Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/nZ7HBwBnPSudZuqhMiVDH-h2gvw.roa
File: nZ7HBwBnPSudZuqhMiVDH-h2gvw.roa (raw, json)
Hash identifier: Vq5isFlGJtBMdtXarnJ2khMYQ0m0Anu3DWQkBv3TJ3s=
Subject key identifier: 9D:9E:C7:07:00:67:3D:2B:9D:66:EA:A1:32:25:43:1F:E8:76:82:FC
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 0197AB0469B28A82FF849AC9B979FFA0B737
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/nZ7HBwBnPSudZuqhMiVDH-h2gvw.roa
Signing time: Thu 26 Jun 2025 06:54:42 +0000
ROA not before: Thu 26 Jun 2025 06:54:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 87.229.8.0/22 maxlen: 22
87.229.23.0/24 maxlen: 24
87.229.108.0/24 maxlen: 24
87.229.112.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Jul 2025 13:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ab:04:69:b2:8a:82:ff:84:9a:c9:b9:79:ff:a0:b7:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jun 26 06:54:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9d9ec70700673d2b9d66eaa13225431fe87682fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9a:b7:59:1b:de:e0:ee:63:fd:40:00:43:ad:
38:e9:af:70:95:a4:9a:85:22:b3:4f:6b:fc:4c:70:
60:76:c2:6c:1f:59:e6:ef:90:10:63:46:84:08:89:
cb:0e:a3:d7:ff:f8:5d:fd:d7:37:6c:78:dc:0a:5e:
8d:a8:4c:51:ea:a4:6c:07:f3:d6:c1:c1:5c:93:2a:
b3:6d:5d:d3:5d:52:a2:8c:f7:47:ac:5a:86:bf:63:
19:4c:6f:d5:d3:9c:c9:c8:62:d6:36:4a:d8:fd:8a:
17:ff:82:be:7f:a8:41:c0:be:12:46:13:84:0a:15:
16:f7:fd:5e:cb:bb:a2:46:d0:3c:ad:26:91:c1:44:
42:d0:61:14:e8:ef:b4:2a:87:5a:d1:51:b9:39:c9:
c4:b5:78:17:c5:fc:00:d0:06:58:2e:f4:67:61:0c:
50:21:e7:8e:27:43:ca:d8:db:f6:1c:ee:b9:ae:80:
97:44:3c:27:ae:83:6e:63:1e:1f:30:ee:2d:a1:ee:
f2:bf:2b:d6:80:76:42:86:0f:6a:31:b2:2e:32:86:
16:66:89:71:f0:eb:f6:63:3d:b5:5f:bb:1e:95:e5:
6d:5d:63:17:8b:89:6b:00:c1:37:a0:96:87:10:ad:
01:64:eb:b8:53:ca:f3:e4:ee:38:90:c5:a0:82:c0:
66:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9E:C7:07:00:67:3D:2B:9D:66:EA:A1:32:25:43:1F:E8:76:82:FC
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/nZ7HBwBnPSudZuqhMiVDH-h2gvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.229.8.0/22
87.229.23.0/24
87.229.108.0/24
87.229.112.0/24
Signature Algorithm: sha256WithRSAEncryption
55:91:cc:ee:84:4d:84:c2:75:cc:94:16:7a:4c:11:03:83:51:
1a:9c:92:54:6b:75:fd:7b:e1:15:00:ac:72:0a:5e:d2:b4:bb:
57:c4:af:3e:e1:94:0a:3f:2e:b4:4d:54:81:ab:83:6a:b8:5f:
3e:91:fd:1e:15:4c:8d:d7:c3:02:be:65:09:b2:bd:64:c0:a1:
00:ed:eb:f5:6f:c9:8e:f5:db:6a:05:8f:fc:d6:8c:b5:c1:17:
0b:00:d8:ac:42:a6:74:1d:f4:e7:24:2f:ab:c6:4c:3a:29:65:
4e:70:2c:fc:c8:20:c0:7f:de:46:5e:46:39:94:ec:97:3e:3d:
cb:f3:c6:82:d7:82:06:b3:23:46:ae:61:f9:79:ca:56:2f:e4:
fa:81:c3:bc:b8:61:c5:75:81:81:71:1b:9b:bd:90:d3:df:10:
9d:ef:57:57:9e:ae:6e:ae:d6:2e:d4:b4:77:8d:92:1a:3e:32:
28:24:30:c1:ca:32:37:43:5a:cc:fb:64:b6:ac:51:1a:f6:b8:
f1:29:c2:7e:41:0b:c7:49:ae:e7:61:13:47:54:03:25:69:34:
f6:6f:66:75:a3:20:85:d5:ea:c4:c4:4d:29:81:29:7e:33:6d:
ab:1c:61:0c:8c:c7:a4:ac:f2:33:20:3b:1e:57:79:aa:88:4d:
88:8e:fe:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZerBGmyioL/hJrJuXn/oLc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjUwNjI2MDY1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDllYzcwNzAwNjczZDJiOWQ2NmVhYTEzMjI1NDMxZmU4NzY4MmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtpq3WRve4O5j/UAAQ6046a9wlaSa
hSKzT2v8THBgdsJsH1nm75AQY0aECInLDqPX//hd/dc3bHjcCl6NqExR6qRsB/PW
wcFckyqzbV3TXVKijPdHrFqGv2MZTG/V05zJyGLWNkrY/YoX/4K+f6hBwL4SRhOE
ChUW9/1ey7uiRtA8rSaRwURC0GEU6O+0Koda0VG5OcnEtXgXxfwA0AZYLvRnYQxQ
IeeOJ0PK2Nv2HO65roCXRDwnroNuYx4fMO4toe7yvyvWgHZChg9qMbIuMoYWZolx
8Ov2Yz21X7seleVtXWMXi4lrAME3oJaHEK0BZOu4U8rz5O44kMWggsBmZwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJ2exwcAZz0rnWbqoTIlQx/odoL8MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvblo3SEJ3Qm5QU3VkWnVxaE1pVkRILWgyZ3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCV+UIAwQA
V+UXAwQAV+VsAwQAV+VwMA0GCSqGSIb3DQEBCwUAA4IBAQBVkczuhE2EwnXMlBZ6
TBEDg1EanJJUa3X9e+EVAKxyCl7StLtXxK8+4ZQKPy60TVSBq4NquF8+kf0eFUyN
18MCvmUJsr1kwKEA7ev1b8mO9dtqBY/81oy1wRcLANisQqZ0HfTnJC+rxkw6KWVO
cCz8yCDAf95GXkY5lOyXPj3L88aC14IGsyNGrmH5ecpWL+T6gcO8uGHFdYGBcRub
vZDT3xCd71dXnq5urtYu1LR3jZIaPjIoJDDByjI3Q1rM+2S2rFEa9rjxKcJ+QQvH
Sa7nYRNHVAMlaTT2b2Z1oyCF1erExE0pgSl+M22rHGEMjMekrPIzIDseV3mqiE2I
jv5n
-----END CERTIFICATE-----
Generated at Tue Jul 1 17:18:19 2025 by rpki-client