Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qadyNuPG0NHxwlFraTP-9VtKgWU.roa
File: qadyNuPG0NHxwlFraTP-9VtKgWU.roa (raw, json)
Hash identifier: lNN3B3qPCgKcU7l2jT/BREHLt/XqlWmgPDPpGzo4amU=
Subject key identifier: A9:A7:72:36:E3:C6:D0:D1:F1:C2:51:6B:69:33:FE:F5:5B:4A:81:65
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0196A9B4A6943B8EE750D29CEE5C8353F403
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qadyNuPG0NHxwlFraTP-9VtKgWU.roa
Signing time: Wed 07 May 2025 07:45:10 +0000
ROA not before: Wed 07 May 2025 07:45:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400402
IP address blocks: 89.42.87.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 May 2025 03:38:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:a9:b4:a6:94:3b:8e:e7:50:d2:9c:ee:5c:83:53:f4:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: May 7 07:45:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9a77236e3c6d0d1f1c2516b6933fef55b4a8165
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:98:3e:af:b5:08:e9:1e:a4:2e:34:0a:74:60:
42:38:d2:c3:83:b1:08:fd:e5:8e:2e:b7:1d:ba:58:
72:f1:75:00:02:cc:f1:29:c6:58:c8:c4:5c:8f:83:
75:48:9c:6c:1f:31:02:e3:f3:8e:e2:ea:53:d5:ab:
61:48:24:ac:3e:d8:fd:08:4f:6f:7f:78:ec:80:67:
38:db:49:ff:9e:b6:26:1a:0a:7b:91:80:7b:14:8c:
dc:53:3a:3f:1f:55:06:f7:e7:f8:bd:6f:a9:f5:0c:
94:6c:79:f1:2b:c5:3f:ec:a1:0b:af:e8:ad:4e:c6:
1b:10:94:26:40:fe:41:ac:1d:76:23:c6:49:14:ec:
44:37:ad:55:7c:06:41:54:f4:2d:5e:b9:04:dc:07:
3c:9e:2b:d5:5c:6c:8d:07:dd:66:68:16:6a:89:a9:
e1:ef:83:43:75:d4:e0:7f:f3:6b:aa:a1:e5:24:c0:
b4:d1:22:7c:23:16:c2:1f:8a:c3:97:1d:c4:a6:d0:
80:2c:b8:18:c6:09:ca:3a:d8:88:db:28:ba:a9:91:
49:96:85:25:06:e0:ca:60:74:fc:d7:01:aa:a9:e3:
aa:3e:e7:47:db:2a:f9:cb:63:41:c8:f2:3f:2a:29:
21:30:6a:67:32:30:72:53:5a:eb:3b:26:8d:f7:9a:
30:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:A7:72:36:E3:C6:D0:D1:F1:C2:51:6B:69:33:FE:F5:5B:4A:81:65
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qadyNuPG0NHxwlFraTP-9VtKgWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.87.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:b8:ea:a5:2f:9e:e8:da:a6:22:a7:f0:54:25:c5:70:18:70:
91:d5:b1:f7:82:91:e5:2a:b1:9b:65:cb:37:11:45:b3:29:3c:
f8:7d:af:00:7b:ee:5a:89:ae:be:7a:85:50:4c:d6:53:b4:52:
f9:fe:22:40:a0:ca:de:aa:f6:93:65:78:51:8e:66:0b:d1:8b:
2b:82:cb:89:fc:27:c2:bd:6b:13:03:01:0e:f2:d1:42:6e:21:
bb:64:ee:cd:54:3b:72:b8:8e:ee:f9:8b:c9:48:86:80:35:9c:
1b:5b:ac:14:0b:7e:32:ee:0f:b2:57:0b:1c:a0:2f:12:83:41:
93:b1:ff:73:cf:8d:7b:23:bf:d9:e4:77:a4:3b:64:3a:23:b3:
34:48:a9:ac:b4:4d:8c:94:16:b9:51:a2:6e:9b:7f:c6:86:51:
4f:c9:83:4d:e2:4a:a8:28:df:69:f1:2c:49:73:23:b5:24:98:
ad:77:1e:f3:b3:bd:4a:73:8b:6a:ac:86:ef:99:35:4f:a3:57:
1f:7e:cf:41:d3:88:6b:66:0a:9f:ca:76:a7:e6:7e:a5:af:6e:
87:40:42:f8:67:6e:e2:10:76:65:38:ea:40:19:cd:27:e9:1f:
da:f3:32:63:57:cd:54:23:6d:15:e6:1f:0b:97:38:e0:83:16:
b6:c7:43:84
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaptKaUO47nUNKc7lyDU/QDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNTA3MDc0NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWE3NzIzNmUzYzZkMGQxZjFjMjUxNmI2OTMzZmVmNTViNGE4MTY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypg+r7UI6R6kLjQKdGBCONLDg7EI
/eWOLrcdulhy8XUAAszxKcZYyMRcj4N1SJxsHzEC4/OO4upT1athSCSsPtj9CE9v
f3jsgGc420n/nrYmGgp7kYB7FIzcUzo/H1UG9+f4vW+p9QyUbHnxK8U/7KELr+it
TsYbEJQmQP5BrB12I8ZJFOxEN61VfAZBVPQtXrkE3Ac8nivVXGyNB91maBZqianh
74NDddTgf/NrqqHlJMC00SJ8IxbCH4rDlx3EptCALLgYxgnKOtiI2yi6qZFJloUl
BuDKYHT81wGqqeOqPudH2yr5y2NByPI/KikhMGpnMjByU1rrOyaN95owEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKmncjbjxtDR8cJRa2kz/vVbSoFlMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcWFkeU51UEcwTkh4d2xGcmFUUC05VnRLZ1dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpXMA0G
CSqGSIb3DQEBCwUAA4IBAQA+uOqlL57o2qYip/BUJcVwGHCR1bH3gpHlKrGbZcs3
EUWzKTz4fa8Ae+5aia6+eoVQTNZTtFL5/iJAoMreqvaTZXhRjmYL0YsrgsuJ/CfC
vWsTAwEO8tFCbiG7ZO7NVDtyuI7u+YvJSIaANZwbW6wUC34y7g+yVwscoC8Sg0GT
sf9zz417I7/Z5HekO2Q6I7M0SKmstE2MlBa5UaJum3/GhlFPyYNN4kqoKN9p8SxJ
cyO1JJitdx7zs71Kc4tqrIbvmTVPo1cffs9B04hrZgqfynan5n6lr26HQEL4Z27i
EHZlOOpAGc0n6R/a8zJjV81UI20V5h8Llzjggxa2x0OE
-----END CERTIFICATE-----
Generated at Sun Jun 8 03:08:37 2025 by rpki-client