Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/s7HuVQbn6jqnT1uJRusKgdkn2nU.roa
File: s7HuVQbn6jqnT1uJRusKgdkn2nU.roa (raw, json)
Hash identifier: OZv714wvwv4GMJyaMVan1E/74JVCH9IngJGUpk9qlsg=
Subject key identifier: B3:B1:EE:55:06:E7:EA:3A:A7:4F:5B:89:46:EB:0A:81:D9:27:DA:75
Certificate issuer: /CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Certificate serial: 019584B3221C679F50F162D156C656B51497
Authority key identifier: 1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/s7HuVQbn6jqnT1uJRusKgdkn2nU.roa
Signing time: Tue 11 Mar 2025 10:14:46 +0000
ROA not before: Tue 11 Mar 2025 10:14:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 89.18.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Sat 15 Mar 2025 08:23:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:b3:22:1c:67:9f:50:f1:62:d1:56:c6:56:b5:14:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Validity
Not Before: Mar 11 10:14:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3b1ee5506e7ea3aa74f5b8946eb0a81d927da75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:67:00:66:a2:a9:cd:8e:18:32:82:0e:cd:29:
6f:95:7e:95:67:d9:6f:19:62:49:15:a6:3d:25:0b:
94:40:53:25:2e:d9:6d:60:29:12:bb:6a:87:e6:88:
49:8e:7f:20:30:8a:19:f5:56:50:18:57:a4:0c:79:
dd:2b:ac:2e:98:5b:1d:08:08:2c:84:2b:ab:7c:d6:
ad:ac:72:1c:50:fb:b6:a5:4f:ea:c3:27:e9:f8:5d:
95:fd:b2:45:da:50:f4:3a:c5:c9:8b:e6:b1:9b:de:
2d:ac:41:b6:e4:dd:09:9f:34:b9:41:f4:19:30:54:
71:e0:05:d0:a8:ce:d6:54:9c:da:64:c9:ee:83:3a:
8b:c6:b3:66:30:50:a7:7b:d6:f2:a3:13:19:0c:a9:
1a:88:a0:bb:58:63:f2:65:50:04:97:ef:d9:4a:f2:
f9:08:9c:92:77:62:b8:d8:0e:c6:3a:bf:1e:f8:9e:
54:14:06:62:bb:b7:50:34:7c:26:64:b8:69:b1:5a:
70:63:92:04:47:75:f8:05:17:de:e1:40:a7:e1:32:
41:54:8f:52:17:14:36:55:4e:7f:d7:7a:4f:26:ba:
66:84:97:18:85:bd:30:bc:36:3f:47:b8:1f:e1:ca:
a3:ef:60:f5:ff:cc:87:38:ee:b8:f7:27:ba:7e:f5:
08:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B1:EE:55:06:E7:EA:3A:A7:4F:5B:89:46:EB:0A:81:D9:27:DA:75
X509v3 Authority Key Identifier:
keyid:1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/s7HuVQbn6jqnT1uJRusKgdkn2nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/Hx4uqu8HAVlawnVNASEhfnuR1zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.56.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:56:40:fb:95:fb:57:44:81:02:1d:c7:af:17:bd:32:f3:65:
45:f7:6e:c9:d6:92:97:6c:0a:c0:8d:85:9f:6f:39:e5:e2:17:
73:a9:30:22:00:1a:54:1f:17:27:c9:61:38:ec:e0:3a:ec:dc:
2c:08:76:79:48:2a:9b:ed:4a:9f:f8:1e:44:a3:29:3d:52:79:
f9:31:87:85:23:f4:e0:d1:59:09:0b:29:d0:c0:c4:89:59:e1:
dc:29:49:5d:8a:ee:a8:9f:6d:91:ee:ed:1d:42:3c:09:d7:3a:
85:11:0e:c1:3a:df:37:41:1d:82:c9:01:d8:35:b7:fd:c7:ab:
52:fe:13:e2:2f:10:6f:3f:ed:9a:3c:d4:81:5a:74:7c:a5:7f:
a5:a2:7d:7a:c3:bd:d1:24:44:f7:4e:90:98:55:55:c9:4d:35:
d8:cc:2a:3c:98:fb:af:89:67:43:2e:06:e0:bf:d1:e9:5c:9a:
40:de:3b:a5:40:16:d6:f9:27:4a:a0:94:f5:f5:55:4e:14:79:
d0:c6:eb:59:4f:80:e8:aa:47:ec:f3:b5:49:77:26:51:8e:35:
46:86:fe:01:d6:37:90:1f:b2:7c:39:b0:79:d6:14:a8:66:00:
a1:00:8e:f4:4b:de:cf:9e:e5:7a:c1:eb:74:c4:b0:0d:8a:75:
bf:69:55:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZWEsyIcZ59Q8WLRVsZWtRSXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMWUyZWFhZWYwNzAxNTk1YWMyNzU0ZDAxMjEyMTdlN2I5
MWQ3MzkwHhcNMjUwMzExMTAxNDQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2IxZWU1NTA2ZTdlYTNhYTc0ZjViODk0NmViMGE4MWQ5MjdkYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWcAZqKpzY4YMoIOzSlvlX6VZ9lv
GWJJFaY9JQuUQFMlLtltYCkSu2qH5ohJjn8gMIoZ9VZQGFekDHndK6wumFsdCAgs
hCurfNatrHIcUPu2pU/qwyfp+F2V/bJF2lD0OsXJi+axm94trEG25N0JnzS5QfQZ
MFRx4AXQqM7WVJzaZMnugzqLxrNmMFCne9byoxMZDKkaiKC7WGPyZVAEl+/ZSvL5
CJySd2K42A7GOr8e+J5UFAZiu7dQNHwmZLhpsVpwY5IER3X4BRfe4UCn4TJBVI9S
FxQ2VU5/13pPJrpmhJcYhb0wvDY/R7gf4cqj72D1/8yHOO649ye6fvUItQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOx7lUG5+o6p09biUbrCoHZJ9p1MB8GA1UdIwQY
MBaAFB8eLqrvBwFZWsJ1TQEhIX57kdc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMt
MmIzNGI4NDMzYmI1LzEvczdIdVZRYm42anFuVDF1SlJ1c0tnZGtuMm5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMtMmIzNGI4NDMzYmI1
LzEvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRI4MA0G
CSqGSIb3DQEBCwUAA4IBAQCnVkD7lftXRIECHcevF70y82VF927J1pKXbArAjYWf
bznl4hdzqTAiABpUHxcnyWE47OA67NwsCHZ5SCqb7Uqf+B5Eoyk9Unn5MYeFI/Tg
0VkJCynQwMSJWeHcKUldiu6on22R7u0dQjwJ1zqFEQ7BOt83QR2CyQHYNbf9x6tS
/hPiLxBvP+2aPNSBWnR8pX+lon16w73RJET3TpCYVVXJTTXYzCo8mPuviWdDLgbg
v9HpXJpA3julQBbW+SdKoJT19VVOFHnQxutZT4Doqkfs87VJdyZRjjVGhv4B1jeQ
H7J8ObB51hSoZgChAI70S97PnuV6wet0xLANinW/aVX2
-----END CERTIFICATE-----
Generated at Sun Jun 8 07:39:16 2025 by rpki-client