Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ewIpn3OGPMaIY41TXjcwYxrDYiE.roa
File: ewIpn3OGPMaIY41TXjcwYxrDYiE.roa (raw, json)
Hash identifier: LEESapxllyLEzRrZv1sENpdeYuM0niRpIutlYTKy85o=
Subject key identifier: 7B:02:29:9F:73:86:3C:C6:88:63:8D:53:5E:37:30:63:1A:C3:62:21
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0196B0CEE2061A42EC6133E2E15F41E5AC14
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ewIpn3OGPMaIY41TXjcwYxrDYiE.roa
Signing time: Thu 08 May 2025 16:51:10 +0000
ROA not before: Thu 08 May 2025 16:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 81.22.142.0/23 maxlen: 24
89.185.0.0/22 maxlen: 22
109.72.116.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jun 2025 07:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:b0:ce:e2:06:1a:42:ec:61:33:e2:e1:5f:41:e5:ac:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: May 8 16:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b02299f73863cc688638d535e3730631ac36221
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:9c:4c:06:ab:6f:ba:5b:d9:40:34:a2:d6:c4:
89:ee:10:4c:cf:a5:8c:71:7e:04:97:3f:46:55:8f:
16:05:bc:61:db:fd:27:ad:72:75:5d:75:84:c0:6d:
2b:20:83:b1:04:56:01:b6:65:7d:ea:78:1a:b5:01:
e4:7a:af:f9:a4:98:cb:8e:32:2b:56:48:4e:77:f6:
c4:8a:39:7c:62:1b:b0:df:b6:0e:3d:ce:cc:d0:dc:
11:37:94:2c:ca:bc:e5:74:61:57:ab:67:49:36:25:
e4:75:95:d8:eb:53:d6:a2:3a:25:15:0a:56:02:0d:
ff:e7:31:71:75:21:1d:bb:b3:50:7f:e9:bf:fc:da:
67:ec:93:4c:26:7f:19:58:8e:9a:f1:db:61:72:3a:
5b:d1:2a:fc:8c:63:62:3a:d8:e7:f6:68:30:5b:07:
06:a7:5d:7a:95:8b:62:05:32:52:68:05:24:94:95:
c0:ef:08:cc:cf:d1:58:13:36:7a:3f:63:c7:99:eb:
e1:76:a7:70:6a:21:e5:7b:c1:a7:b6:83:dd:73:f4:
37:28:21:85:bc:92:32:ed:4f:c2:ea:10:ac:cc:ef:
ac:bd:cc:9c:4e:18:e1:47:f3:0c:6f:2d:7d:cc:b1:
ff:13:d0:d2:c6:e3:52:ab:a8:f2:e4:e7:6f:aa:e1:
87:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:02:29:9F:73:86:3C:C6:88:63:8D:53:5E:37:30:63:1A:C3:62:21
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/ewIpn3OGPMaIY41TXjcwYxrDYiE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.142.0/23
89.185.0.0/22
109.72.116.0/22
Signature Algorithm: sha256WithRSAEncryption
07:e0:69:3a:a1:db:b3:30:4d:eb:3a:06:e5:3a:d3:54:0b:0e:
b7:f9:f9:ee:3f:d7:d9:77:0f:d5:07:43:07:04:29:2b:e1:c6:
f5:c8:04:15:04:f5:ed:2c:76:fc:1b:3d:e4:cc:b0:39:6a:c3:
b8:f3:33:4f:00:3b:e3:0f:91:06:62:f9:6f:bd:e6:8a:69:47:
4b:42:cc:d6:3e:69:fd:c2:26:7b:4c:92:7d:d0:1a:74:a1:de:
c5:88:92:1f:8e:73:8b:5d:a8:36:1b:d2:73:42:89:c6:12:86:
e1:23:5c:0f:7a:82:d6:58:18:37:ad:06:a1:00:b8:d3:89:d6:
7f:94:2b:93:75:ba:1d:d4:58:dd:b9:df:77:45:1b:08:57:7f:
0c:5d:d3:2a:dc:c3:f8:c7:3d:22:bc:ba:21:fb:2e:22:56:2c:
73:e1:7a:97:1e:ff:4a:d1:b7:32:62:6c:d4:ee:62:69:45:ae:
49:dd:6a:68:0a:02:36:cb:f8:79:de:5f:eb:87:4d:d3:81:d4:
3c:f4:56:27:b0:f8:8d:c4:f0:75:50:f7:f8:8f:cf:69:89:6c:
3c:6d:44:ca:04:e6:de:a4:b9:ff:61:ae:d3:4c:fe:d4:0e:37:
40:a6:14:f7:8e:29:c3:1f:ad:59:4d:3d:94:99:37:11:37:6a:
03:6b:01:89
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZawzuIGGkLsYTPi4V9B5awUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwNTA4MTY1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjAyMjk5ZjczODYzY2M2ODg2MzhkNTM1ZTM3MzA2MzFhYzM2MjIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzpxMBqtvulvZQDSi1sSJ7hBMz6WM
cX4Elz9GVY8WBbxh2/0nrXJ1XXWEwG0rIIOxBFYBtmV96ngatQHkeq/5pJjLjjIr
VkhOd/bEijl8Yhuw37YOPc7M0NwRN5QsyrzldGFXq2dJNiXkdZXY61PWojolFQpW
Ag3/5zFxdSEdu7NQf+m//Npn7JNMJn8ZWI6a8dthcjpb0Sr8jGNiOtjn9mgwWwcG
p116lYtiBTJSaAUklJXA7wjMz9FYEzZ6P2PHmevhdqdwaiHle8GntoPdc/Q3KCGF
vJIy7U/C6hCszO+svcycThjhR/MMby19zLH/E9DSxuNSq6jy5OdvquGHUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHsCKZ9zhjzGiGONU143MGMaw2IhMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvZXdJcG4zT0dQTWFJWTQxVFhqY3dZeHJEWWlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBURaOAwQC
WbkAAwQCbUh0MA0GCSqGSIb3DQEBCwUAA4IBAQAH4Gk6oduzME3rOgblOtNUCw63
+fnuP9fZdw/VB0MHBCkr4cb1yAQVBPXtLHb8Gz3kzLA5asO48zNPADvjD5EGYvlv
veaKaUdLQszWPmn9wiZ7TJJ90Bp0od7FiJIfjnOLXag2G9JzQonGEobhI1wPeoLW
WBg3rQahALjTidZ/lCuTdbod1Fjdud93RRsIV38MXdMq3MP4xz0ivLoh+y4iVixz
4XqXHv9K0bcyYmzU7mJpRa5J3WpoCgI2y/h53l/rh03TgdQ89FYnsPiNxPB1UPf4
j89piWw8bUTKBObepLn/Ya7TTP7UDjdAphT3jinDH61ZTT2UmTcRN2oDawGJ
-----END CERTIFICATE-----
Generated at Sun Jun 15 01:05:25 2025 by rpki-client