Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dIoyco6RLHXi5bY4YDmIhVX8P0g.roa
File: dIoyco6RLHXi5bY4YDmIhVX8P0g.roa (raw, json)
Hash identifier: exRMR/bWen/fmCCrhWuF6YhCzxQfiBwBKiiKYDcFD20=
Subject key identifier: 74:8A:32:72:8E:91:2C:75:E2:E5:B6:38:60:39:88:85:55:FC:3F:48
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0197A1CD132C587C9EE85451EC6FAD2598AF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dIoyco6RLHXi5bY4YDmIhVX8P0g.roa
Signing time: Tue 24 Jun 2025 11:57:40 +0000
ROA not before: Tue 24 Jun 2025 11:57:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211439
IP address blocks: 37.252.28.0/24 maxlen: 24
79.99.149.0/24 maxlen: 24
89.213.117.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.221.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Jun 2025 19:38:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a1:cd:13:2c:58:7c:9e:e8:54:51:ec:6f:ad:25:98:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 24 11:57:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=748a32728e912c75e2e5b6386039888555fc3f48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e8:e7:2a:6f:8f:05:ba:7f:c8:64:fc:26:7a:
d7:26:2a:81:f5:80:f7:fb:a4:42:a6:9e:c5:ea:e8:
7e:f8:96:fa:49:f5:23:b2:f4:66:09:49:45:98:50:
e4:18:2b:36:74:d2:1a:18:02:ae:1c:a0:55:b1:41:
71:a0:81:e2:8f:28:bd:33:a1:12:1a:90:1d:07:a8:
81:17:1e:9d:1d:5f:14:fa:02:f4:1d:6f:ea:36:50:
9c:9c:95:26:bb:8e:41:42:3d:c0:9e:2e:8f:0c:37:
d7:5d:c1:c9:c2:e5:30:15:26:63:04:c2:33:df:1f:
aa:67:e0:6c:f6:17:8a:db:53:3d:34:87:8c:95:92:
8d:94:bd:33:a3:40:c3:f1:e6:3f:2b:99:fa:5f:ba:
39:ad:1c:0e:e7:83:c1:b9:7a:d6:99:59:70:d9:25:
e6:d3:89:1e:7c:9d:6a:0f:c5:63:ab:3b:cb:5e:90:
cb:c3:de:53:8d:cf:d7:e4:64:cd:1a:2a:f7:e4:3a:
74:bf:3c:9b:e2:48:15:b7:95:5d:ce:81:79:93:59:
83:e2:6c:e0:49:35:ff:fe:d8:0b:09:6e:86:bf:5a:
28:7b:66:d9:c2:c0:aa:80:4f:1c:cd:13:79:b8:5a:
31:86:83:41:77:3d:d2:ba:c5:14:10:30:b8:d3:f5:
b8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:8A:32:72:8E:91:2C:75:E2:E5:B6:38:60:39:88:85:55:FC:3F:48
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dIoyco6RLHXi5bY4YDmIhVX8P0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.28.0/24
79.99.149.0/24
89.213.117.0/24
89.213.171.0/24
89.213.176.0/24
89.213.221.0/24
Signature Algorithm: sha256WithRSAEncryption
04:d9:fa:53:93:fe:4d:30:d6:59:d3:9c:80:57:f0:e9:7d:01:
11:97:4e:d8:94:78:3f:db:bb:2c:f1:2f:a8:d5:65:a1:47:28:
3f:ed:3f:bf:ee:0b:34:99:f7:33:df:98:a5:fd:b5:34:6a:cc:
55:03:dd:05:7b:b5:7b:f3:40:a3:76:26:63:9e:ae:bf:88:09:
da:85:aa:8e:0e:7f:ed:7a:2b:d7:2c:13:c3:53:a0:ed:cb:a5:
6f:7d:8f:3a:05:84:cd:d8:d9:03:38:11:ea:15:1e:52:1a:78:
64:db:a0:6c:62:53:9d:e0:ba:0a:f5:37:79:1c:ad:8d:bd:22:
aa:c6:de:bb:03:b1:6c:8b:d3:2c:c3:77:21:d0:c6:47:46:4b:
05:a5:f5:33:4f:db:2d:51:9b:ab:29:03:bc:f8:c4:b0:0f:27:
42:a9:ad:3b:9a:3d:97:89:93:bb:83:5b:c3:0d:e2:4e:0d:68:
7d:4d:0c:e6:97:c1:dc:b5:f2:a7:80:1b:37:b6:38:a0:b4:7a:
31:42:94:a9:06:a5:54:5d:f3:1c:7c:fa:8f:de:f6:1e:b1:c8:
a1:f4:de:85:1d:7f:12:dd:d0:fa:27:f1:78:42:e0:92:7d:f1:
ee:ba:78:5c:5e:c0:9f:c1:96:c2:ee:ae:e3:d3:80:9e:57:f6:
05:c9:4a:13
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZehzRMsWHye6FRR7G+tJZivMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNjI0MTE1NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDhhMzI3MjhlOTEyYzc1ZTJlNWI2Mzg2MDM5ODg4NTU1ZmMzZjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOjnKm+PBbp/yGT8JnrXJiqB9YD3
+6RCpp7F6uh++Jb6SfUjsvRmCUlFmFDkGCs2dNIaGAKuHKBVsUFxoIHijyi9M6ES
GpAdB6iBFx6dHV8U+gL0HW/qNlCcnJUmu45BQj3Ani6PDDfXXcHJwuUwFSZjBMIz
3x+qZ+Bs9heK21M9NIeMlZKNlL0zo0DD8eY/K5n6X7o5rRwO54PBuXrWmVlw2SXm
04kefJ1qD8VjqzvLXpDLw95Tjc/X5GTNGir35Dp0vzyb4kgVt5VdzoF5k1mD4mzg
STX//tgLCW6Gv1ooe2bZwsCqgE8czRN5uFoxhoNBdz3SusUUEDC40/W4HQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHSKMnKOkSx14uW2OGA5iIVV/D9IMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZElveWNvNlJMSFhpNWJZNFlEbUloVlg4UDBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAJfwcAwQA
T2OVAwQAWdV1AwQAWdWrAwQAWdWwAwQAWdXdMA0GCSqGSIb3DQEBCwUAA4IBAQAE
2fpTk/5NMNZZ05yAV/DpfQERl07YlHg/27ss8S+o1WWhRyg/7T+/7gs0mfcz35il
/bU0asxVA90Fe7V780CjdiZjnq6/iAnahaqODn/teivXLBPDU6Dty6VvfY86BYTN
2NkDOBHqFR5SGnhk26BsYlOd4LoK9Td5HK2NvSKqxt67A7Fsi9Msw3ch0MZHRksF
pfUzT9stUZurKQO8+MSwDydCqa07mj2XiZO7g1vDDeJODWh9TQzml8HctfKngBs3
tjigtHoxQpSpBqVUXfMcfPqP3vYescih9N6FHX8S3dD6J/F4QuCSffHuunhcXsCf
wZbC7q7j04CeV/YFyUoT
-----END CERTIFICATE-----
Generated at Tue Jul 1 18:24:51 2025 by rpki-client