Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KUCubFJtlyCYZhmBiCOs9aYIoI0.roa
File: KUCubFJtlyCYZhmBiCOs9aYIoI0.roa (raw, json)
Hash identifier: umEpBgqIyJTDVbyvSi2Nb3k1MGcmtXmb+EtkkJTZMIM=
Subject key identifier: 29:40:AE:6C:52:6D:97:20:98:66:19:81:88:23:AC:F5:A6:08:A0:8D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6D0145BC91A3D8A34204BF8AACF70
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KUCubFJtlyCYZhmBiCOs9aYIoI0.roa
Signing time: Wed 01 Jan 2025 21:47:47 +0000
ROA not before: Wed 01 Jan 2025 21:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 89.33.194.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Mar 2025 10:32:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:d0:14:5b:c9:1a:3d:8a:34:20:4b:f8:aa:cf:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2940ae6c526d9720986619818823acf5a608a08d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:17:ee:51:d8:35:b4:08:d5:d0:79:30:e8:b3:
df:11:e7:db:61:29:f3:85:b0:97:55:8c:f2:3d:b6:
f9:0d:a9:f8:8b:da:8d:cd:d5:7b:eb:60:8c:9e:ef:
84:45:c8:c1:64:4c:8f:7c:46:0c:44:8c:9b:1f:ad:
92:7f:9f:2d:99:70:32:a1:6a:12:72:e6:05:23:9e:
b7:d4:61:7b:4c:3a:50:5b:90:70:fe:4f:77:6b:95:
5c:57:65:7b:a8:97:76:b2:9f:24:a7:a5:a5:19:4b:
dc:21:fb:67:bc:72:3e:71:5b:f1:c0:36:36:c8:8b:
71:09:be:07:ca:17:02:ce:d0:a4:31:f7:11:92:f6:
03:8d:fc:c0:91:3a:60:d5:3a:99:65:6a:74:0d:1a:
e9:39:b2:67:0d:0e:24:51:a6:55:e0:3b:fb:92:d2:
7b:25:6d:0b:b6:a2:ee:60:2f:59:5a:04:77:68:3e:
63:fd:9d:22:b6:2f:54:70:91:91:0f:ac:40:f0:29:
ee:a3:db:83:e0:a9:67:89:2e:0d:d6:1a:32:ef:a0:
c6:ce:1c:a5:38:f8:33:d2:57:2b:ac:3c:e4:ec:b9:
73:e5:fe:2e:28:e2:dd:ce:18:36:24:2d:20:4b:52:
4b:00:1b:e2:70:5a:b8:10:71:ce:4a:aa:3d:ad:0c:
c0:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:40:AE:6C:52:6D:97:20:98:66:19:81:88:23:AC:F5:A6:08:A0:8D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/KUCubFJtlyCYZhmBiCOs9aYIoI0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.194.0/24
Signature Algorithm: sha256WithRSAEncryption
11:c4:3a:0a:d6:e5:71:63:15:4a:7e:4e:bf:17:69:4f:09:ce:
10:ce:81:b8:60:a1:1d:0b:54:77:94:f8:9b:7d:0d:42:c9:c4:
86:66:14:e2:5d:3f:d5:06:f5:29:99:e1:b6:e3:ac:04:cb:d6:
76:81:e4:32:d6:30:57:53:c1:0c:fd:b3:92:53:1d:f7:72:b4:
a5:d7:b2:d7:9f:0d:b2:a2:6f:87:cb:e3:05:59:26:e1:e8:d3:
e1:90:22:df:18:07:e1:46:e8:95:42:94:bc:81:43:f2:fa:5e:
54:8b:6b:36:da:b2:e5:61:9f:95:f4:11:f9:b4:59:67:f2:73:
2a:48:2b:02:ec:16:66:06:cd:e1:98:1c:50:a8:61:c7:70:2c:
d5:25:44:dc:f9:4d:fc:77:4d:f6:65:f4:96:50:5d:f0:48:81:
fe:4e:db:67:fe:7a:3c:84:28:9b:2a:62:75:b6:10:a7:bb:97:
b9:a0:0a:dd:b8:f0:e6:34:4c:2d:0b:61:cc:1f:85:aa:55:71:
22:40:0c:0c:b5:8f:ca:6e:27:6c:a0:6f:5a:cd:5f:e1:7c:95:
b2:f5:72:22:00:dc:aa:d0:88:cd:6c:09:85:fe:4c:0a:50:e8:
b5:ce:c7:2b:82:bf:3a:4c:a5:2d:8b:d5:e6:ea:b3:ec:75:9c:
63:c3:eb:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1tAUW8kaPYo0IEv4qs9wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTQwYWU2YzUyNmQ5NzIwOTg2NjE5ODE4ODIzYWNmNWE2MDhhMDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hfuUdg1tAjV0Hkw6LPfEefbYSnz
hbCXVYzyPbb5Dan4i9qNzdV762CMnu+ERcjBZEyPfEYMRIybH62Sf58tmXAyoWoS
cuYFI5631GF7TDpQW5Bw/k93a5VcV2V7qJd2sp8kp6WlGUvcIftnvHI+cVvxwDY2
yItxCb4HyhcCztCkMfcRkvYDjfzAkTpg1TqZZWp0DRrpObJnDQ4kUaZV4Dv7ktJ7
JW0LtqLuYC9ZWgR3aD5j/Z0iti9UcJGRD6xA8Cnuo9uD4KlniS4N1hoy76DGzhyl
OPgz0lcrrDzk7Llz5f4uKOLdzhg2JC0gS1JLABvicFq4EHHOSqo9rQzAywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFClArmxSbZcgmGYZgYgjrPWmCKCNMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvS1VDdWJGSnRseUNZWmhtQmlDT3M5YVlJb0kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSHCMA0G
CSqGSIb3DQEBCwUAA4IBAQARxDoK1uVxYxVKfk6/F2lPCc4QzoG4YKEdC1R3lPib
fQ1CycSGZhTiXT/VBvUpmeG246wEy9Z2geQy1jBXU8EM/bOSUx33crSl17LXnw2y
om+Hy+MFWSbh6NPhkCLfGAfhRuiVQpS8gUPy+l5Ui2s22rLlYZ+V9BH5tFln8nMq
SCsC7BZmBs3hmBxQqGHHcCzVJUTc+U38d032ZfSWUF3wSIH+Tttn/no8hCibKmJ1
thCnu5e5oArduPDmNEwtC2HMH4WqVXEiQAwMtY/KbidsoG9azV/hfJWy9XIiANyq
0IjNbAmF/kwKUOi1zscrgr86TKUti9Xm6rPsdZxjw+tW
-----END CERTIFICATE-----
Generated at Sat Apr 5 23:22:24 2025 by rpki-client