Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/rKnZjXIWZ3LJ_274CVK9j_0DYUs.roa
File: rKnZjXIWZ3LJ_274CVK9j_0DYUs.roa (raw, json)
Hash identifier: eUVGKnEQYEP+zE19Z9lXxqaEkpmhd6ut6mQFz3J2HpY=
Subject key identifier: AC:A9:D9:8D:72:16:67:72:C9:FF:6E:F8:09:52:BD:8F:FD:03:61:4B
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0196CF69F71286B93A657F7247CD5035784D
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/rKnZjXIWZ3LJ_274CVK9j_0DYUs.roa
Signing time: Wed 14 May 2025 15:29:10 +0000
ROA not before: Wed 14 May 2025 15:29:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.187.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 25 May 2025 11:05:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:cf:69:f7:12:86:b9:3a:65:7f:72:47:cd:50:35:78:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: May 14 15:29:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aca9d98d72166772c9ff6ef80952bd8ffd03614b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:7c:a2:9e:63:c0:42:4e:8f:71:c7:8e:67:ee:
7d:66:ca:6f:1b:28:96:d2:f4:76:38:4c:e3:ee:22:
9a:3e:30:0a:6a:51:50:b0:25:98:c2:6c:7c:b9:e5:
4f:e3:13:46:d4:a7:25:da:c1:6d:28:56:7b:f1:ee:
bc:a4:2b:56:c4:f9:5d:22:b3:86:3f:22:00:0c:d3:
45:23:54:d0:ff:4c:d7:0b:f5:d9:b0:3c:f2:05:ff:
50:fb:d0:04:20:c9:35:7b:6a:36:3c:36:05:97:5d:
0e:90:5e:c9:21:99:63:86:8b:f0:1d:e4:87:04:e0:
5b:c3:f5:d4:7e:f6:ef:2f:7f:96:76:9d:ff:03:fd:
ba:68:50:7f:e2:8a:81:7f:f2:d6:9d:97:cb:cf:42:
a2:23:dc:92:93:a6:90:84:a0:b9:1e:6f:f6:3f:dd:
e7:18:bb:e9:a0:03:36:50:94:b6:34:81:e9:47:46:
06:10:2b:3f:44:78:83:b2:bd:5c:c4:40:57:e2:31:
84:72:a7:dc:92:56:73:58:b4:af:e4:ce:4d:e9:64:
40:b5:21:9c:2d:83:e8:be:0a:bf:d0:b5:58:09:e4:
b1:e8:b3:ef:f7:07:62:8f:98:42:fb:3f:b5:6a:11:
63:dc:50:ab:f6:f4:6b:0f:74:46:b4:2b:f0:a2:d5:
ce:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:A9:D9:8D:72:16:67:72:C9:FF:6E:F8:09:52:BD:8F:FD:03:61:4B
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/rKnZjXIWZ3LJ_274CVK9j_0DYUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.21.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:4e:55:53:eb:bd:6b:49:a5:91:61:66:7e:9f:48:5a:90:33:
57:9a:9f:98:08:e8:64:7f:20:5b:b5:ca:7c:21:6f:c5:68:0a:
b1:68:55:4b:d1:e4:7f:ec:dc:cc:83:76:c5:38:20:11:db:49:
e9:1c:51:b2:d0:9e:58:d1:6a:d6:24:da:f2:13:14:b6:37:61:
c1:f4:a4:37:bf:73:d8:32:cd:9c:52:75:2e:e6:e3:91:19:ff:
44:f0:ab:ea:da:a4:69:02:b1:a0:cc:c8:70:55:f7:e3:2d:16:
10:62:26:49:37:f2:61:a8:76:76:14:db:c9:23:45:d8:ce:4c:
6b:b0:10:02:26:75:ca:73:23:82:18:ea:ae:43:72:b3:29:b2:
87:07:c5:32:ac:30:d8:fc:ec:eb:9a:cc:cc:9c:c7:dc:94:ca:
70:b5:12:0a:70:4e:d3:b5:b4:2c:85:83:43:62:82:13:ee:04:
bb:47:26:12:86:fd:83:ed:d9:36:55:f2:bd:ee:83:24:91:b7:
be:46:83:e4:50:1b:91:46:9b:ad:0c:d4:c2:6c:77:58:0c:a9:
65:02:15:11:54:b0:af:64:f0:00:6a:8a:fa:de:3d:fe:14:07:
51:e7:0f:5a:68:85:5e:bc:6f:5f:48:f5:3d:a5:88:8d:b0:23:
20:24:5d:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbPafcShrk6ZX9yR81QNXhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjUwNTE0MTUyOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhY2E5ZDk4ZDcyMTY2NzcyYzlmZjZlZjgwOTUyYmQ4ZmZkMDM2MTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjXyinmPAQk6PcceOZ+59ZspvGyiW
0vR2OEzj7iKaPjAKalFQsCWYwmx8ueVP4xNG1Kcl2sFtKFZ78e68pCtWxPldIrOG
PyIADNNFI1TQ/0zXC/XZsDzyBf9Q+9AEIMk1e2o2PDYFl10OkF7JIZljhovwHeSH
BOBbw/XUfvbvL3+Wdp3/A/26aFB/4oqBf/LWnZfLz0KiI9ySk6aQhKC5Hm/2P93n
GLvpoAM2UJS2NIHpR0YGECs/RHiDsr1cxEBX4jGEcqfcklZzWLSv5M5N6WRAtSGc
LYPovgq/0LVYCeSx6LPv9wdij5hC+z+1ahFj3FCr9vRrD3RGtCvwotXOYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKyp2Y1yFmdyyf9u+AlSvY/9A2FLMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvcktuWmpYSVdaM0xKXzI3NENWSzlqXzBEWVVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsVMA0G
CSqGSIb3DQEBCwUAA4IBAQAKTlVT671rSaWRYWZ+n0hakDNXmp+YCOhkfyBbtcp8
IW/FaAqxaFVL0eR/7NzMg3bFOCAR20npHFGy0J5Y0WrWJNryExS2N2HB9KQ3v3PY
Ms2cUnUu5uORGf9E8Kvq2qRpArGgzMhwVffjLRYQYiZJN/JhqHZ2FNvJI0XYzkxr
sBACJnXKcyOCGOquQ3KzKbKHB8UyrDDY/OzrmszMnMfclMpwtRIKcE7TtbQshYND
YoIT7gS7RyYShv2D7dk2VfK97oMkkbe+RoPkUBuRRputDNTCbHdYDKllAhURVLCv
ZPAAaor63j3+FAdR5w9aaIVevG9fSPU9pYiNsCMgJF1u
-----END CERTIFICATE-----
Generated at Fri Jun 13 14:53:05 2025 by rpki-client