Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/kNvhpbIgBsuuoHX4l5BEixI2PCo.roa
File: kNvhpbIgBsuuoHX4l5BEixI2PCo.roa (raw, json)
Hash identifier: ry/vGvX+8ysEplCqDxnkJahC1rNM9FQPEtQWSdh3zsk=
Subject key identifier: 90:DB:E1:A5:B2:20:06:CB:AE:A0:75:F8:97:90:44:8B:12:36:3C:2A
Certificate issuer: /CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Certificate serial: 0196AE94826308CBB2F2F272CAAB81BC9482
Authority key identifier: 49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/kNvhpbIgBsuuoHX4l5BEixI2PCo.roa
Signing time: Thu 08 May 2025 06:28:10 +0000
ROA not before: Thu 08 May 2025 06:28:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 329007
IP address blocks: 152.89.30.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 May 2025 10:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ae:94:82:63:08:cb:b2:f2:f2:72:ca:ab:81:bc:94:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4986c73994d02d91fc97d916e9809a6d981e6b17
Validity
Not Before: May 8 06:28:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90dbe1a5b22006cbaea075f89790448b12363c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d5:7b:59:9a:28:5c:2c:78:4f:a7:4b:aa:1b:
33:88:a7:30:9a:07:c9:e4:1a:6b:13:1d:c4:58:72:
6c:13:1f:29:bf:75:7d:81:9d:3a:2b:90:32:aa:f4:
ef:4f:bf:64:b3:97:16:eb:0e:29:0c:39:88:5d:4b:
43:b3:36:58:a6:3a:42:e1:0b:75:32:0c:36:bc:de:
8d:99:13:f2:17:2e:5e:45:56:5d:d4:c4:97:59:2d:
0f:19:88:2f:34:23:75:c1:a5:b3:83:fd:5d:47:7f:
aa:d9:c9:ab:2b:6d:0d:f6:18:0f:54:69:be:68:21:
f1:a3:7e:de:1c:95:38:db:95:73:2a:93:21:3f:d8:
4c:0f:e5:9b:4f:d3:87:91:19:75:77:ed:e5:6d:cc:
86:fe:b7:98:f5:90:a0:2b:63:50:0a:53:8d:3c:89:
af:ab:c2:2e:c8:13:6f:e7:60:07:56:7e:79:14:fc:
f2:76:da:c5:10:2d:35:42:ea:bd:5f:68:7d:9a:1d:
0c:8b:f9:86:8c:66:c6:51:ca:0c:82:0a:97:8d:67:
15:35:64:60:8f:e3:fd:e5:7d:c7:5c:38:0f:17:22:
51:6f:d8:f4:e9:43:6b:f3:9c:72:09:b8:a5:6f:af:
67:97:fd:51:23:3b:2d:8b:e1:81:40:c2:38:e0:70:
46:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:DB:E1:A5:B2:20:06:CB:AE:A0:75:F8:97:90:44:8B:12:36:3C:2A
X509v3 Authority Key Identifier:
keyid:49:86:C7:39:94:D0:2D:91:FC:97:D9:16:E9:80:9A:6D:98:1E:6B:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SYbHOZTQLZH8l9kW6YCabZgeaxc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/kNvhpbIgBsuuoHX4l5BEixI2PCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/457e13-41d3-40ef-b572-9e895d0ef8d2/1/SYbHOZTQLZH8l9kW6YCabZgeaxc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.89.30.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:9e:f9:ae:27:50:ba:d4:f6:21:33:41:a1:b6:cd:1c:e5:6f:
db:4a:1f:31:ed:59:31:4d:ab:dd:f6:e6:b4:28:c7:1a:a3:1e:
2e:c4:6d:36:f8:7f:54:4c:0b:9c:3f:aa:d3:26:89:2f:fe:c8:
8a:1d:d2:9a:0a:c3:64:a8:5d:a4:79:f3:b5:ff:5e:da:93:3e:
81:97:47:25:cf:75:44:f5:68:25:ad:61:3f:de:68:20:07:9a:
94:94:4c:34:c5:c2:03:68:ad:60:90:6b:71:2d:f1:d1:9a:da:
1d:b8:0d:8f:fe:d8:51:0b:b8:d0:41:f4:c8:13:06:80:dd:c6:
eb:a2:9e:05:e4:63:f1:44:48:74:8a:ec:5a:55:86:3b:b7:95:
28:8f:2c:24:c4:3f:55:54:ec:da:b1:e8:a6:d6:ce:01:d2:13:
df:9b:97:1c:6c:0f:1a:07:2a:bc:63:2e:a5:af:6e:1d:44:41:
12:8d:4f:be:7b:08:22:cb:61:b2:94:8e:ff:8b:b2:c8:f6:a7:
a5:f7:47:4a:5e:2f:ac:6d:0d:c7:c6:01:92:88:77:dd:e0:1e:
3d:ea:a2:bf:9d:92:c1:66:11:68:d1:18:58:46:b4:bd:6d:82:
e4:e6:35:3b:28:33:98:e7:de:6b:ba:5b:ce:fb:67:ce:68:dc:
85:fb:f0:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaulIJjCMuy8vJyyquBvJSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ODZjNzM5OTRkMDJkOTFmYzk3ZDkxNmU5ODA5YTZkOTgx
ZTZiMTcwHhcNMjUwNTA4MDYyODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGRiZTFhNWIyMjAwNmNiYWVhMDc1Zjg5NzkwNDQ4YjEyMzYzYzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNV7WZooXCx4T6dLqhsziKcwmgfJ
5BprEx3EWHJsEx8pv3V9gZ06K5AyqvTvT79ks5cW6w4pDDmIXUtDszZYpjpC4Qt1
Mgw2vN6NmRPyFy5eRVZd1MSXWS0PGYgvNCN1waWzg/1dR3+q2cmrK20N9hgPVGm+
aCHxo37eHJU425VzKpMhP9hMD+WbT9OHkRl1d+3lbcyG/reY9ZCgK2NQClONPImv
q8IuyBNv52AHVn55FPzydtrFEC01Quq9X2h9mh0Mi/mGjGbGUcoMggqXjWcVNWRg
j+P95X3HXDgPFyJRb9j06UNr85xyCbilb69nl/1RIzsti+GBQMI44HBGYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJDb4aWyIAbLrqB1+JeQRIsSNjwqMB8GA1UdIwQY
MBaAFEmGxzmU0C2R/JfZFumAmm2YHmsXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzIt
OWU4OTVkMGVmOGQyLzEva052aHBiSWdCc3V1b0hYNGw1QkVpeEkyUENvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS80NTdlMTMtNDFkMy00MGVmLWI1NzItOWU4OTVkMGVmOGQy
LzEvU1liSE9aVFFMWkg4bDlrVzZZQ2FiWmdlYXhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBmFkeMA0G
CSqGSIb3DQEBCwUAA4IBAQCznvmuJ1C61PYhM0Ghts0c5W/bSh8x7VkxTavd9ua0
KMcaox4uxG02+H9UTAucP6rTJokv/siKHdKaCsNkqF2kefO1/17akz6Bl0clz3VE
9WglrWE/3mggB5qUlEw0xcIDaK1gkGtxLfHRmtoduA2P/thRC7jQQfTIEwaA3cbr
op4F5GPxREh0iuxaVYY7t5UojywkxD9VVOzaseim1s4B0hPfm5ccbA8aByq8Yy6l
r24dREESjU++ewgiy2GylI7/i7LI9qel90dKXi+sbQ3HxgGSiHfd4B496qK/nZLB
ZhFo0RhYRrS9bYLk5jU7KDOY595rulvO+2fOaNyF+/AV
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:40:07 2025 by rpki-client