Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-5Sg52ZhCkqR2FK6RViCUz8Mr8w.roa
File: 1-5Sg52ZhCkqR2FK6RViCUz8Mr8w.roa (raw, json)
Hash identifier: UIARtBMSVqpqM+xsMZ08JsqJNK0/2JQFmdNToV0XGPM=
Subject key identifier: FB:94:A0:E7:66:61:0A:4A:91:D8:52:BA:45:58:82:53:3F:0C:AF:CC
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01936CA8ECC48E684416D4BC539F8CC78E06
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-5Sg52ZhCkqR2FK6RViCUz8Mr8w.roa
Signing time: Wed 27 Nov 2024 08:07:10 +0000
ROA not before: Wed 27 Nov 2024 08:07:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9304
IP address blocks: 89.43.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:a8:ec:c4:8e:68:44:16:d4:bc:53:9f:8c:c7:8e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Nov 27 08:07:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fb94a0e766610a4a91d852ba455882533f0cafcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:19:3f:37:1b:fb:25:15:89:27:18:d2:c8:59:
f9:43:e0:58:86:1f:3a:37:0b:7f:c8:4b:68:b1:88:
30:49:31:91:af:33:c3:54:0f:b4:f8:1d:2f:d8:87:
1b:29:2f:e7:b9:97:16:cb:ba:5c:f7:bd:19:d4:56:
ba:0a:0f:a4:b4:a3:c6:c6:a5:a7:de:e2:97:ed:a8:
db:b4:7c:9a:c2:6c:fa:3a:3d:46:53:f1:ce:a2:f5:
fd:86:2c:db:28:10:70:b5:c9:00:4b:c0:9e:4d:1c:
21:a1:52:dd:39:d2:26:76:7a:8e:5c:f5:68:b6:f1:
82:15:c7:e6:08:93:8d:6b:23:e2:ae:95:d7:ad:61:
c8:bf:07:fe:fe:4c:dc:ef:92:03:a5:9b:f7:d3:79:
83:53:07:83:ec:3e:15:7a:0d:74:b1:dc:30:33:4c:
ea:3f:bc:7e:1c:e3:4a:e8:82:ea:1a:20:83:42:05:
55:96:f2:dd:61:85:0f:5b:f9:23:66:29:50:18:65:
f8:b3:b5:14:b7:65:71:6f:b6:f2:37:77:32:51:3a:
c8:d4:82:03:90:cd:85:5e:38:0e:27:06:8d:af:90:
9e:c2:ec:bc:63:b6:25:cd:16:96:a7:37:24:9b:75:
c5:f2:72:b9:6b:60:1d:5d:a5:23:2a:20:a4:5c:66:
de:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:94:A0:E7:66:61:0A:4A:91:D8:52:BA:45:58:82:53:3F:0C:AF:CC
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/1-5Sg52ZhCkqR2FK6RViCUz8Mr8w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.141.0/24
Signature Algorithm: sha256WithRSAEncryption
71:d0:77:3e:03:2e:26:6c:88:7e:41:25:1d:52:61:91:52:5c:
ca:46:14:56:63:3a:37:52:18:38:fe:b1:0f:40:95:69:dc:62:
1d:2b:6b:f7:72:3b:55:fc:db:c6:9a:9d:92:74:93:69:dd:31:
55:2a:fb:70:87:52:61:61:c0:2b:98:a3:74:49:93:59:62:8e:
1e:21:66:2b:d2:fd:d2:97:8b:ee:1a:c6:57:e1:82:db:67:7e:
98:9d:8a:ad:dc:a7:27:67:e5:42:87:ea:cf:9d:3e:9b:b1:35:
79:b4:33:df:38:34:ba:2d:a5:97:bb:6d:3f:96:5d:f1:14:38:
9e:fc:51:37:6c:d9:c3:6e:97:2b:18:d2:5f:40:c1:74:2e:70:
6f:5d:ad:a9:18:b0:18:dd:a2:9f:a9:39:e9:c6:10:3d:5b:12:
06:4c:4e:ac:c2:e2:ca:70:c0:b1:9a:11:1f:1c:70:e0:77:26:
3c:98:41:fc:b3:84:47:98:22:cd:6b:2b:c7:0e:97:1c:6e:09:
17:32:49:20:77:21:b0:47:13:59:cd:d4:f2:16:08:b4:cf:df:
ad:4a:93:3c:f8:9c:d2:e1:4f:5c:99:81:44:a5:54:89:3b:f1:
13:e3:24:bf:f3:51:24:89:82:77:e5:1b:c5:e6:3e:d1:1d:21:
48:6b:c2:12
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNsqOzEjmhEFtS8U5+Mx44GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQxMTI3MDgwNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjk0YTBlNzY2NjEwYTRhOTFkODUyYmE0NTU4ODI1MzNmMGNhZmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xk/Nxv7JRWJJxjSyFn5Q+BYhh86
Nwt/yEtosYgwSTGRrzPDVA+0+B0v2IcbKS/nuZcWy7pc970Z1Fa6Cg+ktKPGxqWn
3uKX7ajbtHyawmz6Oj1GU/HOovX9hizbKBBwtckAS8CeTRwhoVLdOdImdnqOXPVo
tvGCFcfmCJONayPirpXXrWHIvwf+/kzc75IDpZv303mDUweD7D4Veg10sdwwM0zq
P7x+HONK6ILqGiCDQgVVlvLdYYUPW/kjZilQGGX4s7UUt2Vxb7byN3cyUTrI1IID
kM2FXjgOJwaNr5Cewuy8Y7YlzRaWpzckm3XF8nK5a2AdXaUjKiCkXGbevQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuUoOdmYQpKkdhSukVYglM/DK/MMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvMS01U2c1MlpoQ2txUjJGSzZSVmlDVXo4TXI4dy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYWIvODRlYjQ0LWJiZGYtNDZjMS1iMDQzLWI0MmYyM2Q4Mjhj
My8xLzhkUnVEajZNcXE3VXBTbTlmWE1JdlI3d0hCMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkrjTAN
BgkqhkiG9w0BAQsFAAOCAQEAcdB3PgMuJmyIfkElHVJhkVJcykYUVmM6N1IYOP6x
D0CVadxiHStr93I7VfzbxpqdknSTad0xVSr7cIdSYWHAK5ijdEmTWWKOHiFmK9L9
0peL7hrGV+GC22d+mJ2KrdynJ2flQofqz50+m7E1ebQz3zg0ui2ll7ttP5Zd8RQ4
nvxRN2zZw26XKxjSX0DBdC5wb12tqRiwGN2in6k56cYQPVsSBkxOrMLiynDAsZoR
Hxxw4HcmPJhB/LOER5gizWsrxw6XHG4JFzJJIHchsEcTWc3U8hYItM/frUqTPPic
0uFPXJmBRKVUiTvxE+Mkv/NRJImCd+UbxeY+0R0hSGvCEg==
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:35:19 2025 by rpki-client