Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OWrhX1dIVhe_KZ0Z_K7ZkRwh4QQ.roa
File: OWrhX1dIVhe_KZ0Z_K7ZkRwh4QQ.roa (raw, json)
Hash identifier: DLM099eVzsoxb5ly58ouCcvB+TopODac6pdhfkeG3RM=
Subject key identifier: 39:6A:E1:5F:57:48:56:17:BF:29:9D:19:FC:AE:D9:91:1C:21:E1:04
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0195C6F7E5E7DDB20B21F2D400FFA56D77FE
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OWrhX1dIVhe_KZ0Z_K7ZkRwh4QQ.roa
Signing time: Mon 24 Mar 2025 07:04:49 +0000
ROA not before: Mon 24 Mar 2025 07:04:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
93.114.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Mar 2025 15:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c6:f7:e5:e7:dd:b2:0b:21:f2:d4:00:ff:a5:6d:77:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Mar 24 07:04:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=396ae15f57485617bf299d19fcaed9911c21e104
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c8:a3:f0:fa:37:24:ed:49:3c:e3:9a:82:cf:
91:54:2b:bb:81:19:7d:7a:a3:86:8f:c7:48:df:8c:
70:c3:31:15:14:f3:c6:47:ae:ec:cc:55:08:c9:4c:
7d:06:9b:13:c9:67:3c:87:b5:f0:be:8e:69:bd:bc:
18:56:5d:a4:f7:7a:37:6d:a8:a1:86:92:80:98:f8:
9a:5d:82:82:dc:c2:d7:04:c3:e6:1f:c6:57:e4:a8:
e0:32:e5:ae:47:8e:de:6f:60:bb:d8:09:ae:f8:00:
53:60:f6:8a:21:79:d7:de:50:b4:c7:1c:27:7e:1b:
aa:5a:3f:89:b0:28:fd:03:d6:45:0b:e0:b7:b3:a3:
71:52:ae:53:c1:0f:a7:e7:7a:77:3c:fc:86:d8:36:
fd:94:52:cc:8a:8a:3e:9e:e3:c8:1a:6a:e7:56:30:
79:2d:0c:8e:ad:0b:99:79:06:5b:35:52:a9:b3:cb:
c2:23:6d:51:ab:90:d1:58:29:0b:a0:98:f6:de:0b:
7c:77:4e:9e:ce:f4:0d:be:78:f0:9e:0a:7a:21:c7:
d8:93:36:63:cd:35:73:47:12:78:d9:45:b0:60:ca:
c6:ed:91:48:2b:1a:aa:c8:a0:1c:2e:d6:3c:b5:7a:
97:32:7b:29:34:5b:17:a7:4c:c7:6e:90:ee:5b:c3:
7e:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6A:E1:5F:57:48:56:17:BF:29:9D:19:FC:AE:D9:91:1C:21:E1:04
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/OWrhX1dIVhe_KZ0Z_K7ZkRwh4QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
93.114.88.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:37:0d:68:1c:fe:20:f3:c3:5d:c6:70:55:ca:4c:1b:4f:7e:
29:b9:9a:81:34:68:e9:8b:c8:dc:d6:15:c5:3a:63:98:b8:7e:
24:d3:b0:c2:79:5b:b0:e0:c1:0f:6d:e8:92:75:d5:8b:ba:91:
54:c4:26:44:b6:e5:22:6d:f0:ee:bc:4c:b7:f0:f9:16:00:df:
59:56:28:61:bb:55:62:ec:29:f5:f1:a7:0a:e7:a3:72:d2:fb:
a5:5f:ea:73:87:5d:17:8e:d9:12:4d:96:da:31:27:db:60:a1:
b2:16:9d:d6:c1:40:49:5f:0d:12:d0:1e:f9:c9:3b:a9:9d:96:
01:ae:ae:30:f9:56:00:8b:30:5c:7d:1d:68:25:43:e2:86:a8:
27:5a:3c:aa:f0:e8:36:66:41:0c:18:78:5a:3d:04:b6:ec:fa:
28:13:6a:a8:93:d5:a3:a8:35:0c:43:ac:d2:04:7d:6d:f8:b5:
1a:6b:62:d4:d6:94:72:33:74:9b:39:0d:be:ab:7b:1e:d7:7d:
74:d1:09:b5:f8:91:b7:54:68:16:09:2b:4e:dd:2d:61:ba:db:
e3:b4:b8:e0:f3:b3:12:1a:ad:8f:45:53:73:a5:b9:74:df:9f:
0e:53:ac:f2:b0:74:86:6c:bd:d9:5c:c7:49:bc:3f:d4:1e:6c:
98:f1:7c:72
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZXG9+Xn3bILIfLUAP+lbXf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMzI0MDcwNDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZhZTE1ZjU3NDg1NjE3YmYyOTlkMTlmY2FlZDk5MTFjMjFlMTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cij8Po3JO1JPOOags+RVCu7gRl9
eqOGj8dI34xwwzEVFPPGR67szFUIyUx9BpsTyWc8h7Xwvo5pvbwYVl2k93o3baih
hpKAmPiaXYKC3MLXBMPmH8ZX5KjgMuWuR47eb2C72Amu+ABTYPaKIXnX3lC0xxwn
fhuqWj+JsCj9A9ZFC+C3s6NxUq5TwQ+n53p3PPyG2Db9lFLMioo+nuPIGmrnVjB5
LQyOrQuZeQZbNVKps8vCI21Rq5DRWCkLoJj23gt8d06ezvQNvnjwngp6IcfYkzZj
zTVzRxJ42UWwYMrG7ZFIKxqqyKAcLtY8tXqXMnspNFsXp0zHbpDuW8N+oQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDlq4V9XSFYXvymdGfyu2ZEcIeEEMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvT1dyaFgxZElWaGVfS1owWl9LN1prUndoNFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABdclgwDQYJKoZIhvcNAQELBQADggEBAB83DWgc/iDzw13GcFXKTBtP
fim5moE0aOmLyNzWFcU6Y5i4fiTTsMJ5W7DgwQ9t6JJ11Yu6kVTEJkS25SJt8O68
TLfw+RYA31lWKGG7VWLsKfXxpwrno3LS+6Vf6nOHXReO2RJNltoxJ9tgobIWndbB
QElfDRLQHvnJO6mdlgGurjD5VgCLMFx9HWglQ+KGqCdaPKrw6DZmQQwYeFo9BLbs
+igTaqiT1aOoNQxDrNIEfW34tRprYtTWlHIzdJs5Db6rex7XfXTRCbX4kbdUaBYJ
K07dLWG62+O0uODzsxIarY9FU3OluXTfnw5TrPKwdIZsvdlcx0m8P9QebJjxfHI=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:45:26 2025 by rpki-client