Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GjxMKOh-YBVm7RYgN1KvICfaHoU.roa
File: GjxMKOh-YBVm7RYgN1KvICfaHoU.roa (raw, json)
Hash identifier: 279DAblO5Y8tvJulm+LjV+QiLYxPCa6NNNiX8mreK3I=
Subject key identifier: 1A:3C:4C:28:E8:7E:60:15:66:ED:16:20:37:52:AF:20:27:DA:1E:85
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0194CB019897F6F74AC6C3BE50EB98C18F59
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GjxMKOh-YBVm7RYgN1KvICfaHoU.roa
Signing time: Mon 03 Feb 2025 08:51:06 +0000
ROA not before: Mon 03 Feb 2025 08:51:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.37.197.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:05:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:01:98:97:f6:f7:4a:c6:c3:be:50:eb:98:c1:8f:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Feb 3 08:51:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1a3c4c28e87e601566ed16203752af2027da1e85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:5b:2b:ba:b1:7e:6a:f1:cb:7d:70:b5:eb:c6:
a0:67:6d:41:c6:06:d6:b9:84:95:38:ca:6b:70:f1:
4c:ed:32:81:25:31:99:50:ce:16:a9:17:b0:db:0b:
86:36:a0:63:25:69:2d:34:7e:b0:78:f2:c2:f3:6c:
b0:e7:0c:92:73:ed:5b:33:25:2e:cb:76:9c:7f:f5:
04:c3:57:fe:48:99:e9:7b:a6:d0:ba:c1:95:f8:19:
5b:93:5a:75:85:ad:d0:07:ca:90:26:a8:7e:24:a2:
17:58:a9:f6:58:49:09:62:41:60:b8:bf:ca:e9:c9:
de:98:fc:5d:06:45:69:ae:cf:50:a5:a7:20:20:b1:
15:26:31:b4:18:f0:c4:4f:b0:83:ea:ba:ce:e8:ba:
dd:c9:9f:85:15:6d:86:f7:2d:b7:f9:f8:b7:52:20:
bf:17:bf:14:03:fc:ac:fc:6f:e8:26:06:7b:8c:31:
9e:76:a7:cc:a4:91:44:0f:c6:37:f1:1c:b4:cc:c2:
e0:3e:a4:79:36:8f:b4:0c:42:a6:9b:65:21:de:32:
df:34:fd:97:4d:0b:8f:20:bb:c9:45:9f:66:4c:a7:
13:95:a0:58:5f:c1:eb:4b:bb:b9:ee:95:59:8a:42:
31:54:db:06:6d:9a:57:52:5f:6b:e5:83:a2:9e:5c:
10:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:3C:4C:28:E8:7E:60:15:66:ED:16:20:37:52:AF:20:27:DA:1E:85
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GjxMKOh-YBVm7RYgN1KvICfaHoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.197.0/24
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
5b:9f:f2:75:42:0b:0a:a5:69:17:ed:84:6c:68:bc:4a:5f:31:
0d:bc:1e:ce:9b:7e:a4:b0:3e:39:e4:11:b3:f7:ba:a6:78:d2:
5b:83:ba:fb:a6:e2:6b:06:ea:d9:00:40:31:05:d7:c7:8e:9b:
f0:a8:c4:6c:11:5e:d0:e7:59:70:a6:59:cf:fa:20:8b:a3:1d:
0a:69:80:a4:16:f7:d5:6d:4b:61:9e:0d:fd:82:6f:3c:d2:84:
05:1d:77:c4:65:73:fd:fd:7f:23:ee:84:3a:be:b2:e0:60:f8:
d7:b1:c3:03:b7:29:e0:84:44:d1:bc:a1:ab:c4:e3:22:40:2b:
08:46:79:24:80:cc:5b:d0:d7:30:16:07:6a:0e:92:42:d8:9b:
46:c3:8b:c8:8a:da:df:14:37:d7:cf:1e:b1:49:83:13:94:e1:
6f:9e:4e:e3:f0:3a:96:70:ac:7d:cd:81:c1:49:f7:2e:b5:5c:
b5:30:33:15:3f:ea:69:3c:39:93:c6:bb:f8:73:1a:d4:38:0e:
5e:1e:a2:a1:6b:43:25:b5:fa:af:eb:f9:be:82:dc:9a:5a:eb:
d5:75:93:f4:87:ef:e9:06:e7:45:73:12:fb:61:3a:4f:77:ab:
f3:82:9b:7e:47:d6:53:52:f1:2a:a7:a8:ed:3a:1c:c4:2f:02:
b7:04:76:cb
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTLAZiX9vdKxsO+UOuYwY9ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMjAzMDg1MTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYTNjNGMyOGU4N2U2MDE1NjZlZDE2MjAzNzUyYWYyMDI3ZGExZTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFsrurF+avHLfXC168agZ21BxgbW
uYSVOMprcPFM7TKBJTGZUM4WqRew2wuGNqBjJWktNH6wePLC82yw5wySc+1bMyUu
y3acf/UEw1f+SJnpe6bQusGV+Blbk1p1ha3QB8qQJqh+JKIXWKn2WEkJYkFguL/K
6cnemPxdBkVprs9QpacgILEVJjG0GPDET7CD6rrO6LrdyZ+FFW2G9y23+fi3UiC/
F78UA/ys/G/oJgZ7jDGedqfMpJFED8Y38Ry0zMLgPqR5No+0DEKmm2Uh3jLfNP2X
TQuPILvJRZ9mTKcTlaBYX8HrS7u57pVZikIxVNsGbZpXUl9r5YOinlwQXQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBo8TCjofmAVZu0WIDdSryAn2h6FMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvR2p4TUtPaC1ZQlZtN1JZZ04xS3ZJQ2ZhSG9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWSXFMAwD
BABZKlEDBAJZKlAwDQYJKoZIhvcNAQELBQADggEBAFuf8nVCCwqlaRfthGxovEpf
MQ28Hs6bfqSwPjnkEbP3uqZ40luDuvum4msG6tkAQDEF18eOm/CoxGwRXtDnWXCm
Wc/6IIujHQppgKQW99VtS2GeDf2CbzzShAUdd8Rlc/39fyPuhDq+suBg+NexwwO3
KeCERNG8oavE4yJAKwhGeSSAzFvQ1zAWB2oOkkLYm0bDi8iK2t8UN9fPHrFJgxOU
4W+eTuPwOpZwrH3NgcFJ9y61XLUwMxU/6mk8OZPGu/hzGtQ4Dl4eoqFrQyW1+q/r
+b6C3Jpa69V1k/SH7+kG50VzEvthOk93q/OCm35H1lNS8SqnqO06HMQvArcEdss=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:03:05 2025 by rpki-client