Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/hh6xtjpROACOsch96EOgPK9YAC4.roa
File: hh6xtjpROACOsch96EOgPK9YAC4.roa (raw, json)
Hash identifier: 5fudJE2jHma+kD6zqO3qGCHmDGF/dbVfBl5eUUYi3Qk=
Subject key identifier: 86:1E:B1:B6:3A:51:38:00:8E:B1:C8:7D:E8:43:A0:3C:AF:58:00:2E
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0196825B19F13C9C4702F3A91098D5EC9B5F
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/hh6xtjpROACOsch96EOgPK9YAC4.roa
Signing time: Tue 29 Apr 2025 16:22:10 +0000
ROA not before: Tue 29 Apr 2025 16:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.187.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 14:19:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:82:5b:19:f1:3c:9c:47:02:f3:a9:10:98:d5:ec:9b:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Apr 29 16:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=861eb1b63a5138008eb1c87de843a03caf58002e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:96:5f:1e:f0:b8:1c:18:d5:07:30:55:56:64:
77:94:2c:f0:88:bb:95:09:cc:60:96:25:34:33:16:
9f:d4:12:59:a4:1e:f6:66:cd:a4:cf:f0:0d:a0:c9:
a3:f3:fb:0a:0f:9c:59:b6:75:07:27:bf:0e:4a:b1:
c2:34:34:b7:fe:98:c6:90:36:01:ad:e7:04:ad:22:
f9:5c:d7:61:36:09:9b:5b:84:b0:c4:55:8b:5c:38:
3c:6a:d1:bf:1d:99:de:44:31:dc:ae:24:fa:bd:ad:
aa:07:5d:a1:71:f8:28:eb:cd:db:b5:d5:96:50:4b:
a3:11:d5:f9:c5:cf:b9:2f:34:4c:19:c6:1a:31:e9:
04:f6:67:82:2d:85:cb:ef:fd:ce:ec:29:b6:f6:d6:
32:63:50:54:85:e9:de:a9:31:25:fd:22:2b:b3:70:
7c:b3:71:c1:7f:ca:00:c9:8f:22:9a:8d:2f:1a:2c:
9b:f8:89:f4:1b:09:41:95:11:9b:2a:ae:50:84:39:
ad:65:e4:b3:b8:69:39:71:e7:c3:53:b0:59:a7:b6:
59:df:ff:35:77:91:fd:2d:12:cd:36:b8:77:aa:89:
54:c9:8a:ef:5b:5f:98:13:66:17:06:d8:d6:0a:cf:
bd:f6:25:7a:3d:00:6d:3c:71:cb:af:57:f7:12:49:
11:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:1E:B1:B6:3A:51:38:00:8E:B1:C8:7D:E8:43:A0:3C:AF:58:00:2E
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/hh6xtjpROACOsch96EOgPK9YAC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.21.0/24
Signature Algorithm: sha256WithRSAEncryption
c6:a0:cf:ad:a1:0b:6b:e2:e8:f3:9e:67:cc:0d:6f:50:4a:b1:
d7:43:e2:c7:94:32:6e:f6:6a:2d:69:fc:b4:fd:12:aa:15:fc:
da:6a:b4:94:56:7d:26:5b:e2:f5:eb:8d:a6:b2:f0:81:d3:94:
73:81:5f:c5:ac:bf:35:b1:e1:53:c2:85:26:0f:48:e9:8c:8d:
92:6a:29:1a:7a:bd:80:f1:6b:51:91:87:af:c9:27:b8:62:17:
81:36:39:ef:5a:3a:75:4e:e9:6e:d8:df:c8:b0:d3:c8:fc:f1:
46:be:55:cc:98:67:6e:4f:65:a9:56:d1:09:ef:32:83:96:c4:
a9:ea:b2:53:fd:eb:0f:bf:d4:8a:b7:5b:b8:8d:e2:e4:ad:fc:
c1:34:7c:bc:84:18:e9:8f:59:8a:43:91:7c:27:f6:3c:3d:3d:
6b:f0:96:97:44:32:ed:f3:d1:ac:8d:79:f7:61:46:98:e1:21:
20:f6:6a:39:f2:0d:ed:84:3e:af:a9:be:f9:0e:a3:54:b0:38:
8b:6e:a2:f3:23:5e:4e:ea:07:d8:1b:ce:aa:4e:50:2e:ca:c0:
db:d3:a9:f3:b0:03:43:9f:5d:38:81:48:88:6d:5f:8a:cd:88:
69:64:a3:af:13:2c:bf:7f:76:c9:cd:66:7a:71:42:91:9e:4a:
ab:fb:24:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaCWxnxPJxHAvOpEJjV7JtfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjUwNDI5MTYyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NjFlYjFiNjNhNTEzODAwOGViMWM4N2RlODQzYTAzY2FmNTgwMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA85ZfHvC4HBjVBzBVVmR3lCzwiLuV
CcxgliU0Mxaf1BJZpB72Zs2kz/ANoMmj8/sKD5xZtnUHJ78OSrHCNDS3/pjGkDYB
recErSL5XNdhNgmbW4SwxFWLXDg8atG/HZneRDHcriT6va2qB12hcfgo683btdWW
UEujEdX5xc+5LzRMGcYaMekE9meCLYXL7/3O7Cm29tYyY1BUheneqTEl/SIrs3B8
s3HBf8oAyY8imo0vGiyb+In0GwlBlRGbKq5QhDmtZeSzuGk5cefDU7BZp7ZZ3/81
d5H9LRLNNrh3qolUyYrvW1+YE2YXBtjWCs+99iV6PQBtPHHLr1f3EkkRfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIYesbY6UTgAjrHIfehDoDyvWAAuMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvaGg2eHRqcFJPQUNPc2NoOTZFT2dQSzlZQUM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbsVMA0G
CSqGSIb3DQEBCwUAA4IBAQDGoM+toQtr4ujznmfMDW9QSrHXQ+LHlDJu9motafy0
/RKqFfzaarSUVn0mW+L1642msvCB05RzgV/FrL81seFTwoUmD0jpjI2Saikaer2A
8WtRkYevySe4YheBNjnvWjp1Tulu2N/IsNPI/PFGvlXMmGduT2WpVtEJ7zKDlsSp
6rJT/esPv9SKt1u4jeLkrfzBNHy8hBjpj1mKQ5F8J/Y8PT1r8JaXRDLt89GsjXn3
YUaY4SEg9mo58g3thD6vqb75DqNUsDiLbqLzI15O6gfYG86qTlAuysDb06nzsAND
n104gUiIbV+KzYhpZKOvEyy/f3bJzWZ6cUKRnkqr+yRW
-----END CERTIFICATE-----
Generated at Mon May 12 05:27:25 2025 by rpki-client