Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/BvHoCqGh4bJnOVmJ6NCmveadYhM.roa
File: BvHoCqGh4bJnOVmJ6NCmveadYhM.roa (raw, json)
Hash identifier: Ff1jVmSqJExQNQuPdfu0pbiZPT6nvpj1UfciQAjYvXQ=
Subject key identifier: 06:F1:E8:0A:A1:A1:E1:B2:67:39:59:89:E8:D0:A6:BD:E6:9D:62:13
Certificate issuer: /CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Certificate serial: 0196FC89DA444EA1FF2ECB952AA9170967F7
Authority key identifier: 1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/BvHoCqGh4bJnOVmJ6NCmveadYhM.roa
Signing time: Fri 23 May 2025 09:46:54 +0000
ROA not before: Fri 23 May 2025 09:46:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.18.52.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 May 2025 07:45:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fc:89:da:44:4e:a1:ff:2e:cb:95:2a:a9:17:09:67:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Validity
Not Before: May 23 09:46:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06f1e80aa1a1e1b267395989e8d0a6bde69d6213
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:2b:04:e1:6c:e8:2b:56:1d:0e:b8:a1:d6:53:
e8:6a:52:bb:04:f4:db:9f:e3:dc:0f:75:b0:ca:6f:
05:99:68:e1:26:4e:09:91:a0:6a:d8:f9:d2:d6:a1:
a2:2f:a6:39:17:9e:1a:41:36:a9:f7:ab:fd:9d:10:
cd:99:f5:79:4d:12:be:24:17:1e:37:09:50:34:f4:
b1:93:97:22:63:0a:66:07:64:3a:76:47:7a:b3:70:
a3:5f:ce:42:b2:52:28:9e:85:6a:e5:e6:a4:b2:80:
ab:e5:0d:f3:38:c2:20:fc:86:72:e3:82:4c:3e:22:
6e:a9:17:e8:f0:01:91:10:d6:36:09:2d:90:cd:ac:
c4:4a:02:45:f4:c7:91:f4:8f:e2:d3:be:41:68:c1:
8c:cd:27:db:67:67:b3:f7:f8:64:e0:b0:d0:07:a8:
e9:af:f8:d0:46:3e:73:d6:31:2d:e8:a4:d6:80:21:
5d:ee:37:e8:42:2c:73:fc:0e:fe:33:d0:4a:84:7c:
51:87:fc:d0:76:be:c0:3f:d9:50:94:91:65:1c:c2:
b3:1c:a0:e7:c7:8f:e3:90:1e:e4:e5:31:4f:1c:07:
5a:14:da:a0:3b:f4:69:3a:ec:8c:32:a8:0f:8f:cf:
89:89:53:5e:48:e5:b1:37:78:07:a8:a5:3c:cd:33:
ad:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F1:E8:0A:A1:A1:E1:B2:67:39:59:89:E8:D0:A6:BD:E6:9D:62:13
X509v3 Authority Key Identifier:
keyid:1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/BvHoCqGh4bJnOVmJ6NCmveadYhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/Hx4uqu8HAVlawnVNASEhfnuR1zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.52.0/22
Signature Algorithm: sha256WithRSAEncryption
29:5b:7d:6e:06:15:be:f8:9a:49:f5:36:d2:ae:d9:36:0a:1e:
85:f4:79:18:ec:d2:da:a6:8f:03:78:04:e5:6a:a5:c4:0d:28:
56:4f:41:74:65:c6:ad:c2:68:ba:41:1c:2f:35:42:df:fa:50:
6f:0d:57:36:c9:10:b1:21:f7:79:94:55:98:45:e0:50:53:12:
c8:51:47:42:8f:0a:5a:1f:b0:5d:d6:0d:db:98:7c:01:63:65:
9b:d2:ac:95:46:6d:0f:3f:51:0f:02:69:0f:91:90:9a:6c:d8:
7e:00:01:45:31:29:ca:c4:3f:f7:93:33:fc:43:ca:50:1d:79:
78:26:59:bd:fe:fc:6c:7a:70:fe:79:89:d6:a3:c6:11:13:04:
e9:e7:fc:8c:c4:9d:19:51:57:ee:ba:dc:71:9a:6e:c2:60:94:
84:49:96:68:bb:dc:75:68:ff:c4:1b:46:a0:3a:12:fa:07:71:
7a:11:fa:91:fa:44:93:96:d4:73:20:2d:d8:a9:be:8b:74:78:
35:ab:0e:ff:0a:04:75:96:c5:01:a9:b5:d1:5b:1a:c6:f5:f1:
90:4a:01:6c:5a:d1:af:72:10:b4:cd:0e:3d:43:dc:28:2c:fd:
5d:ee:82:c6:6e:49:b5:67:2c:37:06:80:64:fb:62:19:1a:65:
5b:3a:0c:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZb8idpETqH/LsuVKqkXCWf3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMWUyZWFhZWYwNzAxNTk1YWMyNzU0ZDAxMjEyMTdlN2I5
MWQ3MzkwHhcNMjUwNTIzMDk0NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmYxZTgwYWExYTFlMWIyNjczOTU5ODllOGQwYTZiZGU2OWQ2MjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvisE4WzoK1YdDrih1lPoalK7BPTb
n+PcD3Wwym8FmWjhJk4JkaBq2PnS1qGiL6Y5F54aQTap96v9nRDNmfV5TRK+JBce
NwlQNPSxk5ciYwpmB2Q6dkd6s3CjX85CslIonoVq5eaksoCr5Q3zOMIg/IZy44JM
PiJuqRfo8AGRENY2CS2QzazESgJF9MeR9I/i075BaMGMzSfbZ2ez9/hk4LDQB6jp
r/jQRj5z1jEt6KTWgCFd7jfoQixz/A7+M9BKhHxRh/zQdr7AP9lQlJFlHMKzHKDn
x4/jkB7k5TFPHAdaFNqgO/RpOuyMMqgPj8+JiVNeSOWxN3gHqKU8zTOtxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAbx6AqhoeGyZzlZiejQpr3mnWITMB8GA1UdIwQY
MBaAFB8eLqrvBwFZWsJ1TQEhIX57kdc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMt
MmIzNGI4NDMzYmI1LzEvQnZIb0NxR2g0YkpuT1ZtSjZOQ212ZWFkWWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMtMmIzNGI4NDMzYmI1
LzEvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRI0MA0G
CSqGSIb3DQEBCwUAA4IBAQApW31uBhW++JpJ9TbSrtk2Ch6F9HkY7NLapo8DeATl
aqXEDShWT0F0Zcatwmi6QRwvNULf+lBvDVc2yRCxIfd5lFWYReBQUxLIUUdCjwpa
H7Bd1g3bmHwBY2Wb0qyVRm0PP1EPAmkPkZCabNh+AAFFMSnKxD/3kzP8Q8pQHXl4
Jlm9/vxsenD+eYnWo8YREwTp5/yMxJ0ZUVfuutxxmm7CYJSESZZou9x1aP/EG0ag
OhL6B3F6EfqR+kSTltRzIC3Yqb6LdHg1qw7/CgR1lsUBqbXRWxrG9fGQSgFsWtGv
chC0zQ49Q9woLP1d7oLGbkm1Zyw3BoBk+2IZGmVbOgyz
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:52:15 2025 by rpki-client