Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/usYEY6hEy_cMaK2Ex6nW5rOTd8s.roa
File: usYEY6hEy_cMaK2Ex6nW5rOTd8s.roa (raw, json)
Hash identifier: k/xHS2cujgcTvlczaGk/0S5X0UI/yKV+WPjY4PU7EAA=
Subject key identifier: BA:C6:04:63:A8:44:CB:F7:0C:68:AD:84:C7:A9:D6:E6:B3:93:77:CB
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01975642F46A1D8D1A043EB7B3331E7159E7
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/usYEY6hEy_cMaK2Ex6nW5rOTd8s.roa
Signing time: Mon 09 Jun 2025 19:55:17 +0000
ROA not before: Mon 09 Jun 2025 19:55:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.26.0/24 maxlen: 24
89.21.84.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Jun 2025 07:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:56:42:f4:6a:1d:8d:1a:04:3e:b7:b3:33:1e:71:59:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jun 9 19:55:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bac60463a844cbf70c68ad84c7a9d6e6b39377cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:81:e6:c0:5a:24:66:88:8e:6a:5b:b8:6b:5a:
bf:3c:30:e1:1d:a1:e7:2e:ec:05:97:2c:9c:ae:52:
3c:f7:f3:cf:f1:df:a3:04:ee:e7:d0:09:1a:40:f7:
be:a9:45:83:35:42:f6:c1:82:c9:42:26:50:fb:0b:
e5:f3:46:cf:d4:36:2c:28:a1:fc:5e:a0:85:25:66:
bf:33:ac:2a:21:1c:93:e2:c7:09:85:7e:bc:e8:6e:
09:38:ec:b2:2a:f3:5e:51:f8:9f:9d:90:47:73:b7:
e8:76:b2:d4:41:1f:01:d8:4b:4d:3d:f0:3e:9b:c2:
3e:57:30:7c:8a:3a:a7:8b:53:42:da:07:c6:94:8a:
3b:11:f8:65:ef:7a:74:68:cc:03:e4:09:af:f6:95:
4f:30:a5:c8:7f:0d:b1:5f:41:71:79:f1:6c:80:b8:
94:2c:dc:b4:1f:ca:cc:fa:81:4d:86:bf:69:1c:9d:
8b:d9:63:28:9c:bd:b3:48:de:a6:7d:06:df:c9:d2:
20:31:2d:86:94:4b:2d:ee:5b:a2:da:c7:cb:b6:01:
67:d5:01:1c:02:18:0e:f4:d6:7f:88:25:1a:04:f8:
b2:c2:07:70:91:f1:3b:eb:61:c6:12:84:92:49:6e:
18:70:b1:dc:e4:66:fe:c8:67:fc:07:99:8b:86:32:
c5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:C6:04:63:A8:44:CB:F7:0C:68:AD:84:C7:A9:D6:E6:B3:93:77:CB
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/usYEY6hEy_cMaK2Ex6nW5rOTd8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.26.0/24
89.21.84.0/24
Signature Algorithm: sha256WithRSAEncryption
14:0b:c0:39:bd:f3:56:c0:62:dd:86:d8:c2:95:6b:1f:15:d3:
6e:41:44:db:35:17:f5:c9:f2:b8:5d:22:8a:21:83:24:01:04:
3a:86:e7:fe:e6:cf:4e:41:48:d4:4a:7b:9f:e0:75:f3:68:09:
6c:ae:65:8a:cd:22:1b:16:69:4f:cc:3b:f6:f4:7d:db:7a:2a:
fd:df:38:04:bd:fa:25:df:60:82:52:39:9a:83:23:e8:1b:a3:
7f:3c:40:52:a1:08:6a:88:1d:c8:78:3c:8a:f4:dd:17:a3:37:
f8:29:b5:5e:9a:b0:37:48:4f:5b:de:d0:7e:d7:3c:c4:58:19:
31:f5:55:09:07:32:47:71:17:79:87:d5:6c:56:39:17:ad:4d:
6d:a7:d2:3b:12:ff:dc:29:46:c4:03:ef:68:7c:a9:94:2f:64:
f7:66:fb:42:28:91:dd:6f:eb:ba:e9:88:55:46:af:2d:82:f7:
ed:d8:78:c2:6a:ad:28:58:73:3b:89:ac:17:3d:2d:51:02:a5:
68:f9:94:3a:14:fc:2f:f4:19:48:8b:d1:7c:8c:43:5c:98:43:
cf:2f:61:e3:54:9c:88:f9:be:52:4f:d5:52:85:4c:89:bd:0a:
0d:02:a1:a8:9e:f5:67:34:57:3f:26:79:e9:a9:0e:ea:eb:e5:
22:b9:51:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdWQvRqHY0aBD63szMecVnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwNjA5MTk1NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWM2MDQ2M2E4NDRjYmY3MGM2OGFkODRjN2E5ZDZlNmIzOTM3N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzoHmwFokZoiOalu4a1q/PDDhHaHn
LuwFlyycrlI89/PP8d+jBO7n0AkaQPe+qUWDNUL2wYLJQiZQ+wvl80bP1DYsKKH8
XqCFJWa/M6wqIRyT4scJhX686G4JOOyyKvNeUfifnZBHc7fodrLUQR8B2EtNPfA+
m8I+VzB8ijqni1NC2gfGlIo7Efhl73p0aMwD5Amv9pVPMKXIfw2xX0FxefFsgLiU
LNy0H8rM+oFNhr9pHJ2L2WMonL2zSN6mfQbfydIgMS2GlEst7lui2sfLtgFn1QEc
AhgO9NZ/iCUaBPiywgdwkfE762HGEoSSSW4YcLHc5Gb+yGf8B5mLhjLFkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLrGBGOoRMv3DGithMep1uazk3fLMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvdXNZRVk2aEV5X2NNYUsyRXg2blc1ck9UZDhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALZUaAwQA
WRVUMA0GCSqGSIb3DQEBCwUAA4IBAQAUC8A5vfNWwGLdhtjClWsfFdNuQUTbNRf1
yfK4XSKKIYMkAQQ6huf+5s9OQUjUSnuf4HXzaAlsrmWKzSIbFmlPzDv29H3beir9
3zgEvfol32CCUjmagyPoG6N/PEBSoQhqiB3IeDyK9N0Xozf4KbVemrA3SE9b3tB+
1zzEWBkx9VUJBzJHcRd5h9VsVjkXrU1tp9I7Ev/cKUbEA+9ofKmUL2T3ZvtCKJHd
b+u66YhVRq8tgvft2HjCaq0oWHM7iawXPS1RAqVo+ZQ6FPwv9BlIi9F8jENcmEPP
L2HjVJyI+b5ST9VShUyJvQoNAqGonvVnNFc/JnnpqQ7q6+UiuVE0
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:01:46 2025 by rpki-client