Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/1-w6z39RYjuU5DqcyvnElig5oYI.roa
File: 1-w6z39RYjuU5DqcyvnElig5oYI.roa (raw, json)
Hash identifier: OreQvF9v7jhBvYHyowcy5gq6xzAIYk60JeLrUxxWGNY=
Subject key identifier: D7:EC:3A:CF:7F:51:62:3B:94:E4:3A:9C:CA:F9:C4:96:28:39:A1:82
Certificate issuer: /CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Certificate serial: 01958419D2F5572184FFDE12E361BECF559E
Authority key identifier: 1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/1-w6z39RYjuU5DqcyvnElig5oYI.roa
Signing time: Tue 11 Mar 2025 07:27:19 +0000
ROA not before: Tue 11 Mar 2025 07:27:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.18.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Tue 11 Mar 2025 10:11:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:19:d2:f5:57:21:84:ff:de:12:e3:61:be:cf:55:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Validity
Not Before: Mar 11 07:27:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7ec3acf7f51623b94e43a9ccaf9c4962839a182
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:00:07:8b:de:05:6c:8c:f4:4f:37:0f:46:68:
f2:6e:34:52:13:d1:01:9a:8b:82:29:0c:29:73:34:
9c:1b:c4:31:48:8a:a9:61:75:ae:9f:9f:b1:b7:14:
9e:b2:0b:7d:d4:38:c9:a9:52:ab:89:d1:fd:8b:48:
9f:77:3b:56:13:2b:36:21:50:eb:7d:a1:fe:89:ba:
26:f7:ef:4e:ef:c7:82:b0:68:d7:5f:f4:26:0b:b6:
8f:9e:22:a2:83:60:fa:44:79:6d:28:56:36:5d:81:
e0:4e:55:d9:3c:86:d9:d5:e1:a8:c8:d8:7f:54:9d:
77:46:e5:3b:75:57:25:b2:ed:87:90:41:e9:8e:a9:
d6:d7:89:5b:c4:1e:b7:a4:80:2f:39:08:78:9b:7e:
c3:03:b7:84:66:3c:f4:96:30:81:71:79:da:a4:4f:
9d:f5:cd:85:78:0c:de:db:73:98:32:ef:0e:4c:75:
4d:28:7e:15:49:e6:98:19:22:89:e0:83:be:14:53:
27:e1:53:1e:e5:cb:f6:3f:eb:4d:53:7d:81:16:8d:
3b:49:a7:2e:5f:24:bb:36:c5:75:df:d5:06:2e:ff:
2b:f0:d3:ad:ed:5b:0c:71:a0:a3:3e:cf:d6:cf:2c:
f6:1b:36:2a:cc:3c:25:f6:1a:25:66:f1:37:de:10:
7c:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EC:3A:CF:7F:51:62:3B:94:E4:3A:9C:CA:F9:C4:96:28:39:A1:82
X509v3 Authority Key Identifier:
keyid:1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/1-w6z39RYjuU5DqcyvnElig5oYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/Hx4uqu8HAVlawnVNASEhfnuR1zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.56.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:9f:7b:8b:1b:6a:80:59:13:2d:60:b4:cd:09:48:c0:b5:b9:
a2:a6:94:3a:60:49:0e:ed:d0:c3:d8:67:08:00:02:74:8f:07:
ef:5f:7c:ef:01:77:3b:3b:70:c7:06:21:25:0d:c3:9c:33:6e:
b2:5c:a0:64:41:0f:6b:64:9a:f4:2d:cb:23:29:58:5e:23:ae:
5f:3d:f8:30:f4:0d:10:e6:90:77:09:f2:5e:90:9b:62:0d:2e:
81:32:71:e9:94:1e:51:d2:bf:c0:3a:96:39:b2:58:5a:1b:1e:
d3:36:41:03:23:54:db:04:b1:72:52:0a:97:10:37:72:d3:c9:
c2:1a:fd:b0:d8:49:d7:e2:a0:dc:23:df:cf:b8:34:15:f6:0c:
8c:8d:17:8e:dc:a5:cf:32:c1:33:ae:20:b2:c5:03:13:41:76:
d0:7d:20:13:74:89:0c:e0:d0:5d:d9:cb:6d:bc:cf:56:a7:b3:
f0:23:b4:17:8c:b9:c5:0c:e1:30:ce:bb:70:d5:5a:a5:29:02:
b9:81:15:cb:e9:13:3c:fe:85:d1:c1:b8:34:91:c3:b9:ed:e8:
c7:2d:2a:7c:20:94:c1:da:99:58:ad:3c:76:04:d6:13:db:f4:
96:13:b5:89:38:79:81:90:86:67:93:74:6e:52:28:67:b7:aa:
3e:2a:ad:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWEGdL1VyGE/94S42G+z1WeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMWUyZWFhZWYwNzAxNTk1YWMyNzU0ZDAxMjEyMTdlN2I5
MWQ3MzkwHhcNMjUwMzExMDcyNzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2VjM2FjZjdmNTE2MjNiOTRlNDNhOWNjYWY5YzQ5NjI4MzlhMTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtwAHi94FbIz0TzcPRmjybjRSE9EB
mouCKQwpczScG8QxSIqpYXWun5+xtxSesgt91DjJqVKridH9i0ifdztWEys2IVDr
faH+ibom9+9O78eCsGjXX/QmC7aPniKig2D6RHltKFY2XYHgTlXZPIbZ1eGoyNh/
VJ13RuU7dVclsu2HkEHpjqnW14lbxB63pIAvOQh4m37DA7eEZjz0ljCBcXnapE+d
9c2FeAze23OYMu8OTHVNKH4VSeaYGSKJ4IO+FFMn4VMe5cv2P+tNU32BFo07Sacu
XyS7NsV139UGLv8r8NOt7VsMcaCjPs/Wzyz2GzYqzDwl9holZvE33hB8nQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNfsOs9/UWI7lOQ6nMr5xJYoOaGCMB8GA1UdIwQY
MBaAFB8eLqrvBwFZWsJ1TQEhIX57kdc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMt
MmIzNGI4NDMzYmI1LzEvMS13NnozOVJZanVVNURxY3l2bkVsaWc1b1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMtMmIzNGI4NDMzYmI1
LzEvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRI4MA0G
CSqGSIb3DQEBCwUAA4IBAQCln3uLG2qAWRMtYLTNCUjAtbmippQ6YEkO7dDD2GcI
AAJ0jwfvX3zvAXc7O3DHBiElDcOcM26yXKBkQQ9rZJr0LcsjKVheI65fPfgw9A0Q
5pB3CfJekJtiDS6BMnHplB5R0r/AOpY5slhaGx7TNkEDI1TbBLFyUgqXEDdy08nC
Gv2w2EnX4qDcI9/PuDQV9gyMjReO3KXPMsEzriCyxQMTQXbQfSATdIkM4NBd2ctt
vM9Wp7PwI7QXjLnFDOEwzrtw1VqlKQK5gRXL6RM8/oXRwbg0kcO57ejHLSp8IJTB
2plYrTx2BNYT2/SWE7WJOHmBkIZnk3RuUihnt6o+Kq3/
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:53:04 2025 by rpki-client