azbQcD5hFeUimPhZU=
Subject key identifier: C4:1C:D3:E8:64:48:04:BA:7B:11:4B:47:FD:5C:2F:DC:CF:31:6F:68
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 01990B223A3E428AA8F68387106483BE1DF9
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/xBzT6GRIBLp7EUtH_Vwv3M8xb2g.roa
Signing time: Tue 02 Sep 2025 15:53:36 +0000
ROA not before: Tue 02 Sep 2025 15:53:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.110.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Sep 2025 04:16:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0b:22:3a:3e:42:8a:a8:f6:83:87:10:64:83:be:1d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Sep 2 15:53:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c41cd3e8644804ba7b114b47fd5c2fdccf316f68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:91:19:e2:72:01:0c:89:30:53:22:6c:84:5d:
96:59:03:df:5f:9d:73:9d:5c:43:fc:d0:c0:01:b7:
de:dc:89:ce:cc:74:71:32:39:68:e7:66:74:9b:07:
33:44:92:a1:90:24:52:53:f1:34:1f:9a:00:f5:f2:
74:42:32:b3:4c:af:39:fa:08:3e:b9:97:73:a5:5d:
ee:4f:be:e1:6f:1f:dd:3e:29:36:3a:6b:4c:8a:db:
ab:7d:87:ed:76:b2:9f:03:e1:e7:51:f9:1f:1b:d4:
5f:e4:83:9d:95:1e:ad:52:91:a7:ad:ea:1e:02:2d:
fe:3a:46:ca:16:e7:af:15:7a:c5:fe:78:0f:04:51:
18:0d:52:8d:e9:90:90:87:4a:c3:e3:d9:93:ca:52:
6b:29:15:f7:f6:3a:df:b2:93:8a:1e:fa:c2:48:3b:
5c:27:07:1b:bb:cd:02:9a:b4:a2:ab:86:ff:f4:f3:
e2:0f:bf:33:eb:b2:6d:5e:43:c9:8e:20:5c:e7:18:
1f:28:ae:cf:ac:63:42:c2:74:25:e0:66:26:1d:ae:
db:12:da:7b:3d:05:2c:10:aa:f2:08:54:7e:f5:61:
83:df:19:db:7e:8d:0b:5d:ce:fe:59:81:fb:a0:fb:
9a:30:88:b8:70:c1:0e:62:0c:ab:8d:81:bb:ae:77:
89:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:1C:D3:E8:64:48:04:BA:7B:11:4B:47:FD:5C:2F:DC:CF:31:6F:68
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/xBzT6GRIBLp7EUtH_Vwv3M8xb2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.110.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:fd:61:0e:85:b5:aa:99:7f:ab:58:5f:c1:38:76:c7:e5:8d:
44:c8:2a:0b:be:b2:4a:ba:18:6d:0c:8a:62:22:0c:98:77:8f:
77:15:4b:f6:5e:b9:ff:51:24:a6:c9:24:e4:6a:47:22:2d:1c:
49:bb:57:5e:34:08:1b:25:d3:55:84:a4:23:c9:87:1d:56:d9:
c3:f2:29:17:6f:a5:6b:34:aa:28:a4:f2:09:5e:62:a0:23:d5:
32:54:bd:69:35:3a:78:a2:cb:a7:ee:e5:4c:26:60:e6:d0:b1:
4a:a2:a7:43:24:51:18:43:13:40:d5:a6:64:a4:f8:8f:23:50:
6b:74:63:88:fb:2d:e9:80:78:ff:e8:51:c8:52:53:06:32:82:
2d:a8:90:af:c7:0f:f5:96:c2:d2:b7:59:c8:ba:86:71:91:5b:
8b:23:56:e2:c4:52:cb:12:3d:8c:b4:e6:ef:e2:29:28:4b:0f:
8e:9f:75:0d:46:44:0c:6b:b8:12:8b:c1:46:54:8a:90:8d:82:
53:cf:ae:03:7f:70:5d:b6:0c:d7:71:22:e4:2b:74:cd:97:e1:
63:29:30:dc:99:17:46:df:05:e8:ee:53:d8:c9:19:d0:12:7d:
54:71:83:05:9b:92:c2:ac:94:0c:27:64:93:06:48:35:c3:0f:
5f:a3:74:22
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkLIjo+Qoqo9oOHEGSDvh35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwOTAyMTU1MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNDFjZDNlODY0NDgwNGJhN2IxMTRiNDdmZDVjMmZkY2NmMzE2ZjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZEZ4nIBDIkwUyJshF2WWQPfX51z
nVxD/NDAAbfe3InOzHRxMjlo52Z0mwczRJKhkCRSU/E0H5oA9fJ0QjKzTK85+gg+
uZdzpV3uT77hbx/dPik2OmtMiturfYftdrKfA+HnUfkfG9Rf5IOdlR6tUpGnreoe
Ai3+OkbKFuevFXrF/ngPBFEYDVKN6ZCQh0rD49mTylJrKRX39jrfspOKHvrCSDtc
Jwcbu80CmrSiq4b/9PPiD78z67JtXkPJjiBc5xgfKK7PrGNCwnQl4GYmHa7bEtp7
PQUsEKryCFR+9WGD3xnbfo0LXc7+WYH7oPuaMIi4cMEOYgyrjYG7rneJ4QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMQc0+hkSAS6exFLR/1cL9zPMW9oMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEveEJ6VDZHUklCTHA3RVV0SF9Wd3YzTTh4YjJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALiViAwQA
LiVuAwQALiVxMA0GCSqGSIb3DQEBCwUAA4IBAQCu/WEOhbWqmX+rWF/BOHbH5Y1E
yCoLvrJKuhhtDIpiIgyYd493FUv2Xrn/USSmySTkakciLRxJu1deNAgbJdNVhKQj
yYcdVtnD8ikXb6VrNKoopPIJXmKgI9UyVL1pNTp4osun7uVMJmDm0LFKoqdDJFEY
QxNA1aZkpPiPI1BrdGOI+y3pgHj/6FHIUlMGMoItqJCvxw/1lsLSt1nIuoZxkVuL
I1bixFLLEj2MtObv4ikoSw+On3UNRkQMa7gSi8FGVIqQjYJTz64Df3BdtgzXcSLk
K3TNl+FjKTDcmRdG3wXo7lPYyRnQEn1UcYMFm5LCrJQMJ2STBkg1ww9fo3Qi
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:21:43 2025 by rpki-client