Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/inX7htVBqX2b0Bg54lHpXlCkgr4.roa
File: inX7htVBqX2b0Bg54lHpXlCkgr4.roa (raw, json)
Hash identifier: LBy81bEsOO1DHJNlXZ8HrMzBG6DcBLTnGnpizC/Pf9U=
Subject key identifier: 8A:75:FB:86:D5:41:A9:7D:9B:D0:18:39:E2:51:E9:5E:50:A4:82:BE
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196F13872F8427F8F89245831B919E8E49D
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/inX7htVBqX2b0Bg54lHpXlCkgr4.roa
Signing time: Wed 21 May 2025 05:02:10 +0000
ROA not before: Wed 21 May 2025 05:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213622
IP address blocks: 89.106.64.0/24 maxlen: 24
89.106.65.0/24 maxlen: 24
185.121.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 May 2025 19:27:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:38:72:f8:42:7f:8f:89:24:58:31:b9:19:e8:e4:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 21 05:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a75fb86d541a97d9bd01839e251e95e50a482be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:64:4e:08:4c:29:02:76:b3:85:11:57:a8:6a:
01:cb:04:54:73:67:3b:17:07:05:b1:22:9d:30:03:
ef:92:20:25:b7:94:99:11:69:65:62:1c:bd:90:93:
dc:57:e4:d5:53:5a:70:35:91:e1:70:5b:c1:0f:a7:
8a:45:78:ee:04:8b:32:e7:13:13:15:ff:48:79:6f:
19:25:50:b9:f7:4e:25:51:d2:0b:51:52:ad:c9:df:
74:9b:91:b8:31:39:e6:66:61:c9:7a:03:c4:11:24:
89:71:83:c5:df:5d:ac:a1:12:be:55:4c:ae:d3:50:
52:a8:7b:65:3c:11:a2:f6:3d:6b:dc:cb:9d:84:99:
fe:01:3e:74:24:33:2a:f5:99:c9:40:b2:bc:37:44:
dc:66:b4:8c:84:3a:ce:a5:20:cb:e4:e1:02:1e:13:
5c:7f:b0:4d:75:8c:4d:46:07:dc:4f:f3:cd:17:58:
b2:88:48:cd:ee:de:70:e6:29:a3:c5:66:30:89:7b:
90:2d:af:c3:4d:ee:f9:f2:08:47:b9:78:30:fd:44:
55:88:9f:d8:66:7a:1b:d4:c0:33:d1:db:be:52:b7:
f2:76:4c:23:4b:d2:1d:a5:94:ad:39:d9:eb:4e:f2:
8f:51:44:ce:2a:7e:4d:f6:2c:e7:3a:7a:2a:e0:c2:
5e:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:75:FB:86:D5:41:A9:7D:9B:D0:18:39:E2:51:E9:5E:50:A4:82:BE
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/inX7htVBqX2b0Bg54lHpXlCkgr4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.64.0/23
185.121.69.0/24
Signature Algorithm: sha256WithRSAEncryption
71:7b:8b:3d:a0:7c:6f:d6:4c:46:b2:85:e3:12:b8:59:74:21:
fd:1b:b3:76:03:69:eb:76:c7:4f:91:7f:fa:40:e4:37:b9:f4:
f2:61:55:11:0b:c3:29:a4:81:d4:04:91:18:78:61:14:c9:5b:
15:55:6a:33:25:37:16:0e:ac:3c:36:29:12:b7:d2:7f:9f:e1:
19:2d:85:23:cc:86:d2:77:da:06:a1:14:e4:ed:21:2f:97:97:
ee:20:98:97:97:06:28:7f:8d:07:94:cf:dd:88:93:d3:1c:0e:
a8:84:76:76:96:e0:4f:20:3d:62:c8:09:d2:45:22:29:6a:6c:
74:dd:68:e0:7d:13:05:78:9d:25:ef:fa:cc:7f:1b:28:23:ca:
c6:99:32:ff:3a:67:8d:05:2b:b7:68:43:54:36:ad:f5:93:89:
54:b7:41:77:69:21:12:3c:99:d7:69:49:17:d6:17:2a:34:2c:
6f:73:74:70:0b:56:7c:37:a8:14:f9:e2:74:ff:af:81:95:19:
80:30:81:85:89:b8:7f:16:e5:f3:3a:d9:58:f1:db:5b:40:28:
a1:6a:ee:85:ff:69:74:a8:a3:da:22:7a:aa:d1:40:c7:bc:87:
3e:e4:50:10:e5:c4:03:47:c6:e6:32:ac:ec:5b:19:17:31:2c:
a1:32:b7:49
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbxOHL4Qn+PiSRYMbkZ6OSdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTIxMDUwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTc1ZmI4NmQ1NDFhOTdkOWJkMDE4MzllMjUxZTk1ZTUwYTQ4MmJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArGROCEwpAnazhRFXqGoBywRUc2c7
FwcFsSKdMAPvkiAlt5SZEWllYhy9kJPcV+TVU1pwNZHhcFvBD6eKRXjuBIsy5xMT
Ff9IeW8ZJVC5904lUdILUVKtyd90m5G4MTnmZmHJegPEESSJcYPF312soRK+VUyu
01BSqHtlPBGi9j1r3MudhJn+AT50JDMq9ZnJQLK8N0TcZrSMhDrOpSDL5OECHhNc
f7BNdYxNRgfcT/PNF1iyiEjN7t5w5imjxWYwiXuQLa/DTe758ghHuXgw/URViJ/Y
Znob1MAz0du+UrfydkwjS9IdpZStOdnrTvKPUUTOKn5N9iznOnoq4MJeuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIp1+4bVQal9m9AYOeJR6V5QpIK+MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaW5YN2h0VkJxWDJiMEJnNTRsSHBYbENrZ3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWWpAAwQA
uXlFMA0GCSqGSIb3DQEBCwUAA4IBAQBxe4s9oHxv1kxGsoXjErhZdCH9G7N2A2nr
dsdPkX/6QOQ3ufTyYVURC8MppIHUBJEYeGEUyVsVVWozJTcWDqw8NikSt9J/n+EZ
LYUjzIbSd9oGoRTk7SEvl5fuIJiXlwYof40HlM/diJPTHA6ohHZ2luBPID1iyAnS
RSIpamx03WjgfRMFeJ0l7/rMfxsoI8rGmTL/OmeNBSu3aENUNq31k4lUt0F3aSES
PJnXaUkX1hcqNCxvc3RwC1Z8N6gU+eJ0/6+BlRmAMIGFibh/FuXzOtlY8dtbQCih
au6F/2l0qKPaInqq0UDHvIc+5FAQ5cQDR8bmMqzsWxkXMSyhMrdJ
-----END CERTIFICATE-----
Generated at Sun Jun 15 15:56:28 2025 by rpki-client