Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5F40TOPY5Sya0ld4VwhpBq06Yzc.roa
File: 5F40TOPY5Sya0ld4VwhpBq06Yzc.roa (raw, json)
Hash identifier: 36GSKOGArE9JRJJ2gpBIg6krrIZZFDKURUwuhYbt8E0=
Subject key identifier: E4:5E:34:4C:E3:D8:E5:2C:9A:D2:57:78:57:08:69:06:AD:3A:63:37
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D269D477F2632319A4D13F398E373
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5F40TOPY5Sya0ld4VwhpBq06Yzc.roa
Signing time: Mon 01 Jan 2024 00:29:42 +0000
ROA not before: Mon 01 Jan 2024 00:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 89.42.89.0/24 maxlen: 24
89.42.92.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.47.123.0/24 maxlen: 24
89.47.124.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:26:9d:47:7f:26:32:31:9a:4d:13:f3:98:e3:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e45e344ce3d8e52c9ad2577857086906ad3a6337
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5d:fb:da:0e:e9:36:63:8c:fa:a8:60:bc:65:
3b:2d:25:45:89:45:51:e1:9c:d6:9b:c2:fc:4f:87:
8a:d7:23:97:92:26:d3:bd:92:cf:b8:91:4c:45:ac:
42:a5:81:c9:60:dc:39:7c:ba:84:63:a8:c7:87:5f:
e1:40:0a:7d:c9:ea:a1:77:45:0d:2c:6a:67:53:c6:
3d:e1:39:3d:64:65:ad:88:91:e7:d1:fa:6f:3f:b2:
86:31:39:17:15:aa:72:90:06:bd:1c:df:1e:e9:23:
71:4c:7b:a5:21:51:62:da:88:c3:9e:9a:43:81:53:
6e:f4:89:bc:ad:44:39:2c:bf:3c:f9:23:47:2f:6c:
b9:e2:00:93:b3:6e:e2:20:e7:23:c9:c0:04:e9:dc:
80:a4:0f:8d:5b:f4:19:c3:76:6a:d2:83:8e:51:1e:
54:fe:f3:a3:ea:5c:73:9a:e6:87:86:bc:27:1b:87:
57:ff:b3:3e:d3:84:e5:cb:2a:58:b9:91:2d:d8:e3:
a0:f0:be:f7:c9:13:7c:1e:3b:b3:f7:0f:88:0c:be:
82:48:80:c4:11:d0:63:4d:15:46:7f:0b:fd:5f:cd:
cf:f2:44:e8:51:de:34:c1:c6:f7:71:94:fa:d7:f4:
20:a0:33:79:92:d4:21:53:fe:b6:92:99:8c:b6:e4:
72:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:5E:34:4C:E3:D8:E5:2C:9A:D2:57:78:57:08:69:06:AD:3A:63:37
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/5F40TOPY5Sya0ld4VwhpBq06Yzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.89.0/24
89.42.92.0/23
89.43.142.0/24
89.46.4.0/24
89.47.123.0-89.47.124.255
93.113.176.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:f0:a4:af:0a:09:ec:c9:52:79:ac:e1:e1:ae:f7:67:6e:21:
3b:32:11:1d:69:31:b8:1e:fe:25:b6:74:2f:73:ca:30:24:65:
ce:d0:a0:1e:c9:ff:ce:0e:b5:05:22:37:a2:8c:31:e7:38:26:
97:09:7f:a7:47:1e:95:42:5f:6d:3f:bc:91:8d:f8:79:78:c3:
9e:80:5c:fc:86:cc:bd:11:02:83:c2:59:56:88:5b:fe:ed:ea:
e4:58:e2:3a:7c:02:9b:19:45:28:38:48:d0:cd:3e:e5:5b:fc:
ec:01:77:09:c6:91:95:e5:3b:40:28:51:2c:9a:cd:ba:74:d3:
b9:5c:04:ff:e5:62:aa:cd:c8:92:80:eb:70:9c:a9:f1:88:3b:
0c:19:ac:55:dd:36:46:51:cd:a9:d6:c2:89:83:a7:0b:0c:18:
81:dd:8d:fd:b3:be:e4:2e:9e:43:98:37:78:d6:00:cf:f4:98:
1d:68:db:ab:b2:4d:6a:50:a0:24:18:58:2e:16:f0:e0:ef:28:
00:ca:53:50:5d:6b:70:91:3c:4e:07:11:14:34:6f:24:7d:7b:
de:c2:10:bd:87:4a:09:53:cf:a9:ee:54:17:6c:46:dd:60:6c:
20:8d:7a:10:8c:03:ab:ab:ca:0a:0b:f2:d2:04:08:0d:77:7a:
4a:44:33:9e
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzCbSadR38mMjGaTRPzmONzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDVlMzQ0Y2UzZDhlNTJjOWFkMjU3Nzg1NzA4NjkwNmFkM2E2MzM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAol372g7pNmOM+qhgvGU7LSVFiUVR
4ZzWm8L8T4eK1yOXkibTvZLPuJFMRaxCpYHJYNw5fLqEY6jHh1/hQAp9yeqhd0UN
LGpnU8Y94Tk9ZGWtiJHn0fpvP7KGMTkXFapykAa9HN8e6SNxTHulIVFi2ojDnppD
gVNu9Im8rUQ5LL88+SNHL2y54gCTs27iIOcjycAE6dyApA+NW/QZw3Zq0oOOUR5U
/vOj6lxzmuaHhrwnG4dX/7M+04TlyypYuZEt2OOg8L73yRN8Hjuz9w+IDL6CSIDE
EdBjTRVGfwv9X83P8kToUd40wcb3cZT61/QgoDN5ktQhU/62kpmMtuRyFQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFOReNEzj2OUsmtJXeFcIaQatOmM3MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvNUY0MFRPUFk1U3lhMGxkNFZ3aHBCcTA2WXpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWSpZAwQB
WSpcAwQAWSuOAwQAWS4EMAwDBABZL3sDBABZL3wDBABdcbAwDQYJKoZIhvcNAQEL
BQADggEBAHvwpK8KCezJUnms4eGu92duITsyER1pMbge/iW2dC9zyjAkZc7QoB7J
/84OtQUiN6KMMec4JpcJf6dHHpVCX20/vJGN+Hl4w56AXPyGzL0RAoPCWVaIW/7t
6uRY4jp8ApsZRSg4SNDNPuVb/OwBdwnGkZXlO0AoUSyazbp007lcBP/lYqrNyJKA
63CcqfGIOwwZrFXdNkZRzanWwomDpwsMGIHdjf2zvuQunkOYN3jWAM/0mB1o26uy
TWpQoCQYWC4W8ODvKADKU1Bda3CRPE4HERQ0byR9e97CEL2HSglTz6nuVBdsRt1g
bCCNehCMA6urygoL8tIECA13ekpEM54=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:52:25 2025 by rpki-client