Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2avFBDVz7oGccfE07X-r8GI08lo.roa
File: 2avFBDVz7oGccfE07X-r8GI08lo.roa (raw, json)
Hash identifier: codEL8tBW5D0yPVKYucKWVbMJX9pIfFSg2d7dtuw2s4=
Subject key identifier: D9:AB:C5:04:35:73:EE:81:9C:71:F1:34:ED:7F:AB:F0:62:34:F2:5A
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0197AAD4CE0530A1F00778430A274E4AF58D
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2avFBDVz7oGccfE07X-r8GI08lo.roa
Signing time: Thu 26 Jun 2025 06:02:42 +0000
ROA not before: Thu 26 Jun 2025 06:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.113.178.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 26 Jun 2025 08:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:aa:d4:ce:05:30:a1:f0:07:78:43:0a:27:4e:4a:f5:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jun 26 06:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d9abc5043573ee819c71f134ed7fabf06234f25a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:88:f3:ad:9b:33:cd:4a:5d:20:53:16:74:58:
b1:94:27:12:84:d9:01:41:75:1d:bf:a8:14:29:b7:
c8:1d:94:3d:42:b2:e1:6b:3f:8d:7a:65:b0:19:a2:
c7:3c:ea:fc:8c:7b:61:48:8d:c1:8a:51:31:e8:5a:
5f:c1:28:43:16:ea:de:f9:25:f8:3c:32:9a:0d:db:
f6:9f:5a:3d:48:8a:a2:1d:1f:eb:22:8a:d1:a7:91:
ed:dc:11:75:5f:21:94:8b:a0:02:39:53:3d:78:c0:
40:7b:20:fb:e0:0c:7c:4c:ee:97:bf:db:4c:7d:b6:
ff:90:b3:0d:f1:0e:db:81:af:66:c5:3f:99:a1:37:
01:30:bf:d3:35:34:ce:16:85:fa:7f:61:c3:ef:60:
96:c6:9e:1f:d5:43:3c:73:d5:bc:b5:c7:e1:90:2f:
d8:be:5c:2f:76:1d:5b:89:fb:b6:8d:11:ba:ec:ee:
9c:41:f1:3c:36:2c:9c:ef:16:a7:32:13:38:d9:49:
61:87:42:73:7d:7f:40:62:52:24:46:ad:d7:3e:a0:
1d:0e:7e:74:3d:40:10:89:8a:63:88:f4:d7:e7:76:
a7:d3:55:9e:4e:66:1c:7c:8f:38:11:f6:ee:93:e4:
c9:a4:07:a3:36:b8:ca:19:2d:e1:33:24:07:75:7f:
b9:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:AB:C5:04:35:73:EE:81:9C:71:F1:34:ED:7F:AB:F0:62:34:F2:5A
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/2avFBDVz7oGccfE07X-r8GI08lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.113.178.0/24
Signature Algorithm: sha256WithRSAEncryption
63:3f:4b:bb:8d:a5:dc:0c:00:18:bc:73:12:d7:9e:c9:79:9d:
44:1e:63:10:30:35:2f:00:b9:67:b1:1d:3a:7f:02:f1:e5:a6:
70:a5:3f:e2:6b:87:81:e4:54:45:bf:b4:fa:4c:f8:66:29:0e:
3d:58:29:1a:8f:9c:88:86:2c:91:d6:33:99:77:8e:44:b8:24:
40:a2:4c:37:95:75:e3:d4:b6:a7:73:a6:49:24:5e:61:5c:63:
fb:80:2c:eb:2e:92:e5:8b:0f:8a:9b:8a:9d:12:9f:8e:62:8d:
6c:6c:7c:1e:0a:f7:25:f8:f7:fa:44:8d:06:80:d5:0d:13:4c:
3e:3d:ae:aa:f0:cc:8e:a8:a7:47:62:10:08:46:8d:bb:8c:0d:
43:85:ed:0e:de:11:1b:69:e6:25:eb:4c:0e:c3:c4:15:7c:0d:
cf:49:63:43:d7:1d:86:8f:49:d3:2f:2e:c0:e3:93:32:b1:d3:
1b:20:4c:67:18:6f:19:e4:62:21:f9:4b:6f:83:d9:bd:65:00:
e7:6a:8d:74:f3:12:13:64:4b:f6:d3:e6:ad:0f:e2:db:4d:6e:
16:f4:64:33:35:4a:b2:4d:e8:41:c1:e1:1c:ed:5c:e6:20:51:
ad:a6:c1:07:e4:e2:ca:fa:a5:b9:2a:05:19:ca:35:ef:56:80:
d5:d9:d1:6f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZeq1M4FMKHwB3hDCidOSvWNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNjI2MDYwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWFiYzUwNDM1NzNlZTgxOWM3MWYxMzRlZDdmYWJmMDYyMzRmMjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4jzrZszzUpdIFMWdFixlCcShNkB
QXUdv6gUKbfIHZQ9QrLhaz+NemWwGaLHPOr8jHthSI3BilEx6FpfwShDFure+SX4
PDKaDdv2n1o9SIqiHR/rIorRp5Ht3BF1XyGUi6ACOVM9eMBAeyD74Ax8TO6Xv9tM
fbb/kLMN8Q7bga9mxT+ZoTcBML/TNTTOFoX6f2HD72CWxp4f1UM8c9W8tcfhkC/Y
vlwvdh1bifu2jRG67O6cQfE8Niyc7xanMhM42Ulhh0JzfX9AYlIkRq3XPqAdDn50
PUAQiYpjiPTX53an01WeTmYcfI84Efbuk+TJpAejNrjKGS3hMyQHdX+5+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFNmrxQQ1c+6BnHHxNO1/q/BiNPJaMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMmF2RkJEVno3b0djY2ZFMDdYLXI4R0kwOGxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABdcbIwDQYJKoZIhvcNAQELBQADggEBAGM/S7uNpdwMABi8cxLXnsl5
nUQeYxAwNS8AuWexHTp/AvHlpnClP+Jrh4HkVEW/tPpM+GYpDj1YKRqPnIiGLJHW
M5l3jkS4JECiTDeVdePUtqdzpkkkXmFcY/uALOsukuWLD4qbip0Sn45ijWxsfB4K
9yX49/pEjQaA1Q0TTD49rqrwzI6op0diEAhGjbuMDUOF7Q7eERtp5iXrTA7DxBV8
Dc9JY0PXHYaPSdMvLsDjkzKx0xsgTGcYbxnkYiH5S2+D2b1lAOdqjXTzEhNkS/bT
5q0P4ttNbhb0ZDM1SrJN6EHB4RztXOYgUa2mwQfk4sr6pbkqBRnKNe9WgNXZ0W8=
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:29:39 2025 by rpki-client