Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/59VklbJzzTKeUB_a3CMnIj9PpqE.roa
File: 59VklbJzzTKeUB_a3CMnIj9PpqE.roa (raw, json)
Hash identifier: c53ah1Rph9J8Iv9yhn1uqnmbIES9NC/2MWuIReAZJ+o=
Subject key identifier: E7:D5:64:95:B2:73:CD:32:9E:50:1F:DA:DC:23:27:22:3F:4F:A6:A1
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019617814DEA14A9148E1347E2A84B5CABB9
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/59VklbJzzTKeUB_a3CMnIj9PpqE.roa
Signing time: Tue 08 Apr 2025 22:24:32 +0000
ROA not before: Tue 08 Apr 2025 22:24:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 89.144.34.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 09 Apr 2025 18:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:17:81:4d:ea:14:a9:14:8e:13:47:e2:a8:4b:5c:ab:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 8 22:24:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7d56495b273cd329e501fdadc2327223f4fa6a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:30:23:9d:e2:8a:ed:41:35:e2:94:fc:d6:7f:
1e:cf:f5:d4:79:d6:27:97:f6:62:75:18:e6:33:1c:
47:5a:96:48:eb:61:05:a3:a5:b2:2e:41:2a:9c:49:
3c:02:56:26:35:27:be:36:04:57:0b:b9:a7:0a:e2:
80:45:d4:87:73:ca:22:23:ca:f6:b7:5d:74:5d:69:
55:99:89:f2:fc:f9:c1:fe:3e:7e:54:1a:2b:db:21:
eb:4d:ea:54:15:17:b0:01:e5:b9:10:8e:b4:bf:87:
94:5a:17:0d:ec:be:29:4a:4d:14:2f:80:c1:98:ea:
4e:44:47:6d:10:a5:6e:39:ee:62:9c:3b:37:4d:c7:
1c:ce:5d:74:ee:30:3d:ce:67:7a:a7:32:35:bd:e3:
ef:8f:d4:d6:5e:4e:f4:f2:4c:2e:3c:06:3c:f0:13:
97:98:ec:48:84:cc:89:a9:00:d4:44:19:2a:3f:e2:
41:20:cb:69:ca:62:c0:d8:de:52:b6:ea:c6:d0:fd:
20:a3:44:a9:94:e7:4f:60:ed:bf:3a:bf:f0:29:f9:
0e:9b:da:bf:cc:9f:52:92:fe:88:b6:3d:ce:f7:46:
b6:b6:63:7c:41:f1:2d:59:74:36:2e:27:ef:98:ca:
8b:eb:ae:5a:f2:20:f3:04:bf:41:6a:97:10:cd:46:
c2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D5:64:95:B2:73:CD:32:9E:50:1F:DA:DC:23:27:22:3F:4F:A6:A1
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/59VklbJzzTKeUB_a3CMnIj9PpqE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.34.0/24
178.18.147.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f7:c1:b9:d7:a6:f6:06:19:c4:86:75:fa:b0:f8:60:fa:e5:
b2:8f:c0:90:db:84:18:b8:cc:27:f7:e8:28:8e:6f:bc:68:9b:
c5:e2:7f:4b:24:05:4b:d6:a7:bd:74:ae:fa:12:b5:90:e9:0a:
43:7f:ff:b7:8f:ee:62:5d:1a:b6:d7:52:44:43:74:53:9f:c0:
17:ba:ee:40:78:cf:e5:a9:eb:99:ad:a3:cd:20:d7:e2:0d:69:
16:e9:83:93:04:c0:ff:ac:b6:de:9a:36:99:81:c8:d1:2e:0d:
aa:79:a4:51:7b:01:69:27:d8:72:0e:ea:5a:7c:9c:96:f2:e2:
ce:85:90:f3:96:cf:e8:d4:d5:9d:62:b8:8b:9d:00:54:4e:eb:
64:9d:56:6f:29:38:8c:55:53:4b:50:fb:05:d5:e6:c4:7a:f1:
e7:a4:54:68:51:e6:c1:34:99:f2:48:ad:0e:18:67:99:27:09:
e4:00:1c:94:cb:17:57:67:b6:16:0a:e9:94:68:70:2f:c9:b3:
15:a2:ac:68:5d:56:c3:29:1b:e2:7c:b0:8c:ff:80:dc:be:5f:
0c:af:17:8d:43:70:1c:bd:1c:41:d1:2e:4a:75:83:16:75:24:
2f:c1:33:2a:30:3b:e8:6b:16:92:d5:3b:44:0b:60:35:6e:bc:
bc:a2:21:53
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZYXgU3qFKkUjhNH4qhLXKu5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDA4MjIyNDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2Q1NjQ5NWIyNzNjZDMyOWU1MDFmZGFkYzIzMjcyMjNmNGZhNmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDAjneKK7UE14pT81n8ez/XUedYn
l/ZidRjmMxxHWpZI62EFo6WyLkEqnEk8AlYmNSe+NgRXC7mnCuKARdSHc8oiI8r2
t110XWlVmYny/PnB/j5+VBor2yHrTepUFRewAeW5EI60v4eUWhcN7L4pSk0UL4DB
mOpOREdtEKVuOe5inDs3Tccczl107jA9zmd6pzI1vePvj9TWXk708kwuPAY88BOX
mOxIhMyJqQDURBkqP+JBIMtpymLA2N5SturG0P0go0SplOdPYO2/Or/wKfkOm9q/
zJ9Skv6Itj3O90a2tmN8QfEtWXQ2LifvmMqL665a8iDzBL9BapcQzUbCkwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOfVZJWyc80ynlAf2twjJyI/T6ahMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNTlWa2xiSnp6VEtlVUJfYTNDTW5JajlQcHFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWZAiAwQA
shKTMA0GCSqGSIb3DQEBCwUAA4IBAQAk98G516b2BhnEhnX6sPhg+uWyj8CQ24QY
uMwn9+gojm+8aJvF4n9LJAVL1qe9dK76ErWQ6QpDf/+3j+5iXRq211JEQ3RTn8AX
uu5AeM/lqeuZraPNINfiDWkW6YOTBMD/rLbemjaZgcjRLg2qeaRRewFpJ9hyDupa
fJyW8uLOhZDzls/o1NWdYriLnQBUTutknVZvKTiMVVNLUPsF1ebEevHnpFRoUebB
NJnySK0OGGeZJwnkAByUyxdXZ7YWCumUaHAvybMVoqxoXVbDKRvifLCM/4Dcvl8M
rxeNQ3AcvRxB0S5KdYMWdSQvwTMqMDvoaxaS1TtEC2A1bry8oiFT
-----END CERTIFICATE-----
Generated at Sun Jun 15 07:57:56 2025 by rpki-client