Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/o4wE6KYfmWqQELMrHx_k390T1p4.roa
File: o4wE6KYfmWqQELMrHx_k390T1p4.roa (raw, json)
Hash identifier: KDZINejY5ySSsP+a52ix5DalpbIC3DqVgnbrB+vizpk=
Subject key identifier: A3:8C:04:E8:A6:1F:99:6A:90:10:B3:2B:1F:1F:E4:DF:DD:13:D6:9E
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0194266BBAF5383FD8884B04E2707F5F5F85
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/o4wE6KYfmWqQELMrHx_k390T1p4.roa
Signing time: Thu 02 Jan 2025 09:49:41 +0000
ROA not before: Thu 02 Jan 2025 09:49:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 89.251.28.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Mar 2025 11:51:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:ba:f5:38:3f:d8:88:4b:04:e2:70:7f:5f:5f:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 09:49:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a38c04e8a61f996a9010b32b1f1fe4dfdd13d69e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:27:47:e8:98:07:25:27:bb:3e:2e:31:f0:61:
1b:ae:74:bb:47:fd:dd:e7:22:5b:52:7f:40:5a:8e:
f0:1d:38:1b:43:53:bd:48:e4:15:21:f8:9f:d7:8e:
63:a9:45:8b:34:4e:b0:d8:52:ae:d6:6a:dd:9c:7d:
36:87:2d:30:4f:07:ca:a2:79:65:6e:35:b8:93:dc:
76:eb:11:59:41:64:27:bf:0a:39:c8:88:fd:48:3a:
bf:c3:a2:cd:fd:8c:89:13:f8:f8:50:7f:7f:e9:0f:
d4:a1:49:62:7e:53:ab:a2:40:33:6a:91:94:24:a5:
4f:aa:e4:6a:af:c0:28:7a:19:5b:13:52:c4:68:e9:
09:d7:8f:f1:1c:a0:39:78:05:a8:6b:d5:31:24:be:
e7:52:c2:77:dd:2a:16:d0:57:fc:ea:81:8e:02:09:
09:93:82:1b:fb:62:8c:15:67:1c:19:18:26:85:13:
c5:f8:09:48:51:bf:56:da:4e:dc:25:67:70:4a:4a:
89:e0:cf:bc:71:6f:80:ae:1d:0f:9a:ba:24:9e:bb:
be:99:dc:c9:f1:48:55:3b:49:59:a4:f4:9e:67:8e:
50:7c:44:fd:7b:6e:ec:46:5a:44:1d:7e:12:de:3c:
6e:14:ee:29:83:e0:fe:f7:89:5b:30:b9:da:85:8a:
94:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:8C:04:E8:A6:1F:99:6A:90:10:B3:2B:1F:1F:E4:DF:DD:13:D6:9E
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/o4wE6KYfmWqQELMrHx_k390T1p4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.28.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:1e:6a:35:ff:93:c3:f4:e6:2b:24:88:58:58:a0:e4:7f:f3:
a5:d2:ad:8b:d8:b8:36:63:e9:72:7b:f2:c2:74:71:8f:c5:2e:
ee:32:88:ed:18:ae:de:42:1d:16:28:ea:a1:2e:3c:a7:76:70:
66:87:7f:0f:d9:8d:f0:e0:ac:6e:dc:09:85:cc:76:49:37:23:
b6:8e:74:44:28:23:96:75:91:d9:db:08:bf:81:82:e8:66:81:
49:7c:fe:cf:0c:c0:7e:3b:59:e4:37:36:c3:f8:05:b5:e2:f2:
d8:60:16:0a:b4:c4:3f:24:00:bf:35:d0:76:79:f2:92:46:d0:
0b:f5:a7:5f:95:72:dd:5b:36:62:58:21:36:4e:86:57:a9:db:
14:2f:71:25:89:69:ef:77:d3:05:75:e4:21:47:e4:ce:f0:af:
58:f9:ae:a5:ea:eb:a3:cd:70:14:ac:d4:fc:0d:6d:73:31:ea:
63:99:d2:2f:4d:3a:4f:a0:4b:e6:fa:3c:75:d9:60:6d:67:cd:
b2:cf:5f:4e:38:5b:d7:8b:43:75:c8:96:67:41:e3:5e:3c:a2:
27:6e:eb:ec:2c:5a:a3:7c:88:89:b0:91:76:65:5a:39:9d:3c:
60:ab:2f:a4:ab:91:0a:d4:ef:a6:5f:b3:b8:cd:3b:d8:d0:a6:
92:79:4a:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma7r1OD/YiEsE4nB/X1+FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMTAyMDk0OTQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzhjMDRlOGE2MWY5OTZhOTAxMGIzMmIxZjFmZTRkZmRkMTNkNjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSdH6JgHJSe7Pi4x8GEbrnS7R/3d
5yJbUn9AWo7wHTgbQ1O9SOQVIfif145jqUWLNE6w2FKu1mrdnH02hy0wTwfKonll
bjW4k9x26xFZQWQnvwo5yIj9SDq/w6LN/YyJE/j4UH9/6Q/UoUliflOrokAzapGU
JKVPquRqr8AoehlbE1LEaOkJ14/xHKA5eAWoa9UxJL7nUsJ33SoW0Ff86oGOAgkJ
k4Ib+2KMFWccGRgmhRPF+AlIUb9W2k7cJWdwSkqJ4M+8cW+Arh0Pmroknru+mdzJ
8UhVO0lZpPSeZ45QfET9e27sRlpEHX4S3jxuFO4pg+D+94lbMLnahYqUkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKOMBOimH5lqkBCzKx8f5N/dE9aeMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvbzR3RTZLWWZtV3FRRUxNckh4X2szOTBUMXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfscMA0G
CSqGSIb3DQEBCwUAA4IBAQAbHmo1/5PD9OYrJIhYWKDkf/Ol0q2L2Lg2Y+lye/LC
dHGPxS7uMojtGK7eQh0WKOqhLjyndnBmh38P2Y3w4Kxu3AmFzHZJNyO2jnREKCOW
dZHZ2wi/gYLoZoFJfP7PDMB+O1nkNzbD+AW14vLYYBYKtMQ/JAC/NdB2efKSRtAL
9adflXLdWzZiWCE2ToZXqdsUL3EliWnvd9MFdeQhR+TO8K9Y+a6l6uujzXAUrNT8
DW1zMepjmdIvTTpPoEvm+jx12WBtZ82yz19OOFvXi0N1yJZnQeNePKInbuvsLFqj
fIiJsJF2ZVo5nTxgqy+kq5EK1O+mX7O4zTvY0KaSeUp/
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:59:32 2025 by rpki-client