Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/cOPZJ-bpETYgkcO8b0HPTdzOMJg.roa
File: cOPZJ-bpETYgkcO8b0HPTdzOMJg.roa (raw, json)
Hash identifier: nT547ez8+020lMInfOYW40CtaWpgibxzLtqF6GNDMeQ=
Subject key identifier: 70:E3:D9:27:E6:E9:11:36:20:91:C3:BC:6F:41:CF:4D:DC:CE:30:98
Certificate issuer: /CN=2874e46bf636ea63e5d12362f551b80b27714780
Certificate serial: 0194CF372A1B4E443D55F4D94828119077A4
Authority key identifier: 28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/cOPZJ-bpETYgkcO8b0HPTdzOMJg.roa
Signing time: Tue 04 Feb 2025 04:28:06 +0000
ROA not before: Tue 04 Feb 2025 04:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57664
IP address blocks: 37.16.96.0/20 maxlen: 23
37.16.112.0/20 maxlen: 24
37.16.112.0/21 maxlen: 21
37.16.120.0/22 maxlen: 22
37.16.124.0/23 maxlen: 23
37.16.126.0/23 maxlen: 23
178.213.232.0/21 maxlen: 21
178.213.239.0/24 maxlen: 24
2a00:4cc0::/32 maxlen: 32
2a00:4cc1:2501::/64 maxlen: 64
Validation: Failed, certificate revoked on Tue 11 Feb 2025 06:17:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cf:37:2a:1b:4e:44:3d:55:f4:d9:48:28:11:90:77:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2874e46bf636ea63e5d12362f551b80b27714780
Validity
Not Before: Feb 4 04:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=70e3d927e6e911362091c3bc6f41cf4ddcce3098
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d1:30:61:b3:6d:67:0c:8a:ee:0e:ad:4e:6a:
93:f4:00:d2:19:1b:83:dc:c2:dd:46:a5:65:b4:d3:
2b:56:30:ab:74:c2:eb:d0:29:e0:71:59:ae:d8:1a:
49:5e:cd:b2:f4:ba:06:36:5d:2d:6b:3e:bf:0e:14:
a9:9f:67:23:61:64:3c:b1:81:16:fd:13:a6:fc:c2:
d7:23:d1:20:28:0e:53:e4:61:1d:19:15:ea:8f:04:
d3:da:0b:62:2c:fb:52:3c:a3:b2:73:22:a4:17:89:
0a:63:f2:7f:d7:81:b6:73:ad:bb:8a:01:ed:b4:21:
98:76:a0:62:98:f8:8f:b4:0b:95:dd:dd:c1:54:2d:
b1:45:37:9d:c3:9e:38:bc:3d:4a:d7:0e:5a:36:2f:
9b:e7:94:6d:08:f4:cd:3d:07:5f:b2:4a:5a:1b:cc:
a3:58:67:19:72:a6:0b:a4:ad:fc:95:91:a2:fb:b8:
15:8d:87:65:bf:61:20:55:eb:8e:54:7d:cc:d8:00:
7e:09:e8:25:9f:5c:56:d7:39:3c:cb:da:38:c4:08:
2f:cc:0a:70:41:93:b3:d4:57:b0:08:1f:71:56:89:
48:c7:c0:d6:61:0f:bc:f5:2a:e2:3d:5d:2d:6b:52:
ff:7b:db:95:a8:6d:6e:31:58:b4:b3:50:44:48:1e:
a6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:E3:D9:27:E6:E9:11:36:20:91:C3:BC:6F:41:CF:4D:DC:CE:30:98
X509v3 Authority Key Identifier:
keyid:28:74:E4:6B:F6:36:EA:63:E5:D1:23:62:F5:51:B8:0B:27:71:47:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KHTka_Y26mPl0SNi9VG4CydxR4A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/cOPZJ-bpETYgkcO8b0HPTdzOMJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/eddc05-402d-4da7-97ef-c10da6aac1b1/1/KHTka_Y26mPl0SNi9VG4CydxR4A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.16.96.0/19
178.213.232.0/21
IPv6:
2a00:4cc0::/32
2a00:4cc1:2501::/64
Signature Algorithm: sha256WithRSAEncryption
94:16:cc:bd:fd:53:7f:79:59:9e:c3:d9:38:3a:a9:80:cd:b6:
d4:8e:d4:b9:8e:34:ae:eb:75:19:0a:70:83:bd:b9:4c:87:13:
e7:be:45:89:87:c8:9e:4a:e8:ac:33:24:39:f9:99:5d:27:92:
37:6f:6d:03:3e:27:5f:1f:48:33:3e:58:bb:4f:38:64:cb:ec:
81:3e:ca:ca:06:dd:f4:2e:e9:4e:fd:5c:6e:6a:22:52:7d:1e:
77:25:07:ab:72:e2:52:7d:4c:60:85:87:b6:51:3f:ba:7b:7d:
1d:50:07:8b:15:dc:37:e4:9f:70:2c:9d:9c:0f:4f:80:7b:00:
0a:96:f8:73:95:d8:9d:d5:47:77:e5:61:44:c4:b7:49:89:5c:
8c:4b:09:1b:0b:3a:c6:33:21:a8:e5:3a:59:ae:95:d4:b7:81:
4e:01:f7:ca:a3:f0:61:59:a4:0c:18:4f:47:79:93:ce:19:3d:
fe:2e:74:c9:2e:97:50:2c:93:99:b9:64:fd:d6:db:20:c7:02:
e4:47:c9:be:8c:56:0b:c0:67:48:a0:90:0b:af:b1:fa:d0:72:
2d:a6:27:27:79:e4:4b:60:ea:95:c1:78:df:7e:4d:40:d2:41:
5c:8f:eb:a6:82:3e:09:5e:a5:cb:c0:4d:0e:09:62:d4:6f:86:
d2:9c:6e:1c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZTPNyobTkQ9VfTZSCgRkHekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4NzRlNDZiZjYzNmVhNjNlNWQxMjM2MmY1NTFiODBiMjc3
MTQ3ODAwHhcNMjUwMjA0MDQyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGUzZDkyN2U2ZTkxMTM2MjA5MWMzYmM2ZjQxY2Y0ZGRjY2UzMDk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtEwYbNtZwyK7g6tTmqT9ADSGRuD
3MLdRqVltNMrVjCrdMLr0CngcVmu2BpJXs2y9LoGNl0taz6/DhSpn2cjYWQ8sYEW
/ROm/MLXI9EgKA5T5GEdGRXqjwTT2gtiLPtSPKOycyKkF4kKY/J/14G2c627igHt
tCGYdqBimPiPtAuV3d3BVC2xRTedw544vD1K1w5aNi+b55RtCPTNPQdfskpaG8yj
WGcZcqYLpK38lZGi+7gVjYdlv2EgVeuOVH3M2AB+Cegln1xW1zk8y9o4xAgvzApw
QZOz1FewCB9xVolIx8DWYQ+89SriPV0ta1L/e9uVqG1uMVi0s1BESB6mFQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHDj2Sfm6RE2IJHDvG9Bz03czjCYMB8GA1UdIwQY
MBaAFCh05Gv2Nupj5dEjYvVRuAsncUeAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYt
YzEwZGE2YWFjMWIxLzEvY09QWkotYnBFVFlna2NPOGIwSFBUZHpPTUpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9lZGRjMDUtNDAyZC00ZGE3LTk3ZWYtYzEwZGE2YWFjMWIx
LzEvS0hUa2FfWTI2bVBsMFNOaTlWRzRDeWR4UjRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQFJRBgAwQD
stXoMBgEAgACMBIDBQAqAEzAAwkAKgBMwSUBAAAwDQYJKoZIhvcNAQELBQADggEB
AJQWzL39U395WZ7D2Tg6qYDNttSO1LmONK7rdRkKcIO9uUyHE+e+RYmHyJ5K6Kwz
JDn5mV0nkjdvbQM+J18fSDM+WLtPOGTL7IE+ysoG3fQu6U79XG5qIlJ9HnclB6ty
4lJ9TGCFh7ZRP7p7fR1QB4sV3Dfkn3AsnZwPT4B7AAqW+HOV2J3VR3flYUTEt0mJ
XIxLCRsLOsYzIajlOlmuldS3gU4B98qj8GFZpAwYT0d5k84ZPf4udMkul1Ask5m5
ZP3W2yDHAuRHyb6MVgvAZ0igkAuvsfrQci2mJyd55Etg6pXBeN9+TUDSQVyP66aC
PglepcvATQ4JYtRvhtKcbhw=
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:54:37 2025 by rpki-client