Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/VGt1yahutnxsxCxIkugZS0v1ZuE.roa
File: VGt1yahutnxsxCxIkugZS0v1ZuE.roa (raw, json)
Hash identifier: jOMg6FtJf1bKYuHhVRN6sNYHWTFDVMEe2P0SKoPsICY=
Subject key identifier: 54:6B:75:C9:A8:6E:B6:7C:6C:C4:2C:48:92:E8:19:4B:4B:F5:66:E1
Certificate issuer: /CN=a750263823402b83c11c5014d32666dcab111447
Certificate serial: 01971647D14F97826910E978D26143B77C8B
Authority key identifier: A7:50:26:38:23:40:2B:83:C1:1C:50:14:D3:26:66:DC:AB:11:14:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p1AmOCNAK4PBHFAU0yZm3KsRFEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/VGt1yahutnxsxCxIkugZS0v1ZuE.roa
Signing time: Wed 28 May 2025 09:44:54 +0000
ROA not before: Wed 28 May 2025 09:44:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199675
IP address blocks: 89.28.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Jun 2025 12:07:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:16:47:d1:4f:97:82:69:10:e9:78:d2:61:43:b7:7c:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a750263823402b83c11c5014d32666dcab111447
Validity
Not Before: May 28 09:44:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=546b75c9a86eb67c6cc42c4892e8194b4bf566e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d2:81:93:40:0f:7a:03:05:59:24:30:89:d3:
c8:93:64:61:73:7b:ba:80:da:a6:68:46:29:43:7d:
3c:f7:63:9a:e3:10:70:b2:93:d8:db:93:c3:60:8c:
ad:c2:e9:3d:78:89:54:74:f3:b6:4b:5c:07:c6:17:
0e:06:9f:f8:b5:c1:b8:02:c4:15:b0:11:9a:e8:86:
0c:ac:2c:97:de:68:50:0e:e1:5f:a8:44:ec:27:ae:
9e:86:5f:ec:d3:b8:3b:97:85:d0:c1:71:6f:e1:0c:
61:e3:eb:7b:b4:22:a6:6b:ae:fb:f7:89:02:9e:24:
fa:c8:40:90:f4:1c:07:f2:a3:12:f3:97:d2:55:03:
ce:55:54:fe:5c:be:9b:5a:0a:8d:ef:9c:5d:a0:14:
b5:cb:d5:7a:8e:9e:6d:9f:f0:c5:e4:ae:64:00:fd:
e6:44:b8:b5:15:6f:6a:25:5b:34:ba:d3:d5:d0:2a:
67:94:58:16:ce:a2:2e:91:bf:20:3e:6e:f2:d0:d1:
6a:5d:87:a9:d4:dc:16:cc:b7:30:75:ee:b2:b3:83:
50:a7:40:7f:ad:0e:17:e4:95:64:2e:9c:77:20:44:
f0:08:d4:29:ad:55:0c:ce:94:84:e0:b7:4b:31:cf:
0a:21:47:10:a8:2f:23:a9:43:cf:38:e0:c8:e9:38:
41:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:6B:75:C9:A8:6E:B6:7C:6C:C4:2C:48:92:E8:19:4B:4B:F5:66:E1
X509v3 Authority Key Identifier:
keyid:A7:50:26:38:23:40:2B:83:C1:1C:50:14:D3:26:66:DC:AB:11:14:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p1AmOCNAK4PBHFAU0yZm3KsRFEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/VGt1yahutnxsxCxIkugZS0v1ZuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/ccb4fd-fa67-48d6-a8fc-9a29f1f4081c/1/p1AmOCNAK4PBHFAU0yZm3KsRFEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.187.0/24
Signature Algorithm: sha256WithRSAEncryption
62:bd:c8:9d:07:49:95:98:3f:a7:a2:1f:17:32:79:ed:0d:17:
05:f2:62:6c:2f:26:69:60:f9:70:1c:1e:c6:b5:48:59:09:25:
cd:c2:2d:3e:dc:06:14:1b:fa:be:9d:20:d0:68:fd:f6:87:b7:
a3:f1:bf:6c:eb:1b:16:cc:30:14:dd:be:3c:d3:dc:8b:75:97:
cd:d0:1d:34:7d:19:eb:2b:c2:36:02:67:60:d0:ba:59:ff:ff:
7e:52:09:8e:9c:e3:60:2f:a5:b2:d6:46:69:a8:7d:3f:8b:e9:
d9:9e:71:c7:4a:54:4c:f2:46:31:43:b1:85:b2:7b:62:ba:e2:
ff:7f:7b:1b:0d:b3:1b:1e:c6:e4:2d:b3:20:e7:23:cf:d8:58:
1a:da:40:5e:a4:11:af:cb:d0:01:24:40:5a:13:4f:00:92:b9:
31:6d:57:a0:ad:a4:6b:05:d0:7c:72:b7:bd:db:50:d7:b9:53:
be:ba:58:49:a1:2c:23:13:01:43:dd:56:22:46:91:5a:40:5e:
29:81:c0:a5:6a:7f:70:15:16:2c:63:1d:bc:26:ba:87:72:34:
f4:6b:34:d6:49:b4:02:8a:e6:39:26:8d:67:e1:9b:91:06:fc:
76:10:40:71:01:68:98:74:45:c2:28:38:1e:92:f5:66:f4:8e:
52:d8:19:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcWR9FPl4JpEOl40mFDt3yLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NTAyNjM4MjM0MDJiODNjMTFjNTAxNGQzMjY2NmRjYWIx
MTE0NDcwHhcNMjUwNTI4MDk0NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NDZiNzVjOWE4NmViNjdjNmNjNDJjNDg5MmU4MTk0YjRiZjU2NmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztKBk0APegMFWSQwidPIk2Rhc3u6
gNqmaEYpQ30892Oa4xBwspPY25PDYIytwuk9eIlUdPO2S1wHxhcOBp/4tcG4AsQV
sBGa6IYMrCyX3mhQDuFfqETsJ66ehl/s07g7l4XQwXFv4Qxh4+t7tCKma67794kC
niT6yECQ9BwH8qMS85fSVQPOVVT+XL6bWgqN75xdoBS1y9V6jp5tn/DF5K5kAP3m
RLi1FW9qJVs0utPV0CpnlFgWzqIukb8gPm7y0NFqXYep1NwWzLcwde6ys4NQp0B/
rQ4X5JVkLpx3IETwCNQprVUMzpSE4LdLMc8KIUcQqC8jqUPPOODI6ThB8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFRrdcmobrZ8bMQsSJLoGUtL9WbhMB8GA1UdIwQY
MBaAFKdQJjgjQCuDwRxQFNMmZtyrERRHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDFBbU9DTkFLNFBCSEZBVTB5Wm0zS3NSRkVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My9jY2I0ZmQtZmE2Ny00OGQ2LWE4ZmMt
OWEyOWYxZjQwODFjLzEvVkd0MXlhaHV0bnhzeEN4SWt1Z1pTMHYxWnVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My9jY2I0ZmQtZmE2Ny00OGQ2LWE4ZmMtOWEyOWYxZjQwODFj
LzEvcDFBbU9DTkFLNFBCSEZBVTB5Wm0zS3NSRkVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRy7MA0G
CSqGSIb3DQEBCwUAA4IBAQBivcidB0mVmD+noh8XMnntDRcF8mJsLyZpYPlwHB7G
tUhZCSXNwi0+3AYUG/q+nSDQaP32h7ej8b9s6xsWzDAU3b4809yLdZfN0B00fRnr
K8I2Amdg0LpZ//9+UgmOnONgL6Wy1kZpqH0/i+nZnnHHSlRM8kYxQ7GFsntiuuL/
f3sbDbMbHsbkLbMg5yPP2Fga2kBepBGvy9ABJEBaE08AkrkxbVegraRrBdB8cre9
21DXuVO+ulhJoSwjEwFD3VYiRpFaQF4pgcClan9wFRYsYx28JrqHcjT0azTWSbQC
iuY5Jo1n4ZuRBvx2EEBxAWiYdEXCKDgekvVm9I5S2BlA
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:56:41 2025 by rpki-client