Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hzM-0rmxEMxfny5y390quaruR0Y.roa
File: hzM-0rmxEMxfny5y390quaruR0Y.roa (raw, json)
Hash identifier: 6rglhuLH6OpsE9CFoqAcVDdCVUhloyU/qP3YaVvDT2w=
Subject key identifier: 87:33:3E:D2:B9:B1:10:CC:5F:9F:2E:72:DF:DD:2A:B9:AA:EE:47:46
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01947F7429989084554346D384F02371BDD9
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hzM-0rmxEMxfny5y390quaruR0Y.roa
Signing time: Sun 19 Jan 2025 16:45:06 +0000
ROA not before: Sun 19 Jan 2025 16:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 89.47.114.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 23 Jan 2025 16:45:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:74:29:98:90:84:55:43:46:d3:84:f0:23:71:bd:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 19 16:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87333ed2b9b110cc5f9f2e72dfdd2ab9aaee4746
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:4e:a8:87:93:28:bf:91:c6:d0:97:b7:00:fa:
83:5b:34:70:eb:b6:d7:54:53:74:8b:30:38:25:45:
2a:96:62:2d:3d:40:c2:17:12:b1:fa:7e:7b:91:5e:
37:25:41:16:5f:d1:3b:b2:0e:10:74:7a:14:39:f7:
8a:55:32:18:4e:cf:97:03:64:44:20:ef:57:46:3c:
7c:13:52:d0:24:a9:5a:b6:7b:5b:e6:90:59:6b:43:
92:da:2f:5f:b8:6b:83:b3:19:1c:39:a7:89:1e:1b:
76:fe:a8:d1:9c:06:77:32:ed:da:3f:5b:ad:cf:aa:
35:b4:79:2f:b9:d6:96:85:f7:65:d6:a8:09:a2:e1:
bb:c0:7e:85:b0:d7:3f:44:fb:72:35:4e:3a:32:b6:
a9:c3:eb:78:bc:a8:93:d4:53:7f:a5:fa:ed:4f:26:
b5:a0:f6:12:7b:c7:bf:30:28:fc:78:41:64:c8:a7:
a5:e0:19:e3:76:e2:91:a3:b0:ff:05:0a:28:cf:9f:
7e:47:77:1a:9b:56:98:9a:0c:f4:5a:a1:f9:e7:22:
fd:1b:0d:5c:e7:c1:45:c5:f4:30:98:a1:0b:70:a3:
0b:3b:23:82:1a:f9:fa:a3:de:40:5f:2f:a2:93:07:
36:50:49:9e:dc:6f:59:af:af:c2:36:87:8d:bc:d5:
9b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:33:3E:D2:B9:B1:10:CC:5F:9F:2E:72:DF:DD:2A:B9:AA:EE:47:46
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/hzM-0rmxEMxfny5y390quaruR0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.114.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:d0:b1:4a:c1:be:95:21:24:bf:b9:71:bb:0e:65:66:2c:f0:
ef:e2:8d:73:7c:76:8e:0a:b7:37:9c:84:79:41:0b:3e:16:83:
a6:f1:5b:57:22:d9:bf:ee:3d:ee:06:f8:3e:a9:03:e3:c1:9a:
ee:4a:2c:36:37:5c:39:a3:15:00:68:ad:d0:8b:2f:13:08:23:
b3:46:39:0b:c8:3b:98:4a:99:8d:84:c2:b9:00:25:87:d6:37:
31:a9:77:96:5f:45:29:53:a4:91:3f:11:49:4e:16:27:f7:0c:
9e:71:a3:2c:19:a4:db:8d:b3:2c:ba:08:ee:80:49:13:36:5c:
09:3a:c8:ae:cb:45:19:76:d5:42:1d:0e:a4:d7:b2:a9:cf:7f:
ee:5b:15:2e:69:d6:d3:ee:ae:21:98:1a:f4:a1:f7:73:8a:03:
c1:1b:f9:1e:6e:ff:a8:37:c1:5b:ab:86:19:9d:aa:00:dd:0a:
05:19:b5:22:f0:0c:7a:f0:08:ce:94:74:16:d5:e5:da:bd:78:
ca:ce:22:ca:2e:93:43:b4:ae:04:c7:4f:1f:37:53:eb:ed:41:
0c:e8:0e:76:87:b8:63:ce:b3:e4:30:e6:15:85:01:c6:f9:fa:
02:a1:01:25:9d:9c:cc:ac:5d:d2:8d:ae:16:f1:7c:01:0a:d3:
af:d9:98:cd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZR/dCmYkIRVQ0bThPAjcb3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTE5MTY0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzMzM2VkMmI5YjExMGNjNWY5ZjJlNzJkZmRkMmFiOWFhZWU0NzQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiU6oh5Mov5HG0Je3APqDWzRw67bX
VFN0izA4JUUqlmItPUDCFxKx+n57kV43JUEWX9E7sg4QdHoUOfeKVTIYTs+XA2RE
IO9XRjx8E1LQJKlatntb5pBZa0OS2i9fuGuDsxkcOaeJHht2/qjRnAZ3Mu3aP1ut
z6o1tHkvudaWhfdl1qgJouG7wH6FsNc/RPtyNU46Mrapw+t4vKiT1FN/pfrtTya1
oPYSe8e/MCj8eEFkyKel4BnjduKRo7D/BQooz59+R3cam1aYmgz0WqH55yL9Gw1c
58FFxfQwmKELcKMLOyOCGvn6o95AXy+ikwc2UEme3G9Zr6/CNoeNvNWb3wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIczPtK5sRDMX58uct/dKrmq7kdGMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvaHpNLTBybXhFTXhmbnk1eTM5MHF1YXJ1UjBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS9yMA0G
CSqGSIb3DQEBCwUAA4IBAQAq0LFKwb6VISS/uXG7DmVmLPDv4o1zfHaOCrc3nIR5
QQs+FoOm8VtXItm/7j3uBvg+qQPjwZruSiw2N1w5oxUAaK3Qiy8TCCOzRjkLyDuY
SpmNhMK5ACWH1jcxqXeWX0UpU6SRPxFJThYn9wyecaMsGaTbjbMsugjugEkTNlwJ
Osiuy0UZdtVCHQ6k17Kpz3/uWxUuadbT7q4hmBr0ofdzigPBG/kebv+oN8Fbq4YZ
naoA3QoFGbUi8Ax68AjOlHQW1eXavXjKziLKLpNDtK4Ex08fN1Pr7UEM6A52h7hj
zrPkMOYVhQHG+foCoQElnZzMrF3Sja4W8XwBCtOv2ZjN
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:05:26 2025 by rpki-client