Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HEngK7PrzVBagUb9NqZEs7vSwjE.roa
File: HEngK7PrzVBagUb9NqZEs7vSwjE.roa (raw, json)
Hash identifier: dU+ux3nzs3FRIFmpCZ7FvEG5LpY+LGxS/8f19ho83zU=
Subject key identifier: 1C:49:E0:2B:B3:EB:CD:50:5A:81:46:FD:36:A6:44:B3:BB:D2:C2:31
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01943318037A682684215AA6D0B4E2C0B6B6
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HEngK7PrzVBagUb9NqZEs7vSwjE.roa
Signing time: Sat 04 Jan 2025 20:53:19 +0000
ROA not before: Sat 04 Jan 2025 20:53:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 21 Jan 2025 10:03:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:33:18:03:7a:68:26:84:21:5a:a6:d0:b4:e2:c0:b6:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 4 20:53:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1c49e02bb3ebcd505a8146fd36a644b3bbd2c231
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:37:1f:5f:a8:c0:55:89:7a:23:0c:05:e4:eb:
b8:c5:f2:06:6f:6e:b7:32:8d:94:3e:1b:47:fc:f0:
30:3f:a6:40:12:c5:24:4b:59:c5:07:fe:72:8a:5c:
da:72:13:d2:55:2f:57:1f:2d:11:01:4a:d5:d7:36:
2d:45:ad:54:c4:e7:40:3c:95:a4:84:44:7e:8d:f5:
db:2f:7b:17:5c:29:05:bc:1c:9a:90:72:4c:d4:ce:
2f:ed:a6:58:bb:a2:40:e2:15:a7:7d:5a:14:bd:06:
89:4f:ed:56:23:d3:ac:03:90:ef:44:16:d2:9a:0c:
ee:4b:80:f1:12:4a:12:a5:2a:e8:53:dc:a3:77:74:
a8:4a:5c:12:e3:69:3f:23:5c:fd:8d:f7:d7:14:ed:
3b:82:3f:25:01:e3:2c:ca:3f:a0:7d:c5:69:d3:ab:
55:bc:da:8e:17:e6:45:cb:22:03:37:7c:50:c2:55:
1a:83:12:f4:0f:ac:46:9d:92:d1:d0:b1:88:63:62:
85:a4:1d:8c:2d:8e:40:f1:68:4d:3b:58:18:3b:1e:
60:45:42:f6:3d:35:b7:08:02:48:a0:af:0b:2e:cd:
8b:46:bb:65:42:10:cc:23:da:ff:f8:eb:00:3b:b4:
ba:95:62:b9:18:92:e5:f6:82:17:7d:bc:16:a7:e9:
6b:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:49:E0:2B:B3:EB:CD:50:5A:81:46:FD:36:A6:44:B3:BB:D2:C2:31
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/HEngK7PrzVBagUb9NqZEs7vSwjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
4b:4d:95:e4:92:23:f7:b5:12:45:45:81:95:58:35:b8:d9:2d:
e0:06:19:47:d4:87:ae:42:c6:3d:47:91:53:77:52:f4:5a:c7:
ed:c1:b4:0c:b0:09:57:38:d6:23:6c:7b:7b:ce:4e:db:e9:67:
fc:e1:66:3e:e4:e7:49:e6:e3:39:2f:93:c3:df:bf:f8:0e:0c:
9a:65:c9:a8:32:e0:06:ca:ed:19:47:2d:5b:f1:71:cf:1d:c5:
a6:1e:7a:4e:e4:9f:c7:91:e0:1c:b1:0d:db:e3:ee:92:c1:ac:
08:e8:e2:27:59:1f:07:c6:4b:d5:3e:ef:e6:72:33:33:1b:7a:
4a:c1:84:63:3e:b7:bb:da:ea:6f:8b:44:e8:19:a3:4a:31:00:
fb:2d:12:da:0b:ef:ce:96:0a:41:d7:7c:02:f6:8e:62:61:30:
10:ec:42:11:a0:4c:a7:75:3c:57:e7:33:11:83:06:34:e5:88:
57:b2:f2:e5:80:9b:a2:bc:08:0b:65:56:78:3d:be:27:3c:35:
4c:02:04:06:bf:bc:ea:b3:8e:8c:1c:87:6e:4d:4f:ad:c4:c3:
61:39:57:77:f1:1b:a7:b7:46:95:72:8b:47:0f:46:08:37:f6:
5d:42:c6:39:77:42:a6:48:86:38:34:7e:ca:b3:20:94:5b:a0:
ad:c9:b7:3b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQzGAN6aCaEIVqm0LTiwLa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTA0MjA1MzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYzQ5ZTAyYmIzZWJjZDUwNWE4MTQ2ZmQzNmE2NDRiM2JiZDJjMjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3DcfX6jAVYl6IwwF5Ou4xfIGb263
Mo2UPhtH/PAwP6ZAEsUkS1nFB/5yilzachPSVS9XHy0RAUrV1zYtRa1UxOdAPJWk
hER+jfXbL3sXXCkFvByakHJM1M4v7aZYu6JA4hWnfVoUvQaJT+1WI9OsA5DvRBbS
mgzuS4DxEkoSpSroU9yjd3SoSlwS42k/I1z9jffXFO07gj8lAeMsyj+gfcVp06tV
vNqOF+ZFyyIDN3xQwlUagxL0D6xGnZLR0LGIY2KFpB2MLY5A8WhNO1gYOx5gRUL2
PTW3CAJIoK8LLs2LRrtlQhDMI9r/+OsAO7S6lWK5GJLl9oIXfbwWp+lrXQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBxJ4Cuz681QWoFG/TamRLO70sIxMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSEVuZ0s3UHJ6VkJhZ1ViOU5xWkVzN3ZTd2pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBAEtNleSSI/e1EkVFgZVYNbjZLeAGGUfU
h65Cxj1HkVN3UvRax+3BtAywCVc41iNse3vOTtvpZ/zhZj7k50nm4zkvk8Pfv/gO
DJplyagy4AbK7RlHLVvxcc8dxaYeek7kn8eR4ByxDdvj7pLBrAjo4idZHwfGS9U+
7+ZyMzMbekrBhGM+t7va6m+LROgZo0oxAPstEtoL786WCkHXfAL2jmJhMBDsQhGg
TKd1PFfnMxGDBjTliFey8uWAm6K8CAtlVng9vic8NUwCBAa/vOqzjowch25NT63E
w2E5V3fxG6e3RpVyi0cPRgg39l1Cxjl3QqZIhjg0fsqzIJRboK3Jtzs=
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:18:47 2025 by rpki-client