Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/YEpq82IurpKf8Yi-wH4eIVmwiRo.roa
File: YEpq82IurpKf8Yi-wH4eIVmwiRo.roa (raw, json)
Hash identifier: Op/LjX1ncyBrbaYozKk0UP2JvzvzmLwmCyf7rD061Pg=
Subject key identifier: 60:4A:6A:F3:62:2E:AE:92:9F:F1:88:BE:C0:7E:1E:21:59:B0:89:1A
Certificate issuer: /CN=1e5b334965788794d6f147a2f004d13be3257dc4
Certificate serial: 019754C3597C355C848F1A93AB1C13C72840
Authority key identifier: 1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/YEpq82IurpKf8Yi-wH4eIVmwiRo.roa
Signing time: Mon 09 Jun 2025 12:56:17 +0000
ROA not before: Mon 09 Jun 2025 12:56:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 152.89.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Jun 2025 19:53:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:c3:59:7c:35:5c:84:8f:1a:93:ab:1c:13:c7:28:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e5b334965788794d6f147a2f004d13be3257dc4
Validity
Not Before: Jun 9 12:56:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=604a6af3622eae929ff188bec07e1e2159b0891a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:c0:3e:1e:1d:09:7f:31:7a:d3:69:23:c2:5f:
be:fc:e4:07:9f:7f:ed:4c:ca:6d:de:75:99:c1:40:
b2:30:f7:4f:c4:0a:98:1d:8c:aa:0d:2d:04:0d:a9:
45:1b:57:df:9b:bb:e7:64:d0:e8:9a:ae:1d:0d:ab:
41:3f:3a:40:03:88:e5:ae:af:47:10:87:51:75:81:
4f:ee:33:6d:95:68:15:94:c3:d1:4f:8c:8b:9c:6b:
4b:5e:6a:f9:0c:b2:1c:4b:4d:c6:57:d4:a6:a7:85:
b2:ba:46:ac:6a:b4:85:4f:8d:89:e1:31:5c:cd:14:
6f:3d:35:82:ea:bd:22:64:24:09:84:9d:92:92:ba:
62:87:94:36:6e:d7:b1:ff:bf:5b:b1:fc:2c:5f:65:
35:23:55:33:1c:4c:d8:02:4c:d5:ce:87:59:a7:2a:
7d:6b:05:ca:4b:04:c6:80:35:76:0e:9a:4b:8d:25:
62:69:72:70:20:8e:be:9f:91:43:c0:49:7c:f9:12:
a7:3f:73:d0:d1:52:bb:62:49:34:49:f9:01:99:56:
83:f6:c2:c7:1b:1d:9d:68:e7:e1:ea:1a:d5:63:59:
8c:9f:52:4a:ec:f5:2d:c1:4b:18:80:5f:25:d5:15:
47:44:80:3c:e0:f3:ea:2e:31:ab:41:4f:db:fe:92:
89:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:4A:6A:F3:62:2E:AE:92:9F:F1:88:BE:C0:7E:1E:21:59:B0:89:1A
X509v3 Authority Key Identifier:
keyid:1E:5B:33:49:65:78:87:94:D6:F1:47:A2:F0:04:D1:3B:E3:25:7D:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HlszSWV4h5TW8Uei8ATRO-MlfcQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/YEpq82IurpKf8Yi-wH4eIVmwiRo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/9ba38a-4852-413d-9cd2-9990e2d9eafe/1/HlszSWV4h5TW8Uei8ATRO-MlfcQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.192.0/24
Signature Algorithm: sha256WithRSAEncryption
80:af:be:e5:bb:92:c6:de:28:a4:1a:b6:4f:a3:c1:12:a5:42:
ce:36:7b:e7:1a:c2:2c:ae:6d:80:1b:ee:90:0e:60:07:c2:ce:
e6:10:33:cc:d4:91:4e:36:9a:96:48:44:73:1a:31:f0:2f:b0:
31:70:bc:91:4c:d5:b2:97:bf:6a:45:75:52:e0:1d:a5:2b:a1:
ff:30:ca:03:01:66:31:ec:b7:ef:67:fa:59:1c:cd:4f:32:56:
8e:e1:7e:f9:d8:57:28:5d:10:2c:05:9c:e2:68:79:4b:7a:c5:
f0:00:06:fe:42:f7:f2:4a:bb:2e:19:f1:f8:39:86:6b:9e:29:
1c:dc:00:13:42:74:a2:a7:3a:b4:c5:cc:af:8a:30:9b:8c:6c:
a0:fa:b0:cb:82:08:68:d9:e5:ce:43:f1:bd:f9:98:ce:ed:2b:
e2:74:8c:e2:96:35:2e:6d:d2:b2:b3:ef:3f:dc:aa:b5:31:5d:
eb:f7:c8:34:2e:94:16:d2:76:c4:15:1a:56:78:0f:33:65:05:
96:5b:8a:71:a7:dd:c9:ae:f6:59:a8:d0:c0:fc:ac:14:76:4b:
b4:a9:f5:08:96:f9:00:32:16:2c:05:84:07:f0:3b:20:4b:b5:
ef:27:dd:88:2a:b9:e0:ab:6a:64:ba:8a:46:d4:6b:24:28:67:
d6:7d:13:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZdUw1l8NVyEjxqTqxwTxyhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlNWIzMzQ5NjU3ODg3OTRkNmYxNDdhMmYwMDRkMTNiZTMy
NTdkYzQwHhcNMjUwNjA5MTI1NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDRhNmFmMzYyMmVhZTkyOWZmMTg4YmVjMDdlMWUyMTU5YjA4OTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0cA+Hh0JfzF602kjwl++/OQHn3/t
TMpt3nWZwUCyMPdPxAqYHYyqDS0EDalFG1ffm7vnZNDomq4dDatBPzpAA4jlrq9H
EIdRdYFP7jNtlWgVlMPRT4yLnGtLXmr5DLIcS03GV9Smp4WyukasarSFT42J4TFc
zRRvPTWC6r0iZCQJhJ2Skrpih5Q2btex/79bsfwsX2U1I1UzHEzYAkzVzodZpyp9
awXKSwTGgDV2DppLjSViaXJwII6+n5FDwEl8+RKnP3PQ0VK7Ykk0SfkBmVaD9sLH
Gx2daOfh6hrVY1mMn1JK7PUtwUsYgF8l1RVHRIA84PPqLjGrQU/b/pKJJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGBKavNiLq6Sn/GIvsB+HiFZsIkaMB8GA1UdIwQY
MBaAFB5bM0lleIeU1vFHovAE0TvjJX3EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDIt
OTk5MGUyZDllYWZlLzEvWUVwcTgySXVycEtmOFlpLXdINGVJVm13aVJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC85YmEzOGEtNDg1Mi00MTNkLTljZDItOTk5MGUyZDllYWZl
LzEvSGxzelNXVjRoNVRXOFVlaThBVFJPLU1sZmNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAmFnAMA0G
CSqGSIb3DQEBCwUAA4IBAQCAr77lu5LG3iikGrZPo8ESpULONnvnGsIsrm2AG+6Q
DmAHws7mEDPM1JFONpqWSERzGjHwL7AxcLyRTNWyl79qRXVS4B2lK6H/MMoDAWYx
7LfvZ/pZHM1PMlaO4X752FcoXRAsBZziaHlLesXwAAb+QvfySrsuGfH4OYZrnikc
3AATQnSipzq0xcyvijCbjGyg+rDLggho2eXOQ/G9+ZjO7SvidIziljUubdKys+8/
3Kq1MV3r98g0LpQW0nbEFRpWeA8zZQWWW4pxp93JrvZZqNDA/KwUdku0qfUIlvkA
MhYsBYQH8DsgS7XvJ92IKrngq2pkuopG1GskKGfWfRNY
-----END CERTIFICATE-----
Generated at Sun Jun 15 13:17:58 2025 by rpki-client