Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/u1Xdw0q_baDtA4tLpO7YDu4hJ0o.roa
File: u1Xdw0q_baDtA4tLpO7YDu4hJ0o.roa (raw, json)
Hash identifier: aATXCiQ42d+2uyo/rim1gDkf9zMduMX6r3kQl+aV7UM=
Subject key identifier: BB:55:DD:C3:4A:BF:6D:A0:ED:03:8B:4B:A4:EE:D8:0E:EE:21:27:4A
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 019680C7597DDB12893E860CBD20B2176168
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/u1Xdw0q_baDtA4tLpO7YDu4hJ0o.roa
Signing time: Tue 29 Apr 2025 09:01:10 +0000
ROA not before: Tue 29 Apr 2025 09:01:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18811
IP address blocks: 89.34.64.0/22 maxlen: 22
Validation: Failed, certificate revoked on Fri 02 May 2025 10:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:80:c7:59:7d:db:12:89:3e:86:0c:bd:20:b2:17:61:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Apr 29 09:01:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb55ddc34abf6da0ed038b4ba4eed80eee21274a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:b7:12:80:47:43:e1:a5:05:2e:aa:a5:2c:37:
15:00:c5:fe:84:53:81:12:09:b9:67:b2:38:6b:8a:
fd:ba:e4:ed:cf:20:0c:9c:25:fb:8e:3e:dd:06:02:
33:a8:d1:93:7c:46:af:76:b0:6c:87:bb:39:99:73:
53:78:c1:43:4f:42:6b:67:b6:65:b0:6d:55:2f:aa:
13:06:b9:b1:9e:90:85:75:6e:84:b9:d9:a0:37:36:
95:22:b3:c3:c6:7e:9d:9d:f3:e7:d6:fb:9e:22:e2:
24:99:c7:14:b4:a2:66:e6:10:4c:ab:61:e9:0d:88:
8e:f2:b0:86:5c:ae:1a:f0:ce:52:89:16:84:dc:62:
b9:d2:59:e6:43:8b:cd:c6:cb:29:74:18:e0:ef:ca:
46:f2:b9:61:57:91:35:f1:12:ef:e1:d2:3f:51:04:
e1:3a:81:bd:74:3d:f2:9c:20:7e:17:7a:b4:6f:70:
ee:fc:41:5c:fe:cb:8b:15:9e:6d:8b:aa:69:7a:5d:
51:2b:2d:1b:d6:48:a8:77:47:b7:c8:f7:bd:d9:5a:
71:95:8a:d4:de:df:b7:aa:45:4d:2b:14:7d:81:26:
37:25:10:da:f4:58:0b:2b:f5:e5:55:d4:90:7b:e5:
76:f8:f7:0c:db:31:a1:68:2d:8e:6a:36:fb:60:e7:
36:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:55:DD:C3:4A:BF:6D:A0:ED:03:8B:4B:A4:EE:D8:0E:EE:21:27:4A
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/u1Xdw0q_baDtA4tLpO7YDu4hJ0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.64.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:c3:78:74:cd:33:dd:7e:d0:4c:08:4f:99:b3:a4:36:dd:e9:
df:6f:2c:ea:e4:39:27:4b:94:93:90:52:26:b1:33:6b:c8:db:
54:c2:a2:47:fb:fa:b6:9a:f5:ba:57:29:f7:d8:a0:ce:50:da:
21:9a:bc:7f:94:77:25:f2:3c:be:16:7a:9b:c4:e0:20:6c:af:
22:20:52:c0:29:75:c0:b5:8b:4d:4f:51:c0:7f:64:6d:38:01:
b6:89:36:5b:73:82:5d:6a:9a:dc:6b:27:e9:2b:5f:47:93:b3:
39:06:f5:c0:e2:83:61:fc:a8:71:6f:c9:4e:39:e2:c1:71:f5:
38:95:33:1d:06:47:61:2e:fa:1e:72:9d:4e:a7:90:b0:03:19:
15:aa:59:85:ff:84:d0:1a:29:88:71:18:07:c2:03:0a:e8:f6:
cc:88:cc:49:a9:9c:26:d7:a1:ae:ec:a5:04:25:50:42:20:85:
ec:08:a1:8e:9a:e2:25:9f:cb:06:cc:68:48:0f:d6:92:65:d4:
40:8f:72:50:e5:4a:4d:b9:fd:a3:b2:eb:73:63:35:b0:84:80:
fb:3f:b0:9d:68:c0:67:99:2b:4c:c4:e0:4e:ae:6f:19:4e:1c:
09:f8:ed:4b:1d:46:87:6a:08:67:e0:2c:fe:60:02:49:1e:49:
31:b6:9a:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaAx1l92xKJPoYMvSCyF2FoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwNDI5MDkwMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjU1ZGRjMzRhYmY2ZGEwZWQwMzhiNGJhNGVlZDgwZWVlMjEyNzRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy7cSgEdD4aUFLqqlLDcVAMX+hFOB
Egm5Z7I4a4r9uuTtzyAMnCX7jj7dBgIzqNGTfEavdrBsh7s5mXNTeMFDT0JrZ7Zl
sG1VL6oTBrmxnpCFdW6EudmgNzaVIrPDxn6dnfPn1vueIuIkmccUtKJm5hBMq2Hp
DYiO8rCGXK4a8M5SiRaE3GK50lnmQ4vNxsspdBjg78pG8rlhV5E18RLv4dI/UQTh
OoG9dD3ynCB+F3q0b3Du/EFc/suLFZ5ti6ppel1RKy0b1kiod0e3yPe92VpxlYrU
3t+3qkVNKxR9gSY3JRDa9FgLK/XlVdSQe+V2+PcM2zGhaC2Oajb7YOc2IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLtV3cNKv22g7QOLS6Tu2A7uISdKMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvdTFYZHcwcV9iYUR0QTR0THBPN1lEdTRoSjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSJAMA0G
CSqGSIb3DQEBCwUAA4IBAQDNw3h0zTPdftBMCE+Zs6Q23enfbyzq5DknS5STkFIm
sTNryNtUwqJH+/q2mvW6Vyn32KDOUNohmrx/lHcl8jy+FnqbxOAgbK8iIFLAKXXA
tYtNT1HAf2RtOAG2iTZbc4JdaprcayfpK19Hk7M5BvXA4oNh/Khxb8lOOeLBcfU4
lTMdBkdhLvoecp1Op5CwAxkVqlmF/4TQGimIcRgHwgMK6PbMiMxJqZwm16Gu7KUE
JVBCIIXsCKGOmuIln8sGzGhID9aSZdRAj3JQ5UpNuf2jsutzYzWwhID7P7CdaMBn
mStMxOBOrm8ZThwJ+O1LHUaHaghn4Cz+YAJJHkkxtpq0
-----END CERTIFICATE-----
Generated at Sun Jun 8 06:08:53 2025 by rpki-client