Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/denh4YX2BPXiH7-yrs2PDxKTikc.roa
File: denh4YX2BPXiH7-yrs2PDxKTikc.roa (raw, json)
Hash identifier: zAezHNDl85P8Pamer+VY+oKM/jWxeE3Eb6VktF3rkF0=
Subject key identifier: 75:E9:E1:E1:85:F6:04:F5:E2:1F:BF:B2:AE:CD:8F:0F:12:93:8A:47
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 01968185C7AD347FE7B1F8A7BD8F270CCE3C
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/denh4YX2BPXiH7-yrs2PDxKTikc.roa
Signing time: Tue 29 Apr 2025 12:29:10 +0000
ROA not before: Tue 29 Apr 2025 12:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 152.89.30.0/24 maxlen: 24
152.89.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 09:15:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:85:c7:ad:34:7f:e7:b1:f8:a7:bd:8f:27:0c:ce:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: Apr 29 12:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75e9e1e185f604f5e21fbfb2aecd8f0f12938a47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:2b:b4:8e:6d:0a:f6:04:42:63:0f:bd:96:20:
be:5d:58:d2:7e:dd:54:34:ae:99:e7:95:d7:33:16:
89:ba:8c:67:74:34:74:56:eb:d0:85:2b:20:7c:b2:
83:6e:a8:b6:aa:70:cf:d8:32:96:c5:7c:d2:e2:63:
05:e1:45:38:85:2f:f3:6c:ed:f1:2b:0f:6c:ce:dc:
68:d0:80:ff:bb:67:8f:cd:53:f6:dc:0f:87:f1:58:
3c:63:d7:2b:09:d6:4d:74:e9:bf:78:9c:e6:6f:2c:
f8:7d:f4:a6:bf:63:61:72:b4:96:5e:d9:1b:8e:97:
b2:e2:6c:95:ea:0f:14:ce:15:ee:16:40:53:f6:2f:
a6:58:09:0d:66:ad:9a:55:53:fc:2a:39:9e:b0:92:
14:af:d8:40:2b:76:19:1c:f1:22:2e:fc:f2:18:f9:
33:39:cd:55:21:5e:4f:d2:1b:88:53:29:40:43:c0:
86:f0:ee:7a:d9:a5:55:61:bc:d1:58:ed:65:16:97:
ab:ec:32:c1:38:be:21:db:a7:b6:7e:47:5d:25:b9:
6a:cb:02:31:82:22:3d:b1:70:e7:96:b0:dc:00:99:
ab:57:4d:cf:e0:4a:39:64:45:5e:c5:1a:c0:cc:de:
d5:d2:d3:4e:66:ab:e4:9c:8b:b6:77:1f:8d:5a:dd:
5e:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E9:E1:E1:85:F6:04:F5:E2:1F:BF:B2:AE:CD:8F:0F:12:93:8A:47
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/denh4YX2BPXiH7-yrs2PDxKTikc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.30.0/23
Signature Algorithm: sha256WithRSAEncryption
42:2e:a2:64:30:ce:42:49:6f:0e:6e:85:27:f4:0a:5e:3f:90:
61:f0:4d:11:c2:41:96:cd:c1:2a:3f:a7:66:61:f1:89:49:df:
92:ec:67:3b:49:45:43:cc:b8:8e:7a:6e:60:9c:ba:6c:93:dc:
1b:0f:74:6d:1b:9b:2a:7d:33:96:5f:35:ae:e4:18:50:4b:21:
f7:35:f1:5e:f1:4b:26:3a:5a:19:30:32:05:4a:9e:67:27:ce:
34:bb:c3:61:f5:64:68:01:2e:09:c9:fa:82:5a:bf:0c:1f:c4:
89:47:d8:c4:d0:ca:05:26:67:a1:9a:47:78:5d:29:38:2d:fd:
a9:6f:12:a4:ce:49:05:0b:29:a8:3c:ba:29:11:09:fa:41:12:
2e:f6:61:c8:56:b3:97:30:22:03:7c:b1:77:6d:37:f2:69:0a:
83:d0:3b:fc:cd:dd:e9:f9:8e:fe:40:73:4d:ae:31:83:fc:be:
48:98:18:6c:56:04:37:70:ef:6a:b6:92:e6:75:93:33:4f:41:
43:ae:c7:03:96:48:90:b2:76:bc:d4:a5:01:1a:7c:79:14:b4:
01:2a:e0:22:e7:82:32:9b:07:84:83:96:7c:d4:7b:3c:bb:cb:
28:9b:a4:15:1b:ef:6c:d0:41:9b:59:3d:aa:2f:13:a6:c4:c2:
d6:49:02:5b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaBhcetNH/nsfinvY8nDM48MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwNDI5MTIyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWU5ZTFlMTg1ZjYwNGY1ZTIxZmJmYjJhZWNkOGYwZjEyOTM4YTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwyu0jm0K9gRCYw+9liC+XVjSft1U
NK6Z55XXMxaJuoxndDR0VuvQhSsgfLKDbqi2qnDP2DKWxXzS4mMF4UU4hS/zbO3x
Kw9sztxo0ID/u2ePzVP23A+H8Vg8Y9crCdZNdOm/eJzmbyz4ffSmv2NhcrSWXtkb
jpey4myV6g8UzhXuFkBT9i+mWAkNZq2aVVP8KjmesJIUr9hAK3YZHPEiLvzyGPkz
Oc1VIV5P0huIUylAQ8CG8O562aVVYbzRWO1lFper7DLBOL4h26e2fkddJblqywIx
giI9sXDnlrDcAJmrV03P4Eo5ZEVexRrAzN7V0tNOZqvknIu2dx+NWt1eiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHXp4eGF9gT14h+/sq7Njw8Sk4pHMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEvZGVuaDRZWDJCUFhpSDcteXJzMlBEeEtUaWtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFkeMA0G
CSqGSIb3DQEBCwUAA4IBAQBCLqJkMM5CSW8OboUn9ApeP5Bh8E0RwkGWzcEqP6dm
YfGJSd+S7Gc7SUVDzLiOem5gnLpsk9wbD3RtG5sqfTOWXzWu5BhQSyH3NfFe8Usm
OloZMDIFSp5nJ840u8Nh9WRoAS4JyfqCWr8MH8SJR9jE0MoFJmehmkd4XSk4Lf2p
bxKkzkkFCymoPLopEQn6QRIu9mHIVrOXMCIDfLF3bTfyaQqD0Dv8zd3p+Y7+QHNN
rjGD/L5ImBhsVgQ3cO9qtpLmdZMzT0FDrscDlkiQsna81KUBGnx5FLQBKuAi54Iy
mweEg5Z81Hs8u8som6QVG+9s0EGbWT2qLxOmxMLWSQJb
-----END CERTIFICATE-----
Generated at Wed Jul 23 11:39:45 2025 by rpki-client