Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4EwUEw8BzldbxoXQuhUu7csFThI.roa
File: 4EwUEw8BzldbxoXQuhUu7csFThI.roa (raw, json)
Hash identifier: eLsu3KQbMUEQCOoKHYVym395RlHvNEY1o6yNMLrQgK0=
Subject key identifier: E0:4C:14:13:0F:01:CE:57:5B:C6:85:D0:BA:15:2E:ED:CB:05:4E:12
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0197F340A216F3AB60BB07EAFB5DADCA1A6F
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4EwUEw8BzldbxoXQuhUu7csFThI.roa
Signing time: Thu 10 Jul 2025 07:33:08 +0000
ROA not before: Thu 10 Jul 2025 07:33:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.47.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 12 Jul 2025 06:25:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:40:a2:16:f3:ab:60:bb:07:ea:fb:5d:ad:ca:1a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jul 10 07:33:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e04c14130f01ce575bc685d0ba152eedcb054e12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:34:c9:cd:b4:57:cb:23:42:09:14:da:6a:c9:
c8:70:e9:0c:be:65:9f:fb:da:7f:73:6d:24:e1:78:
ba:7b:b7:5a:45:ac:85:71:ae:cf:36:42:54:36:6c:
ce:12:c0:90:ae:9f:4a:00:cc:7b:1b:48:02:97:48:
79:3f:c6:d8:90:56:bb:c6:11:b6:b7:10:4e:de:f7:
f4:4a:27:d3:a7:b9:da:7c:1b:73:ef:fd:70:c2:c8:
12:55:20:54:ce:b6:28:cb:40:b5:1f:93:1e:2c:c5:
2d:b9:ad:a4:d5:ae:9a:91:7c:1a:08:88:c7:b8:98:
99:71:06:04:dd:fa:d8:84:80:5b:9d:3d:b5:9b:49:
a2:2d:15:24:53:cc:cd:56:42:56:7b:2d:2c:9d:18:
58:09:b3:ea:8c:a2:38:64:da:5a:d9:3f:be:9f:23:
c3:61:a9:c8:ab:46:1c:fb:4b:4a:fe:3c:50:ce:70:
3b:7f:c2:d4:6e:03:60:36:79:81:07:56:d8:83:c9:
14:17:ac:d2:a8:67:cf:94:f0:7d:32:b0:c7:49:e8:
d0:d6:b3:62:6e:56:6d:ac:06:2d:7e:9b:0a:b6:11:
e5:8a:6b:53:29:ff:3e:a5:c2:a2:1a:1e:02:b1:49:
a8:2b:4c:48:90:d6:96:ba:86:38:2d:fa:0c:cf:e2:
d0:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:4C:14:13:0F:01:CE:57:5B:C6:85:D0:BA:15:2E:ED:CB:05:4E:12
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/4EwUEw8BzldbxoXQuhUu7csFThI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.47.100.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:5e:c1:e6:ad:59:b3:7d:4a:43:f8:ee:69:05:3b:cc:0d:41:
a5:56:b7:49:1d:73:10:18:5c:15:5d:71:68:4a:7f:13:38:78:
db:6b:ee:eb:ff:16:88:23:58:f7:15:93:61:85:93:d4:6a:10:
91:19:c3:13:62:bc:07:45:8f:2e:8d:85:8b:b1:91:87:7d:cd:
d6:70:8d:3f:84:d3:68:1d:17:98:1d:a9:75:dc:b9:4d:75:9c:
12:0d:2b:46:27:76:38:fe:3d:3f:17:20:83:51:1f:05:11:fc:
d0:5d:ad:c8:78:bb:c1:36:6f:96:45:6d:d7:54:0a:b0:69:de:
2b:1f:28:6d:4d:50:20:6c:f7:b7:f3:dc:a0:ed:68:0d:51:3a:
ab:06:c1:26:55:b1:f1:9c:96:03:fb:80:2b:4c:0e:7a:bc:19:
8b:79:72:b0:ec:d8:0c:52:3c:0e:ba:3c:89:70:a7:c6:2a:d7:
b8:b3:31:23:b2:55:4c:56:6c:3b:ab:f0:4b:2f:f7:28:bb:5a:
4f:ab:76:14:51:0a:00:b6:4e:fb:0b:9f:a8:73:af:50:c9:83:
e2:8e:77:1b:03:76:75:d7:cb:1d:b1:01:a4:07:fc:07:f3:b4:
ff:5d:19:48:e8:4b:7a:c2:3d:c1:a7:13:aa:0c:c3:7d:58:50:
b9:b2:b1:14
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZfzQKIW86tguwfq+12tyhpvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNzEwMDczMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDRjMTQxMzBmMDFjZTU3NWJjNjg1ZDBiYTE1MmVlZGNiMDU0ZTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzTJzbRXyyNCCRTaasnIcOkMvmWf
+9p/c20k4Xi6e7daRayFca7PNkJUNmzOEsCQrp9KAMx7G0gCl0h5P8bYkFa7xhG2
txBO3vf0SifTp7nafBtz7/1wwsgSVSBUzrYoy0C1H5MeLMUtua2k1a6akXwaCIjH
uJiZcQYE3frYhIBbnT21m0miLRUkU8zNVkJWey0snRhYCbPqjKI4ZNpa2T++nyPD
YanIq0Yc+0tK/jxQznA7f8LUbgNgNnmBB1bYg8kUF6zSqGfPlPB9MrDHSejQ1rNi
blZtrAYtfpsKthHlimtTKf8+pcKiGh4CsUmoK0xIkNaWuoY4LfoMz+LQYQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFOBMFBMPAc5XW8aF0LoVLu3LBU4SMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNEV3VUV3OEJ6bGRieG9YUXVoVXU3Y3NGVGhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZL2QwDQYJKoZIhvcNAQELBQADggEBABteweatWbN9SkP47mkFO8wN
QaVWt0kdcxAYXBVdcWhKfxM4eNtr7uv/FogjWPcVk2GFk9RqEJEZwxNivAdFjy6N
hYuxkYd9zdZwjT+E02gdF5gdqXXcuU11nBINK0Yndjj+PT8XIINRHwUR/NBdrch4
u8E2b5ZFbddUCrBp3isfKG1NUCBs97fz3KDtaA1ROqsGwSZVsfGclgP7gCtMDnq8
GYt5crDs2AxSPA66PIlwp8Yq17izMSOyVUxWbDur8Esv9yi7Wk+rdhRRCgC2TvsL
n6hzr1DJg+KOdxsDdnXXyx2xAaQH/AfztP9dGUjoS3rCPcGnE6oMw31YULmysRQ=
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:32:11 2025 by rpki-client