Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/mhB6WVMKbF1RBrfRs-18p9FXFvw.roa
File: mhB6WVMKbF1RBrfRs-18p9FXFvw.roa (raw, json)
Hash identifier: XNkkIy5nY9doqh5ICxd/g37K7mNWYK/W90Ik7awJImQ=
Subject key identifier: 9A:10:7A:59:53:0A:6C:5D:51:06:B7:D1:B3:ED:7C:A7:D1:57:16:FC
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0196517B8103836EDF904B6BD843AB9486E3
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/mhB6WVMKbF1RBrfRs-18p9FXFvw.roa
Signing time: Sun 20 Apr 2025 04:36:10 +0000
ROA not before: Sun 20 Apr 2025 04:36:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 24 Apr 2025 06:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:51:7b:81:03:83:6e:df:90:4b:6b:d8:43:ab:94:86:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 20 04:36:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a107a59530a6c5d5106b7d1b3ed7ca7d15716fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8b:69:95:70:e2:09:f5:39:16:61:83:da:6e:
9b:0f:e7:a4:fd:71:54:d7:9e:58:76:14:db:e9:bc:
33:ff:93:91:39:f5:4e:a0:7e:d1:14:ae:2a:e8:ca:
45:03:ab:1c:87:54:43:bf:40:2a:52:df:46:fd:6f:
43:7f:75:7c:22:02:2e:6d:36:45:4f:87:88:bf:a7:
e9:65:d0:75:c8:5b:8e:1b:e6:ea:69:04:c1:de:e3:
83:86:0d:e7:fd:30:ff:63:db:55:9f:97:71:e7:39:
30:21:8d:02:ae:58:ba:46:8f:b9:c4:17:96:83:c8:
48:9d:05:61:4b:05:e6:74:68:10:74:90:fe:68:99:
25:3b:2b:d3:24:99:09:a9:4b:64:88:c9:a3:d0:11:
57:8c:6a:01:86:3e:5c:ae:f0:71:f7:ad:86:b4:c5:
60:25:b0:75:10:3e:74:11:7c:85:57:99:2f:44:22:
0a:54:ab:b4:c1:da:ce:72:d1:cc:c7:6f:a1:18:b2:
7c:9f:89:e0:9c:f9:dc:08:e3:14:bb:75:a7:6c:55:
91:c7:af:8e:06:c5:63:a6:35:64:24:66:cc:6d:3c:
3f:ec:e7:72:a5:57:e0:9a:4c:29:61:94:eb:f7:6c:
b3:83:0b:63:97:7d:45:9b:54:cb:26:fb:ab:cb:e9:
e7:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:10:7A:59:53:0A:6C:5D:51:06:B7:D1:B3:ED:7C:A7:D1:57:16:FC
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/mhB6WVMKbF1RBrfRs-18p9FXFvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
56:1a:c4:14:e7:a4:f1:99:4a:db:6a:45:4d:22:fd:65:04:6f:
4d:c0:3e:d5:5b:9b:d4:c1:b1:2a:df:49:2c:08:3e:f1:1f:c0:
1d:be:3c:09:61:df:28:b8:29:05:5a:64:54:27:b9:20:e5:90:
f0:b3:21:70:e8:69:23:fd:4f:5f:6f:22:9c:ef:5c:05:c0:8c:
3e:69:56:d0:44:00:36:9b:3b:6a:7d:7b:12:6a:b2:0c:dd:b1:
a9:71:02:0c:f4:f7:2e:0b:65:13:23:4d:6e:19:9a:77:67:87:
1e:51:23:ae:d2:28:46:98:8b:ea:fb:4e:20:9c:45:2f:93:58:
5e:da:88:2a:92:6c:d2:2f:e3:89:ea:3b:b3:aa:be:d3:e4:63:
a7:a2:8b:92:54:d3:bd:00:2c:20:fe:5d:98:e7:32:8a:94:88:
35:49:a9:78:5f:73:21:17:87:66:13:55:f5:3b:73:28:13:f7:
78:dd:95:aa:a5:22:17:56:23:09:07:89:5e:97:5e:d5:e6:51:
29:46:fa:59:92:8e:5a:0d:e5:0a:06:42:20:39:95:73:73:20:
a8:1d:2d:d1:56:3b:be:07:e6:5b:d3:70:b1:3c:21:9a:03:b2:
a7:f0:77:46:1a:76:4f:32:a6:93:91:09:3b:e8:8a:b3:48:df:
b8:56:8f:2a
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZZRe4EDg27fkEtr2EOrlIbjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNDIwMDQzNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTEwN2E1OTUzMGE2YzVkNTEwNmI3ZDFiM2VkN2NhN2QxNTcxNmZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYtplXDiCfU5FmGD2m6bD+ek/XFU
155YdhTb6bwz/5OROfVOoH7RFK4q6MpFA6sch1RDv0AqUt9G/W9Df3V8IgIubTZF
T4eIv6fpZdB1yFuOG+bqaQTB3uODhg3n/TD/Y9tVn5dx5zkwIY0Crli6Ro+5xBeW
g8hInQVhSwXmdGgQdJD+aJklOyvTJJkJqUtkiMmj0BFXjGoBhj5crvBx962GtMVg
JbB1ED50EXyFV5kvRCIKVKu0wdrOctHMx2+hGLJ8n4ngnPncCOMUu3WnbFWRx6+O
BsVjpjVkJGbMbTw/7OdypVfgmkwpYZTr92yzgwtjl31Fm1TLJvury+nnNwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJoQellTCmxdUQa30bPtfKfRVxb8MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvbWhCNldWTUtiRjFSQnJmUnMtMThwOUZYRnZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBAFYaxBTnpPGZSttqRU0i/WUEb03APtVb
m9TBsSrfSSwIPvEfwB2+PAlh3yi4KQVaZFQnuSDlkPCzIXDoaSP9T19vIpzvXAXA
jD5pVtBEADabO2p9exJqsgzdsalxAgz09y4LZRMjTW4Zmndnhx5RI67SKEaYi+r7
TiCcRS+TWF7aiCqSbNIv44nqO7OqvtPkY6eii5JU070ALCD+XZjnMoqUiDVJqXhf
cyEXh2YTVfU7cygT93jdlaqlIhdWIwkHiV6XXtXmUSlG+lmSjloN5QoGQiA5lXNz
IKgdLdFWO74H5lvTcLE8IZoDsqfwd0Yadk8yppORCTvoirNI37hWjyo=
-----END CERTIFICATE-----
Generated at Sat Jun 7 17:55:55 2025 by rpki-client