Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/h3q6Qj8JBMCKb_tTvQznlw8o0Wc.roa
File: h3q6Qj8JBMCKb_tTvQznlw8o0Wc.roa (raw, json)
Hash identifier: WNdsK7uEhxqoP7z7kKHpiLmq51mI3TZtcyVQNDjYcyk=
Subject key identifier: 87:7A:BA:42:3F:09:04:C0:8A:6F:FB:53:BD:0C:E7:97:0F:28:D1:67
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019822E2CD6E49CD96F8779858E5B82791CD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/h3q6Qj8JBMCKb_tTvQznlw8o0Wc.roa
Signing time: Sat 19 Jul 2025 13:32:25 +0000
ROA not before: Sat 19 Jul 2025 13:32:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213622
IP address blocks: 89.106.65.0/24 maxlen: 24
185.121.69.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 22 Jul 2025 04:05:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:22:e2:cd:6e:49:cd:96:f8:77:98:58:e5:b8:27:91:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 19 13:32:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=877aba423f0904c08a6ffb53bd0ce7970f28d167
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:30:98:70:da:52:d2:e3:a9:4c:15:56:52:96:
39:24:a7:01:57:5c:68:2f:66:76:51:4f:bc:eb:72:
9e:99:a5:b7:09:9f:4a:50:a9:07:0d:26:5d:81:29:
75:fa:16:70:22:13:88:9c:05:06:66:00:ec:bf:79:
21:42:cd:06:20:a3:76:16:35:ab:cf:56:b6:67:5b:
79:ff:6d:d7:91:04:a0:e2:31:95:6a:57:d9:6b:98:
b1:da:9f:b4:f2:65:90:90:e9:00:61:09:36:5a:b3:
ae:5e:7e:e2:b9:31:30:fe:94:50:72:5b:80:0a:db:
cd:e7:44:34:fb:95:c3:4c:d0:b7:08:61:df:74:cf:
82:81:78:40:0b:e1:a8:05:04:30:1c:51:5c:07:ef:
39:da:9d:30:3e:a6:b7:5a:ae:c9:ef:62:20:93:55:
ca:a5:cd:25:c7:56:9d:70:ca:31:db:a8:23:51:4e:
08:d5:20:a0:47:41:fe:48:76:ff:35:87:57:ca:e6:
2f:8c:2a:b1:4b:d4:cb:a0:51:cd:28:0f:e7:3c:cf:
e0:aa:5c:94:29:99:fb:18:e1:63:45:71:55:d5:94:
6d:49:b0:62:d9:a7:a9:f1:7a:ab:9c:9e:2f:78:5e:
d5:ad:4f:ac:22:8a:9a:33:3e:1a:45:3b:bf:bb:39:
99:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:7A:BA:42:3F:09:04:C0:8A:6F:FB:53:BD:0C:E7:97:0F:28:D1:67
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/h3q6Qj8JBMCKb_tTvQznlw8o0Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.106.65.0/24
185.121.69.0/24
Signature Algorithm: sha256WithRSAEncryption
83:e5:08:4a:03:67:bc:b0:7c:79:e1:cc:49:36:ff:3c:70:18:
6e:6c:ec:01:b8:28:9e:9a:2e:04:17:0d:02:76:12:36:83:3c:
26:be:1d:16:a5:13:de:f3:00:0e:af:84:05:46:da:e7:0e:06:
d7:42:8c:f5:04:c7:9d:0c:8e:36:3a:d3:9b:6a:67:fd:ec:f9:
62:38:c1:e9:ee:3e:7d:6e:78:e9:ed:82:2d:a4:6d:04:f0:ee:
6b:b0:d2:49:bd:1b:fb:fa:bb:1b:fc:9f:40:a6:16:1c:1b:cd:
72:74:b1:04:25:d1:cf:87:dc:69:47:0e:fe:5a:47:e8:4d:d5:
60:dd:20:6b:48:b3:76:96:d8:17:91:da:5f:d9:2c:10:b8:81:
df:12:68:8f:9e:09:e5:28:8f:41:f4:ec:09:64:41:0d:90:77:
b4:5c:93:a1:39:50:96:90:a2:b7:6a:92:91:89:92:73:e4:dd:
33:d7:98:21:40:e0:f5:14:cd:de:f7:7a:d0:bf:d0:97:dd:1c:
20:53:be:fc:18:ee:78:dc:23:7c:f3:1d:99:35:d1:b4:a8:8a:
78:1c:26:ee:ce:3f:7e:f4:92:fb:a8:7b:c2:8e:68:5e:61:78:
2b:81:87:97:ce:33:51:26:29:8e:1b:98:f8:5a:c7:15:a4:2e:
c8:44:84:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZgi4s1uSc2W+HeYWOW4J5HNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNzE5MTMzMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzdhYmE0MjNmMDkwNGMwOGE2ZmZiNTNiZDBjZTc5NzBmMjhkMTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxTCYcNpS0uOpTBVWUpY5JKcBV1xo
L2Z2UU+863KemaW3CZ9KUKkHDSZdgSl1+hZwIhOInAUGZgDsv3khQs0GIKN2FjWr
z1a2Z1t5/23XkQSg4jGValfZa5ix2p+08mWQkOkAYQk2WrOuXn7iuTEw/pRQcluA
CtvN50Q0+5XDTNC3CGHfdM+CgXhAC+GoBQQwHFFcB+852p0wPqa3Wq7J72Igk1XK
pc0lx1adcMox26gjUU4I1SCgR0H+SHb/NYdXyuYvjCqxS9TLoFHNKA/nPM/gqlyU
KZn7GOFjRXFV1ZRtSbBi2aep8XqrnJ4veF7VrU+sIoqaMz4aRTu/uzmZvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFId6ukI/CQTAim/7U70M55cPKNFnMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaDNxNlFqOEpCTUNLYl90VHZRem5sdzhvMFdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWWpBAwQA
uXlFMA0GCSqGSIb3DQEBCwUAA4IBAQCD5QhKA2e8sHx54cxJNv88cBhubOwBuCie
mi4EFw0CdhI2gzwmvh0WpRPe8wAOr4QFRtrnDgbXQoz1BMedDI42OtObamf97Pli
OMHp7j59bnjp7YItpG0E8O5rsNJJvRv7+rsb/J9AphYcG81ydLEEJdHPh9xpRw7+
WkfoTdVg3SBrSLN2ltgXkdpf2SwQuIHfEmiPngnlKI9B9OwJZEENkHe0XJOhOVCW
kKK3apKRiZJz5N0z15ghQOD1FM3e93rQv9CX3RwgU778GO543CN88x2ZNdG0qIp4
HCbuzj9+9JL7qHvCjmheYXgrgYeXzjNRJimOG5j4WscVpC7IRIRw
-----END CERTIFICATE-----
Generated at Tue Jul 22 06:23:18 2025 by rpki-client