Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tQH-PRLoWcHfUpGryX2p7Jtus2o.roa
File: tQH-PRLoWcHfUpGryX2p7Jtus2o.roa (raw, json)
Hash identifier: OrnlgEaCRaiUSdfoxOfjC0txVbURQEQNgU0l0DSyZY8=
Subject key identifier: B5:01:FE:3D:12:E8:59:C1:DF:52:91:AB:C9:7D:A9:EC:9B:6E:B3:6A
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0196C11E9ACEF3D18AE8E29958B7FB789E0D
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tQH-PRLoWcHfUpGryX2p7Jtus2o.roa
Signing time: Sun 11 May 2025 20:52:10 +0000
ROA not before: Sun 11 May 2025 20:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209693
IP address blocks: 89.144.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 12 May 2025 04:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c1:1e:9a:ce:f3:d1:8a:e8:e2:99:58:b7:fb:78:9e:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: May 11 20:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b501fe3d12e859c1df5291abc97da9ec9b6eb36a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:e8:05:b6:66:b6:c6:01:0d:dd:b9:b7:49:84:
50:4c:6b:f4:7e:61:a4:fe:02:13:26:ff:47:ad:d5:
3f:90:ce:7d:85:9c:5c:8e:df:18:89:1d:0d:47:a9:
cd:2f:87:03:95:bc:ad:f5:fc:57:98:e5:ca:93:ac:
d8:01:ad:fa:b0:40:29:c8:84:7c:8c:e6:0b:c7:20:
1e:09:6c:a1:9a:09:91:e9:d6:95:c5:8c:ae:2d:d2:
c7:ba:78:b2:53:e9:02:cf:4a:7f:04:80:07:93:11:
74:48:ef:88:b2:f7:3c:8c:7b:f9:3d:90:74:19:e0:
d6:80:d8:9d:42:3c:ae:04:25:32:db:1e:ef:cc:d0:
0b:9a:ff:be:2d:ec:9e:84:f4:70:b7:06:65:56:11:
fa:4b:db:31:c3:74:33:f9:ee:e6:d9:51:23:5a:32:
ae:9f:05:3e:3f:14:6f:f7:2d:ac:d4:56:ef:f5:15:
1f:c2:44:b4:ab:b1:22:69:d3:3b:dd:cc:e5:28:8c:
99:e3:6d:50:90:ca:69:1d:41:f6:e7:f2:82:87:95:
95:56:d0:46:0c:0d:a1:de:7b:10:25:76:e5:e1:3c:
16:66:1e:85:4a:05:d9:8c:24:86:18:b5:00:65:18:
a1:65:5e:5d:a1:80:99:16:13:4a:f4:ee:36:6f:e7:
be:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:01:FE:3D:12:E8:59:C1:DF:52:91:AB:C9:7D:A9:EC:9B:6E:B3:6A
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/tQH-PRLoWcHfUpGryX2p7Jtus2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.62.0/24
Signature Algorithm: sha256WithRSAEncryption
dd:60:bb:4f:2b:76:28:da:b9:69:d5:b9:52:0a:16:ab:12:63:
25:1d:38:04:bf:93:95:dc:09:58:ca:47:1d:9f:43:c0:0a:64:
6f:66:21:dd:11:eb:d2:e1:60:0d:1e:45:cb:64:72:11:f9:7e:
08:be:e7:c4:4b:47:7a:37:86:9c:8c:76:37:fa:a8:b2:5a:3d:
3f:3c:3a:57:64:ed:25:2a:12:ee:64:6f:b4:e6:b3:35:ed:49:
75:97:93:ed:c5:7d:ea:1d:8b:dc:9a:85:c5:64:88:e3:22:f5:
ac:34:48:fc:59:53:ef:a0:91:90:3f:f5:6c:db:28:0d:ff:b5:
35:57:e4:52:ec:10:61:c1:8d:33:19:ba:3a:a2:b4:fc:47:7e:
da:af:b4:44:cb:f0:24:8d:75:89:bc:76:73:b8:89:40:0a:83:
aa:fd:01:0c:02:4d:1d:d3:f4:57:44:61:d4:5d:11:dd:c3:56:
72:1a:e1:82:1e:fc:28:a2:0a:8a:55:5b:7c:50:bd:28:2f:d5:
3b:9c:70:bf:c9:83:41:60:5d:2b:5a:10:47:f3:ad:fb:fe:23:
2f:c2:4a:2c:7f:5b:fc:3b:22:6f:a2:f7:b5:64:71:85:f8:ad:
28:2b:1d:64:19:45:68:4c:be:2a:3d:5c:cc:28:dc:81:64:a9:
02:26:c2:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbBHprO89GK6OKZWLf7eJ4NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNTExMjA1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTAxZmUzZDEyZTg1OWMxZGY1MjkxYWJjOTdkYTllYzliNmViMzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlugFtma2xgEN3bm3SYRQTGv0fmGk
/gITJv9HrdU/kM59hZxcjt8YiR0NR6nNL4cDlbyt9fxXmOXKk6zYAa36sEApyIR8
jOYLxyAeCWyhmgmR6daVxYyuLdLHuniyU+kCz0p/BIAHkxF0SO+Isvc8jHv5PZB0
GeDWgNidQjyuBCUy2x7vzNALmv++LeyehPRwtwZlVhH6S9sxw3Qz+e7m2VEjWjKu
nwU+PxRv9y2s1Fbv9RUfwkS0q7EiadM73czlKIyZ421QkMppHUH25/KCh5WVVtBG
DA2h3nsQJXbl4TwWZh6FSgXZjCSGGLUAZRihZV5doYCZFhNK9O42b+e+cwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUB/j0S6FnB31KRq8l9qeybbrNqMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdFFILVBSTG9XY0hmVXBHcnlYMnA3SnR1czJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWZA+MA0G
CSqGSIb3DQEBCwUAA4IBAQDdYLtPK3Yo2rlp1blSCharEmMlHTgEv5OV3AlYykcd
n0PACmRvZiHdEevS4WANHkXLZHIR+X4IvufES0d6N4acjHY3+qiyWj0/PDpXZO0l
KhLuZG+05rM17Ul1l5PtxX3qHYvcmoXFZIjjIvWsNEj8WVPvoJGQP/Vs2ygN/7U1
V+RS7BBhwY0zGbo6orT8R37ar7REy/AkjXWJvHZzuIlACoOq/QEMAk0d0/RXRGHU
XRHdw1ZyGuGCHvwoogqKVVt8UL0oL9U7nHC/yYNBYF0rWhBH8637/iMvwkosf1v8
OyJvove1ZHGF+K0oKx1kGUVoTL4qPVzMKNyBZKkCJsKC
-----END CERTIFICATE-----
Generated at Mon Jun 16 12:06:13 2025 by rpki-client