Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/lZCsmPMsua5UthV2p-m8OkaniDI.roa
File: lZCsmPMsua5UthV2p-m8OkaniDI.roa (raw, json)
Hash identifier: fnJOhUPuokXdFI2oByVO0yTeJsJfB7rkn4JUa1b6CaA=
Subject key identifier: 95:90:AC:98:F3:2C:B9:AE:54:B6:15:76:A7:E9:BC:3A:46:A7:88:32
Certificate issuer: /CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Certificate serial: 0196D2CC8EADB6AA73D8EE24F5910B28093C
Authority key identifier: 1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/lZCsmPMsua5UthV2p-m8OkaniDI.roa
Signing time: Thu 15 May 2025 07:15:43 +0000
ROA not before: Thu 15 May 2025 07:15:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.18.52.0/22 maxlen: 24
89.18.56.0/22 maxlen: 24
Validation: Failed, certificate revoked on Fri 23 May 2025 09:46:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:cc:8e:ad:b6:aa:73:d8:ee:24:f5:91:0b:28:09:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Validity
Not Before: May 15 07:15:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9590ac98f32cb9ae54b61576a7e9bc3a46a78832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:a8:fb:8b:d2:56:cb:99:bc:50:44:f2:34:44:
1e:e5:c7:04:5a:16:a5:e8:bd:47:8d:fe:6a:9d:6e:
83:f9:17:11:9b:47:15:a9:e5:04:a5:68:e1:0d:62:
ad:c7:35:81:d6:ca:17:c4:be:2d:b2:15:ac:18:4e:
9f:19:53:12:25:4a:b0:20:d5:33:61:9c:56:f5:f1:
ba:2e:8e:1d:a8:c8:07:9d:9b:28:7b:a0:e5:04:ce:
48:90:16:f9:1f:e2:60:2f:d5:8f:48:d0:48:b0:5f:
c8:44:ee:f0:8b:87:7c:01:61:75:37:73:28:f0:a9:
ce:3f:6e:c2:10:a5:b9:4c:b0:4d:a2:ce:b9:86:e3:
1d:78:99:29:82:07:f4:67:5d:c2:9c:c3:4d:7b:ba:
5d:78:08:45:86:15:ca:6c:45:d0:bb:42:f6:13:a3:
34:e0:5a:82:49:7e:71:bc:11:78:a4:d1:ee:f1:64:
f8:d1:60:7d:59:fe:57:51:5f:e8:6a:8b:8e:f5:9f:
b7:09:69:55:cb:10:3b:43:02:6f:75:00:49:44:1c:
db:b4:96:b3:cf:7d:6f:5a:7f:be:28:bd:0e:19:3b:
61:b9:87:99:36:51:f9:3f:ac:3f:75:af:e1:61:d7:
96:a0:98:75:f9:f2:5d:e9:cb:c6:16:39:ce:56:3e:
31:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:90:AC:98:F3:2C:B9:AE:54:B6:15:76:A7:E9:BC:3A:46:A7:88:32
X509v3 Authority Key Identifier:
keyid:1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/lZCsmPMsua5UthV2p-m8OkaniDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/Hx4uqu8HAVlawnVNASEhfnuR1zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.52.0-89.18.59.255
Signature Algorithm: sha256WithRSAEncryption
09:5e:64:34:92:96:18:c5:b9:6d:57:47:d4:3b:1c:0d:44:37:
db:9f:51:24:a9:4c:45:65:dc:5b:16:1d:b0:a1:d0:25:9b:a5:
d3:8e:e4:38:8c:35:d4:80:48:60:23:52:32:ac:d2:4b:b6:c7:
7e:a2:36:c8:8f:30:26:c3:f8:fc:ac:3d:60:b2:26:37:6b:cb:
5e:40:87:b8:0a:41:d5:69:a6:e4:ef:64:d7:d5:a5:fe:ec:d1:
c4:31:ad:ed:a8:03:ed:68:24:bb:7a:61:40:85:2a:ee:42:43:
52:a3:f7:fc:14:cb:b6:61:2f:cf:dc:66:10:f8:72:b8:f6:23:
fe:48:2c:25:59:3f:91:08:38:5f:16:0b:d0:78:4b:0c:8f:30:
4a:b7:ec:d4:75:7d:80:34:5d:4e:56:7b:fb:57:e7:10:57:da:
97:41:04:ec:58:ce:9b:3b:34:91:0e:e8:4f:48:03:f5:67:3a:
1f:ab:8d:4e:d1:ef:77:f4:7b:59:08:f9:76:3f:4c:c5:32:e2:
77:2d:2f:c1:b7:a8:60:46:89:67:bd:15:63:f9:f5:d6:9d:6e:
a0:fc:75:97:94:e0:5e:e1:e5:ab:de:c9:eb:8f:f5:66:8f:cd:
fe:89:46:c1:79:92:ef:67:ae:05:34:27:77:dd:de:33:c8:10:
cf:ba:c3:f4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZbSzI6ttqpz2O4k9ZELKAk8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMWUyZWFhZWYwNzAxNTk1YWMyNzU0ZDAxMjEyMTdlN2I5
MWQ3MzkwHhcNMjUwNTE1MDcxNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTkwYWM5OGYzMmNiOWFlNTRiNjE1NzZhN2U5YmMzYTQ2YTc4ODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA56j7i9JWy5m8UETyNEQe5ccEWhal
6L1Hjf5qnW6D+RcRm0cVqeUEpWjhDWKtxzWB1soXxL4tshWsGE6fGVMSJUqwINUz
YZxW9fG6Lo4dqMgHnZsoe6DlBM5IkBb5H+JgL9WPSNBIsF/IRO7wi4d8AWF1N3Mo
8KnOP27CEKW5TLBNos65huMdeJkpggf0Z13CnMNNe7pdeAhFhhXKbEXQu0L2E6M0
4FqCSX5xvBF4pNHu8WT40WB9Wf5XUV/oaouO9Z+3CWlVyxA7QwJvdQBJRBzbtJaz
z31vWn++KL0OGTthuYeZNlH5P6w/da/hYdeWoJh1+fJd6cvGFjnOVj4xFQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFJWQrJjzLLmuVLYVdqfpvDpGp4gyMB8GA1UdIwQY
MBaAFB8eLqrvBwFZWsJ1TQEhIX57kdc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMt
MmIzNGI4NDMzYmI1LzEvbFpDc21QTXN1YTVVdGhWMnAtbThPa2FuaURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMtMmIzNGI4NDMzYmI1
LzEvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZEjQD
BAJZEjgwDQYJKoZIhvcNAQELBQADggEBAAleZDSSlhjFuW1XR9Q7HA1EN9ufUSSp
TEVl3FsWHbCh0CWbpdOO5DiMNdSASGAjUjKs0ku2x36iNsiPMCbD+PysPWCyJjdr
y15Ah7gKQdVppuTvZNfVpf7s0cQxre2oA+1oJLt6YUCFKu5CQ1Kj9/wUy7ZhL8/c
ZhD4crj2I/5ILCVZP5EIOF8WC9B4SwyPMEq37NR1fYA0XU5We/tX5xBX2pdBBOxY
zps7NJEO6E9IA/VnOh+rjU7R73f0e1kI+XY/TMUy4nctL8G3qGBGiWe9FWP59dad
bqD8dZeU4F7h5aveyeuP9WaPzf6JRsF5ku9nrgU0J3fd3jPIEM+6w/Q=
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:42:06 2025 by rpki-client