Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/O8aOqhXF34YkMcaCoYTT-gLZHjs.roa
File: O8aOqhXF34YkMcaCoYTT-gLZHjs.roa (raw, json)
Hash identifier: +Y2iTgBjVnJ1AP/Wnduh4P1uEQWg0jftX7+wkkURk1g=
Subject key identifier: 3B:C6:8E:AA:15:C5:DF:86:24:31:C6:82:A1:84:D3:FA:02:D9:1E:3B
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 019648F9765C9792FFC6D79E78D9FE59A8E5
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/O8aOqhXF34YkMcaCoYTT-gLZHjs.roa
Signing time: Fri 18 Apr 2025 12:57:10 +0000
ROA not before: Fri 18 Apr 2025 12:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.229.8.0/22 maxlen: 22
87.229.31.0/24 maxlen: 24
87.229.64.0/24 maxlen: 24
87.229.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 19 Apr 2025 13:23:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:f9:76:5c:97:92:ff:c6:d7:9e:78:d9:fe:59:a8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Apr 18 12:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bc68eaa15c5df862431c682a184d3fa02d91e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:fc:8b:14:0e:42:02:bd:35:58:17:79:18:70:
1c:35:65:63:d6:6b:7f:3a:b6:6a:05:58:18:0b:55:
45:da:16:8c:1b:d4:cd:5e:d4:f5:b2:45:ae:59:56:
61:09:17:de:97:99:41:0a:39:40:25:3f:8d:b4:40:
01:10:47:32:ff:4e:85:f5:c9:80:1d:e9:d7:74:fb:
3e:0a:04:3c:9e:38:82:df:3f:c9:62:8c:e1:06:04:
53:79:59:49:5d:14:b2:dd:3d:c0:6a:70:7d:e0:7e:
13:e1:65:d6:6e:30:c3:a4:57:63:9f:41:05:80:c2:
4e:1e:d4:87:12:46:49:6c:55:87:dd:29:3a:54:4f:
7a:64:5b:69:3d:06:3a:ea:92:7e:5b:c4:5c:6e:64:
2e:5b:ca:02:f6:e3:46:85:3a:f8:b9:57:64:52:89:
3d:3b:d7:17:fd:50:33:31:4d:f0:bd:c7:4c:87:43:
a9:01:cc:8f:6d:c6:b6:27:a0:0e:d2:63:50:6c:f6:
5f:22:4d:3d:d1:82:f3:88:b1:fb:c1:7c:3b:45:26:
33:10:de:2b:43:ef:93:c3:bd:32:71:33:13:38:f4:
b1:67:ee:93:12:35:47:f1:01:cb:d2:24:7e:2b:ba:
b1:f3:90:96:14:41:26:5e:cd:5e:21:c9:18:7c:75:
04:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C6:8E:AA:15:C5:DF:86:24:31:C6:82:A1:84:D3:FA:02:D9:1E:3B
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/O8aOqhXF34YkMcaCoYTT-gLZHjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.8.0/22
87.229.31.0/24
87.229.64.0/24
87.229.125.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:1f:cb:5a:cc:26:75:0e:a3:f4:c5:06:8e:02:14:04:33:2b:
03:c3:8a:a9:70:98:5c:40:a3:b3:b0:f3:5c:1d:fc:3b:64:52:
8d:a2:6a:0f:31:79:88:62:ca:3f:5d:79:9a:3e:0b:08:1f:52:
75:74:07:27:02:bd:c1:0e:b7:79:2e:35:5c:f6:11:16:7a:b3:
7b:44:fc:f7:48:f1:e3:87:ff:37:2b:f4:01:83:99:48:8b:dc:
fb:06:4c:b2:e2:47:e3:60:d8:2b:2f:e6:3f:82:5f:e8:6c:4e:
66:27:f6:b4:ef:5f:92:a3:08:90:7a:6e:fb:62:7c:81:5b:7f:
20:15:8b:b9:01:42:3f:24:6e:de:6f:a8:84:38:b2:7d:a8:0c:
e3:ad:c5:f2:c4:18:b6:d8:77:10:61:16:e0:64:ed:f9:be:2b:
6e:5a:83:f0:a3:ff:ca:90:f3:96:76:c7:ad:f4:0d:84:fe:66:
26:67:6f:48:20:07:e2:c5:5c:23:33:5c:24:75:75:a7:15:c8:
a0:aa:2a:60:3b:74:ba:73:a0:ab:8b:b0:89:fc:9e:b6:c6:12:
21:88:77:48:ef:6b:0b:9c:f4:8c:36:78:21:b4:fe:99:c8:63:
8f:43:52:7a:4d:98:7d:42:56:b7:a1:12:92:5e:14:18:2a:2a:
e2:52:2e:a2
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZZI+XZcl5L/xteeeNn+WajlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNDE4MTI1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM2OGVhYTE1YzVkZjg2MjQzMWM2ODJhMTg0ZDNmYTAyZDkxZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/PyLFA5CAr01WBd5GHAcNWVj1mt/
OrZqBVgYC1VF2haMG9TNXtT1skWuWVZhCRfel5lBCjlAJT+NtEABEEcy/06F9cmA
HenXdPs+CgQ8njiC3z/JYozhBgRTeVlJXRSy3T3AanB94H4T4WXWbjDDpFdjn0EF
gMJOHtSHEkZJbFWH3Sk6VE96ZFtpPQY66pJ+W8RcbmQuW8oC9uNGhTr4uVdkUok9
O9cX/VAzMU3wvcdMh0OpAcyPbca2J6AO0mNQbPZfIk090YLziLH7wXw7RSYzEN4r
Q++Tw70ycTMTOPSxZ+6TEjVH8QHL0iR+K7qx85CWFEEmXs1eIckYfHUEwwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDvGjqoVxd+GJDHGgqGE0/oC2R47MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvTzhhT3FoWEYzNFlrTWNhQ29ZVFQtZ0xaSGpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCV+UIAwQA
V+UfAwQAV+VAAwQAV+V9MA0GCSqGSIb3DQEBCwUAA4IBAQAOH8tazCZ1DqP0xQaO
AhQEMysDw4qpcJhcQKOzsPNcHfw7ZFKNomoPMXmIYso/XXmaPgsIH1J1dAcnAr3B
Drd5LjVc9hEWerN7RPz3SPHjh/83K/QBg5lIi9z7Bkyy4kfjYNgrL+Y/gl/obE5m
J/a071+SowiQem77YnyBW38gFYu5AUI/JG7eb6iEOLJ9qAzjrcXyxBi22HcQYRbg
ZO35vituWoPwo//KkPOWdset9A2E/mYmZ29IIAfixVwjM1wkdXWnFcigqipgO3S6
c6Cri7CJ/J62xhIhiHdI72sLnPSMNnghtP6ZyGOPQ1J6TZh9Qla3oRKSXhQYKiri
Ui6i
-----END CERTIFICATE-----
Generated at Sun May 11 05:32:11 2025 by rpki-client