Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IvX1xgk1WUNhFa8dk4oRTPCZ7uY.roa
File: IvX1xgk1WUNhFa8dk4oRTPCZ7uY.roa (raw, json)
Hash identifier: kElnUvKHMFegSAqD8rx1CfR603F2xt9J7UbTWlo9E4Q=
Subject key identifier: 22:F5:F5:C6:09:35:59:43:61:15:AF:1D:93:8A:11:4C:F0:99:EE:E6
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6BFE79605AEF916558451E549EAD9
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IvX1xgk1WUNhFa8dk4oRTPCZ7uY.roa
Signing time: Wed 01 Jan 2025 21:47:43 +0000
ROA not before: Wed 01 Jan 2025 21:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54339
IP address blocks: 89.42.89.0/24 maxlen: 24
89.42.92.0/24 maxlen: 24
89.42.93.0/24 maxlen: 24
89.43.142.0/24 maxlen: 24
89.46.4.0/24 maxlen: 24
89.47.123.0/24 maxlen: 24
89.47.124.0/24 maxlen: 24
93.113.176.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 18:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bf:e7:96:05:ae:f9:16:55:84:51:e5:49:ea:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22f5f5c6093559436115af1d938a114cf099eee6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:5c:6e:1d:90:7c:b4:bf:67:9c:f4:df:4c:33:
20:c8:ce:47:14:b4:40:8c:a5:27:91:7e:ae:0a:c2:
72:9a:f9:e2:38:3c:1f:c3:f8:ef:37:21:76:cb:f4:
b1:26:bf:72:fb:98:1b:a2:5a:7d:6a:52:5c:5e:e8:
56:19:df:ac:11:8b:ce:2b:65:8c:49:ec:d5:ec:8a:
0f:b6:9e:40:2c:23:5a:52:d1:ac:2e:71:1e:e3:dc:
f1:c9:a9:b0:d5:ff:b3:26:2d:34:ad:55:9a:51:26:
1b:a5:f9:ba:57:4e:cb:b0:62:43:10:6d:3a:70:b7:
ac:ee:4e:9f:80:aa:df:91:21:75:e9:44:6b:22:7a:
3f:29:04:64:e6:98:21:dc:f4:77:f1:b9:18:67:44:
07:d7:4f:d5:75:68:f3:46:22:b3:5c:bc:89:20:a6:
5c:37:f7:41:40:5c:eb:b8:b8:e3:9c:2f:d2:76:1c:
f4:49:76:0c:51:33:7f:5c:9f:c3:a2:59:67:ba:f6:
21:58:48:29:ea:13:04:fc:b7:f0:31:09:65:71:04:
bd:41:f6:62:48:fb:11:ab:f4:22:29:65:08:9c:15:
5a:4d:61:40:25:76:e7:8d:42:b2:9c:e1:1d:52:de:
58:22:ff:cd:a2:49:92:93:68:49:60:0d:71:07:f5:
a4:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F5:F5:C6:09:35:59:43:61:15:AF:1D:93:8A:11:4C:F0:99:EE:E6
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/IvX1xgk1WUNhFa8dk4oRTPCZ7uY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.89.0/24
89.42.92.0/23
89.43.142.0/24
89.46.4.0/24
89.47.123.0-89.47.124.255
93.113.176.0/24
Signature Algorithm: sha256WithRSAEncryption
37:ba:d3:43:11:f3:b0:f2:38:75:b6:ba:b8:c0:43:fa:56:bd:
12:89:85:4b:94:59:89:fd:d5:02:bb:5c:96:80:50:1d:28:56:
ac:11:39:54:a3:b8:40:91:96:62:21:88:f6:38:74:ca:36:72:
2b:b1:d6:20:1c:59:d2:f2:ce:1b:35:22:37:c8:10:54:16:6c:
85:35:5f:f4:75:6d:fb:83:c8:22:f1:ad:e9:8e:7e:d3:a9:29:
f3:25:43:2a:8d:60:60:21:96:e9:c8:f9:0f:23:ac:0e:f5:6c:
38:63:ac:bb:e9:c8:f8:3a:31:ae:c6:4d:ac:8f:d1:03:14:00:
b3:a5:93:69:51:f2:58:45:90:00:53:3b:63:ff:a8:e5:5e:e3:
93:56:2b:de:21:fe:17:ad:98:fe:fc:55:46:14:60:42:86:48:
98:72:9f:b1:2b:c5:5f:8a:a9:60:21:f5:90:57:68:4a:bc:36:
92:ff:a7:ee:5d:bf:c7:b9:cc:43:ed:b3:fd:7a:a9:b2:46:a3:
09:bd:79:a6:25:ce:10:03:cc:71:21:c4:b6:f1:c6:3a:2a:77:
2d:6b:40:44:c3:d9:a1:7b:fb:a8:f7:49:59:aa:7f:5f:88:61:
99:aa:24:d5:c8:bf:aa:ec:25:0f:06:51:98:ac:f5:d4:5c:66:
fe:dc:ac:b2
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQj1r/nlgWu+RZVhFHlSerZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmY1ZjVjNjA5MzU1OTQzNjExNWFmMWQ5MzhhMTE0Y2YwOTllZWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFxuHZB8tL9nnPTfTDMgyM5HFLRA
jKUnkX6uCsJymvniODwfw/jvNyF2y/SxJr9y+5gbolp9alJcXuhWGd+sEYvOK2WM
SezV7IoPtp5ALCNaUtGsLnEe49zxyamw1f+zJi00rVWaUSYbpfm6V07LsGJDEG06
cLes7k6fgKrfkSF16URrIno/KQRk5pgh3PR38bkYZ0QH10/VdWjzRiKzXLyJIKZc
N/dBQFzruLjjnC/Sdhz0SXYMUTN/XJ/DollnuvYhWEgp6hME/LfwMQllcQS9QfZi
SPsRq/QiKWUInBVaTWFAJXbnjUKynOEdUt5YIv/NokmSk2hJYA1xB/WkBwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCL19cYJNVlDYRWvHZOKEUzwme7mMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvSXZYMXhnazFXVU5oRmE4ZGs0b1JUUENaN3VZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAWSpZAwQB
WSpcAwQAWSuOAwQAWS4EMAwDBABZL3sDBABZL3wDBABdcbAwDQYJKoZIhvcNAQEL
BQADggEBADe600MR87DyOHW2urjAQ/pWvRKJhUuUWYn91QK7XJaAUB0oVqwROVSj
uECRlmIhiPY4dMo2ciux1iAcWdLyzhs1IjfIEFQWbIU1X/R1bfuDyCLxremOftOp
KfMlQyqNYGAhlunI+Q8jrA71bDhjrLvpyPg6Ma7GTayP0QMUALOlk2lR8lhFkABT
O2P/qOVe45NWK94h/hetmP78VUYUYEKGSJhyn7ErxV+KqWAh9ZBXaEq8NpL/p+5d
v8e5zEPts/16qbJGowm9eaYlzhADzHEhxLbxxjoqdy1rQETD2aF7+6j3SVmqf1+I
YZmqJNXIv6rsJQ8GUZis9dRcZv7crLI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:11:21 2025 by rpki-client