Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/alLs-yDJsQm1Xp8df-JFlis546E.roa
File: alLs-yDJsQm1Xp8df-JFlis546E.roa (raw, json)
Hash identifier: hcxrOOYmtQUe7KqnXvGgCWgEd8pzjT4ven/hdihofH0=
Subject key identifier: 6A:52:EC:FB:20:C9:B1:09:B5:5E:9F:1D:7F:E2:45:96:2B:39:E3:A1
Certificate issuer: /CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Certificate serial: 01968A7D022FE941D3E33C15649C4111F8AD
Authority key identifier: FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/alLs-yDJsQm1Xp8df-JFlis546E.roa
Signing time: Thu 01 May 2025 06:16:10 +0000
ROA not before: Thu 01 May 2025 06:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 185.130.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 13:45:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:8a:7d:02:2f:e9:41:d3:e3:3c:15:64:9c:41:11:f8:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd658693ec327ead4fe83a57b82601cc2552aabd
Validity
Not Before: May 1 06:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a52ecfb20c9b109b55e9f1d7fe245962b39e3a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:94:f1:21:33:a6:9a:ad:14:e6:e3:60:50:fe:
35:15:c0:61:db:a6:70:83:7c:c5:13:49:45:f4:56:
80:02:a9:ce:78:15:f1:c1:35:35:65:1d:af:7c:54:
42:39:fb:9d:02:92:34:ff:45:d3:69:57:2a:36:d6:
db:28:bc:22:00:1d:ba:83:c0:71:5e:82:ae:e5:74:
96:cb:74:01:b7:71:19:d0:bd:c5:24:eb:4a:aa:cf:
57:14:3d:3a:35:f4:98:f9:8a:a3:49:8b:e5:24:19:
1e:b9:16:2a:35:10:b6:dc:28:04:93:08:79:f5:a5:
fb:a9:78:d8:ec:ac:ca:7a:ad:81:a0:89:fd:55:d3:
b4:09:de:50:98:32:da:1e:70:68:c3:4d:a0:ab:d3:
b3:61:bc:26:42:38:9a:e2:eb:81:c8:f7:83:49:1b:
a7:5d:b9:29:fd:54:8b:f2:64:7a:5b:76:ec:ac:e2:
98:e9:c4:76:0f:0f:c9:7d:d8:c9:53:ef:a3:ac:3b:
51:1e:dc:44:2a:1d:8a:69:69:f1:3a:cc:60:60:68:
8d:2f:1e:6a:08:f0:f1:b1:a1:05:44:99:23:2b:41:
d0:28:8d:6f:d1:6e:df:a2:af:6b:7c:e6:0b:07:58:
2d:f9:0c:c6:3e:b2:ed:55:5d:fb:6d:5b:c7:9f:25:
16:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:52:EC:FB:20:C9:B1:09:B5:5E:9F:1D:7F:E2:45:96:2B:39:E3:A1
X509v3 Authority Key Identifier:
keyid:FD:65:86:93:EC:32:7E:AD:4F:E8:3A:57:B8:26:01:CC:25:52:AA:BD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_WWGk-wyfq1P6DpXuCYBzCVSqr0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/alLs-yDJsQm1Xp8df-JFlis546E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/075d2f-46bd-4bde-9835-95ff5c5dbb50/1/_WWGk-wyfq1P6DpXuCYBzCVSqr0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.130.89.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:ac:9d:5c:3a:d3:4b:b2:76:5a:bc:83:e9:a1:e6:4a:0d:4e:
bb:e1:2a:d3:9b:22:85:b2:56:d6:6c:8f:51:c7:59:c7:ba:67:
f0:bf:7c:4e:83:18:71:57:5d:2e:f3:69:75:c9:ce:53:52:be:
80:70:e1:91:38:4f:f5:b1:bf:df:44:5e:14:89:d0:2b:f9:72:
41:88:fd:0f:ae:75:c1:84:44:31:3f:83:af:47:33:29:29:ab:
7c:91:7a:c6:d5:77:1e:e8:25:2d:c0:6c:22:2e:69:cc:38:11:
c7:76:3d:66:49:0b:32:60:2b:21:97:f8:6d:85:ce:38:67:76:
6c:14:13:c6:0d:a0:84:5b:cd:0f:92:bd:54:0c:c3:af:76:0e:
44:bd:07:92:3d:80:7a:28:79:77:1f:e2:88:bd:4e:4f:be:cf:
58:3d:23:5b:bf:ec:36:44:0f:a7:1d:00:f1:55:d6:66:0f:ab:
ef:23:46:7b:3a:d5:c0:90:c8:0a:0b:2c:2b:72:0d:10:04:74:
00:ca:20:03:f9:41:88:d2:47:83:4d:bf:da:b3:a2:e0:f3:61:
bc:ff:18:30:a6:36:a0:31:b4:c2:fc:fb:c1:d3:a4:0f:1a:f2:
90:05:ce:d0:0b:2c:35:fd:ba:6f:76:60:c3:d6:db:2f:9c:54:
78:24:23:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZaKfQIv6UHT4zwVZJxBEfitMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkNjU4NjkzZWMzMjdlYWQ0ZmU4M2E1N2I4MjYwMWNjMjU1
MmFhYmQwHhcNMjUwNTAxMDYxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTUyZWNmYjIwYzliMTA5YjU1ZTlmMWQ3ZmUyNDU5NjJiMzllM2ExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA05TxITOmmq0U5uNgUP41FcBh26Zw
g3zFE0lF9FaAAqnOeBXxwTU1ZR2vfFRCOfudApI0/0XTaVcqNtbbKLwiAB26g8Bx
XoKu5XSWy3QBt3EZ0L3FJOtKqs9XFD06NfSY+YqjSYvlJBkeuRYqNRC23CgEkwh5
9aX7qXjY7KzKeq2BoIn9VdO0Cd5QmDLaHnBow02gq9OzYbwmQjia4uuByPeDSRun
Xbkp/VSL8mR6W3bsrOKY6cR2Dw/JfdjJU++jrDtRHtxEKh2KaWnxOsxgYGiNLx5q
CPDxsaEFRJkjK0HQKI1v0W7foq9rfOYLB1gt+QzGPrLtVV37bVvHnyUWHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGpS7PsgybEJtV6fHX/iRZYrOeOhMB8GA1UdIwQY
MBaAFP1lhpPsMn6tT+g6V7gmAcwlUqq9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUt
OTVmZjVjNWRiYjUwLzEvYWxMcy15REpzUW0xWHA4ZGYtSkZsaXM1NDZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8wNzVkMmYtNDZiZC00YmRlLTk4MzUtOTVmZjVjNWRiYjUw
LzEvX1dXR2std3lmcTFQNkRwWHVDWUJ6Q1ZTcXIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYJZMA0G
CSqGSIb3DQEBCwUAA4IBAQBtrJ1cOtNLsnZavIPpoeZKDU674SrTmyKFslbWbI9R
x1nHumfwv3xOgxhxV10u82l1yc5TUr6AcOGROE/1sb/fRF4UidAr+XJBiP0PrnXB
hEQxP4OvRzMpKat8kXrG1Xce6CUtwGwiLmnMOBHHdj1mSQsyYCshl/hthc44Z3Zs
FBPGDaCEW80Pkr1UDMOvdg5EvQeSPYB6KHl3H+KIvU5Pvs9YPSNbv+w2RA+nHQDx
VdZmD6vvI0Z7OtXAkMgKCywrcg0QBHQAyiAD+UGI0keDTb/as6Lg82G8/xgwpjag
MbTC/PvB06QPGvKQBc7QCyw1/bpvdmDD1tsvnFR4JCNr
-----END CERTIFICATE-----
Generated at Wed May 14 17:27:12 2025 by rpki-client