Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KCaSGP-NYqbi-ewyB_014m1QB7I.roa
File: KCaSGP-NYqbi-ewyB_014m1QB7I.roa (raw, json)
Hash identifier: htCrMMhKoMiD5Oiiu2zbXA33nf5t8C6zxligI3bM7ZU=
Subject key identifier: 28:26:92:18:FF:8D:62:A6:E2:F9:EC:32:07:FD:35:E2:6D:50:07:B2
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01949921A4ACC493B45ACA18CBD7392C8FA5
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KCaSGP-NYqbi-ewyB_014m1QB7I.roa
Signing time: Fri 24 Jan 2025 16:25:06 +0000
ROA not before: Fri 24 Jan 2025 16:25:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 29 Jan 2025 07:17:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:99:21:a4:ac:c4:93:b4:5a:ca:18:cb:d7:39:2c:8f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 24 16:25:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28269218ff8d62a6e2f9ec3207fd35e26d5007b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c2:98:9a:03:0a:11:84:93:64:53:29:02:61:
05:0e:cf:8a:52:3f:cb:a0:6a:2a:3c:62:63:b6:64:
6d:94:d0:a7:c8:c9:29:95:0f:c0:39:11:ef:f3:03:
67:3b:52:1e:7e:f9:fd:49:34:70:fe:b3:7b:ef:0b:
d5:dc:a8:41:d3:0a:1d:b3:5d:1c:a0:41:d8:38:e7:
e9:11:21:89:f8:6d:05:e3:57:e9:c0:69:08:08:81:
f6:9d:76:fa:b6:17:38:75:9f:a8:37:97:d3:c6:8a:
2c:46:32:ac:03:30:1b:86:5e:53:d9:a7:4e:12:45:
cc:37:95:b6:e1:d8:dc:89:f3:e3:d6:53:a4:01:f5:
98:f6:13:47:82:6d:de:3a:30:0f:83:28:66:3b:26:
a8:a4:53:b7:08:d5:4f:6c:44:48:47:54:b9:0b:62:
89:67:73:ef:eb:5e:d5:23:b4:30:20:73:a8:d9:1f:
93:b6:7c:de:f9:7f:01:7e:7e:ef:3b:5d:83:f5:e9:
b4:83:dd:8d:ce:f8:a3:d6:16:f8:4b:80:45:78:0e:
b9:b2:cb:56:09:c0:d2:66:bc:11:fa:ec:ef:d9:a7:
b9:91:c0:f9:f8:4a:14:40:aa:0f:fc:58:b0:5a:b1:
fd:38:6c:bf:ee:a1:f7:90:c3:af:6a:cc:ec:a9:12:
8b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:26:92:18:FF:8D:62:A6:E2:F9:EC:32:07:FD:35:E2:6D:50:07:B2
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KCaSGP-NYqbi-ewyB_014m1QB7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
66:5a:46:6a:f1:fb:22:be:02:45:79:9f:6b:da:ad:02:9b:58:
9c:48:18:7f:f6:17:28:8b:da:98:09:ba:59:d9:04:e4:d6:d5:
bc:3f:22:b9:63:0d:c4:08:13:2d:a5:86:74:80:62:a9:0b:99:
86:bb:3b:d7:2a:fe:b5:19:ac:e3:a8:82:10:f9:1f:44:77:df:
29:65:2d:99:5b:2f:f9:4b:c4:d1:56:5e:0a:c8:48:95:30:09:
51:72:53:8c:93:2f:0d:78:aa:3d:82:3e:74:b3:33:96:6d:66:
3d:1c:03:31:7d:41:48:38:5b:e4:ff:0b:28:be:3f:98:c6:0a:
35:cd:49:74:98:95:f1:d0:23:57:88:ae:a5:ce:7e:58:ed:13:
cf:31:b1:ea:c4:a7:2a:c3:b1:a2:d8:7e:35:f7:a0:ba:71:af:
9b:16:ac:0e:37:cb:bc:35:2a:73:3e:7d:af:82:0b:13:68:34:
7d:87:d6:26:c0:95:24:07:cf:34:ca:ec:32:e5:30:b7:05:5a:
5e:3b:45:e0:f8:6e:12:f9:3c:74:dd:f0:71:13:7a:25:8f:79:
b5:a1:dc:c6:d9:a2:fe:da:d6:a6:b5:76:ba:3e:48:2e:34:ce:
94:2f:d4:f0:82:ff:3e:b3:a1:41:df:a6:dd:29:b9:ad:e2:7a:
6e:f5:2e:a5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZSZIaSsxJO0WsoYy9c5LI+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTI0MTYyNTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODI2OTIxOGZmOGQ2MmE2ZTJmOWVjMzIwN2ZkMzVlMjZkNTAwN2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcKYmgMKEYSTZFMpAmEFDs+KUj/L
oGoqPGJjtmRtlNCnyMkplQ/AORHv8wNnO1Iefvn9STRw/rN77wvV3KhB0wods10c
oEHYOOfpESGJ+G0F41fpwGkICIH2nXb6thc4dZ+oN5fTxoosRjKsAzAbhl5T2adO
EkXMN5W24djcifPj1lOkAfWY9hNHgm3eOjAPgyhmOyaopFO3CNVPbERIR1S5C2KJ
Z3Pv617VI7QwIHOo2R+Ttnze+X8Bfn7vO12D9em0g92Nzvij1hb4S4BFeA65sstW
CcDSZrwR+uzv2ae5kcD5+EoUQKoP/FiwWrH9OGy/7qH3kMOvaszsqRKLbQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCgmkhj/jWKm4vnsMgf9NeJtUAeyMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvS0NhU0dQLU5ZcWJpLWV3eUJfMDE0bTFRQjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBAGZaRmrx+yK+AkV5n2varQKbWJxIGH/2
FyiL2pgJulnZBOTW1bw/IrljDcQIEy2lhnSAYqkLmYa7O9cq/rUZrOOoghD5H0R3
3yllLZlbL/lLxNFWXgrISJUwCVFyU4yTLw14qj2CPnSzM5ZtZj0cAzF9QUg4W+T/
Cyi+P5jGCjXNSXSYlfHQI1eIrqXOfljtE88xserEpyrDsaLYfjX3oLpxr5sWrA43
y7w1KnM+fa+CCxNoNH2H1ibAlSQHzzTK7DLlMLcFWl47ReD4bhL5PHTd8HETeiWP
ebWh3MbZov7a1qa1dro+SC40zpQv1PCC/z6zoUHfpt0pua3iem71LqU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:37:53 2025 by rpki-client