Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IDSX9R9PnlZ3LeBXBrD70T4kLoA.roa
File: IDSX9R9PnlZ3LeBXBrD70T4kLoA.roa (raw, json)
Hash identifier: 29fQNlUR+uHzoibp5PCW7vwycLWW2lpwkfKvcVydWLI=
Subject key identifier: 20:34:97:F5:1F:4F:9E:56:77:2D:E0:57:06:B0:FB:D1:3E:24:2E:80
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0197BF71E816B54CCADF7DD201C7AC02EFF1
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IDSX9R9PnlZ3LeBXBrD70T4kLoA.roa
Signing time: Mon 30 Jun 2025 06:06:42 +0000
ROA not before: Mon 30 Jun 2025 06:06:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.113.177.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Jul 2025 05:08:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:71:e8:16:b5:4c:ca:df:7d:d2:01:c7:ac:02:ef:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jun 30 06:06:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=203497f51f4f9e56772de05706b0fbd13e242e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9b:f3:45:1a:73:6c:f1:eb:17:29:86:98:33:
d3:51:e7:9a:e3:4b:2f:4e:be:5a:82:2f:bd:8f:e1:
ff:f0:ae:f8:24:36:6e:4a:6a:b1:1d:1d:b3:c4:98:
08:7c:d8:1d:a3:a2:f2:15:0c:f1:c4:a3:5c:64:d1:
4b:9f:fc:30:c1:8e:b9:8d:53:25:25:ac:aa:34:f2:
c0:6f:9b:b0:ba:fb:d4:26:d8:97:17:7c:49:40:72:
54:d8:b9:ed:d6:bb:33:c5:e0:40:10:d1:e1:9d:88:
5b:a2:4b:30:0e:a5:51:d3:d7:a9:fc:88:71:69:35:
b3:fa:82:2b:9e:b2:01:45:0b:d3:05:84:c3:34:ee:
84:85:e1:c7:69:0c:62:cd:90:a6:2e:77:85:5b:f2:
8a:45:38:1b:a9:03:c9:80:b7:45:9a:e6:a2:a3:68:
cf:dc:71:74:28:ab:8e:c6:db:0f:50:54:4d:fa:78:
14:12:82:9d:89:7a:2c:26:b7:60:3e:73:86:fa:29:
a2:be:47:62:ad:a6:a3:68:14:3f:c9:ce:09:4b:c6:
a0:09:e6:1c:11:b9:2c:47:3e:01:ed:e1:1f:e7:6a:
af:b6:6a:64:e4:2b:b6:06:a9:44:4e:4e:bf:28:1d:
90:8e:7f:40:1a:9f:80:83:be:74:9c:c0:1c:66:63:
96:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:34:97:F5:1F:4F:9E:56:77:2D:E0:57:06:B0:FB:D1:3E:24:2E:80
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IDSX9R9PnlZ3LeBXBrD70T4kLoA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.113.177.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:46:bc:72:98:07:b9:33:1c:05:d4:7a:3c:93:d3:9e:bd:90:
4a:68:41:e8:94:b5:f8:d4:0d:1b:67:fd:8c:df:de:82:e0:8e:
79:6c:37:37:70:2e:95:35:6b:41:21:b8:0d:d6:97:d1:4c:69:
ed:31:b8:52:5d:84:ef:89:6b:65:e6:96:c2:e4:8d:ea:60:fe:
a7:f7:f4:58:13:0e:34:af:69:ec:52:02:79:17:9b:cd:c9:77:
db:84:4b:28:b2:53:32:22:46:fd:8f:7c:f0:2a:51:7e:48:14:
a8:76:4f:7f:64:7c:57:87:00:0a:f5:b8:85:88:0b:0d:92:a9:
97:b3:aa:fe:c9:1b:d1:f4:fc:32:ca:64:27:46:86:04:fd:53:
01:8d:9f:b7:93:49:ca:04:6f:f8:6f:43:33:e4:2f:e2:56:73:
42:75:c2:e5:e0:2d:62:58:d5:fc:dd:ce:14:82:37:0c:7b:7c:
a0:27:39:0c:05:77:15:e2:f1:8f:66:d5:8c:07:dc:30:89:b7:
99:5e:38:04:2a:cf:28:95:c9:67:7e:c4:28:7d:fd:6d:40:94:
6b:61:86:a5:d3:6d:49:2d:69:06:f6:b8:29:60:f9:57:9a:e3:
0f:67:d5:63:eb:1d:94:20:64:f7:31:3e:f4:7d:34:89:10:33:
ea:28:96:fd
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZe/cegWtUzK333SAcesAu/xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNjMwMDYwNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDM0OTdmNTFmNGY5ZTU2NzcyZGUwNTcwNmIwZmJkMTNlMjQyZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZvzRRpzbPHrFymGmDPTUeea40sv
Tr5agi+9j+H/8K74JDZuSmqxHR2zxJgIfNgdo6LyFQzxxKNcZNFLn/wwwY65jVMl
JayqNPLAb5uwuvvUJtiXF3xJQHJU2Lnt1rszxeBAENHhnYhbokswDqVR09ep/Ihx
aTWz+oIrnrIBRQvTBYTDNO6EheHHaQxizZCmLneFW/KKRTgbqQPJgLdFmuaio2jP
3HF0KKuOxtsPUFRN+ngUEoKdiXosJrdgPnOG+imivkdiraajaBQ/yc4JS8agCeYc
EbksRz4B7eEf52qvtmpk5Cu2BqlETk6/KB2Qjn9AGp+Ag750nMAcZmOWCwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFCA0l/UfT55Wdy3gVwaw+9E+JC6AMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSURTWDlSOVBubFozTGVCWEJyRDcwVDRrTG9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABdcbEwDQYJKoZIhvcNAQELBQADggEBAH5GvHKYB7kzHAXUejyT0569
kEpoQeiUtfjUDRtn/Yzf3oLgjnlsNzdwLpU1a0EhuA3Wl9FMae0xuFJdhO+Ja2Xm
lsLkjepg/qf39FgTDjSvaexSAnkXm83Jd9uESyiyUzIiRv2PfPAqUX5IFKh2T39k
fFeHAAr1uIWICw2SqZezqv7JG9H0/DLKZCdGhgT9UwGNn7eTScoEb/hvQzPkL+JW
c0J1wuXgLWJY1fzdzhSCNwx7fKAnOQwFdxXi8Y9m1YwH3DCJt5leOAQqzyiVyWd+
xCh9/W1AlGthhqXTbUktaQb2uClg+Vea4w9n1WPrHZQgZPcxPvR9NIkQM+oolv0=
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:32:38 2025 by rpki-client