Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ozYzHaflQt3xENONCy3dl1KpMAk.roa
File: ozYzHaflQt3xENONCy3dl1KpMAk.roa (raw, json)
Hash identifier: DrHlR5di+9Jt65CXq7ypFwoDXnyaBcNp5wUDTPSZmaA=
Subject key identifier: A3:36:33:1D:A7:E5:42:DD:F1:10:D3:8D:0B:2D:DD:97:52:A9:30:09
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 019423D6B457AE077DD87D4ACE77D7E18D16
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ozYzHaflQt3xENONCy3dl1KpMAk.roa
Signing time: Wed 01 Jan 2025 21:47:40 +0000
ROA not before: Wed 01 Jan 2025 21:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 89.34.224.0/23 maxlen: 24
89.34.228.0/24 maxlen: 24
89.34.231.0/24 maxlen: 24
89.38.228.0/24 maxlen: 24
89.38.229.0/24 maxlen: 24
89.40.82.0/24 maxlen: 24
89.42.80.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/24 maxlen: 24
89.42.86.0/24 maxlen: 24
89.42.95.0/24 maxlen: 24
89.42.143.0/24 maxlen: 24
89.43.140.0/24 maxlen: 24
89.43.143.0/24 maxlen: 24
89.46.0.0/24 maxlen: 24
89.46.3.0/24 maxlen: 24
89.47.99.0/24 maxlen: 24
89.47.115.0/24 maxlen: 24
89.47.117.0/24 maxlen: 24
89.47.119.0/24 maxlen: 24
89.47.125.0/24 maxlen: 24
89.47.126.0/24 maxlen: 24
89.47.127.0/24 maxlen: 24
93.113.181.0/24 maxlen: 24
185.101.105.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 03 Jan 2025 20:19:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:b4:57:ae:07:7d:d8:7d:4a:ce:77:d7:e1:8d:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 21:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a336331da7e542ddf110d38d0b2ddd9752a93009
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:3b:17:f5:87:de:94:bd:bf:bc:66:29:1f:6a:
e7:84:39:85:71:2a:be:05:ed:38:4f:9e:7d:72:76:
07:a2:ac:98:6c:6b:ab:1b:2b:4e:fd:8f:78:77:69:
87:24:c8:24:be:12:70:d4:6d:b5:34:60:fd:e2:d1:
a1:44:e4:56:73:5f:89:a0:37:0e:d3:36:80:86:7a:
42:20:43:16:5c:df:38:c2:6c:5c:3d:95:6a:49:84:
71:8b:d5:4b:d7:dc:04:7b:d7:72:a5:a8:86:88:c5:
a3:40:c3:74:04:34:4d:24:2e:bb:93:68:97:ba:f3:
56:78:0e:12:9f:69:a7:d7:78:0d:ac:fd:10:dc:38:
1a:fb:3b:95:27:04:88:25:64:50:1f:00:42:16:40:
1a:c5:87:d3:05:1f:d4:00:c1:ee:43:26:b3:21:63:
31:d0:15:82:52:bd:6c:fe:c7:81:41:81:6d:95:e3:
cb:55:75:c5:55:f4:7f:50:5d:c5:e1:e7:98:c7:2d:
6f:be:5e:8a:e1:0a:39:9b:61:f1:11:b0:1e:02:65:
8c:ad:65:ef:5c:8c:9a:83:b7:d3:76:d5:32:21:cd:
8f:0b:c7:13:7c:d1:16:c6:b2:f3:db:88:32:b2:fd:
90:4e:e5:1a:1f:09:ce:5b:96:f7:51:e3:33:c6:e8:
3e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:36:33:1D:A7:E5:42:DD:F1:10:D3:8D:0B:2D:DD:97:52:A9:30:09
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ozYzHaflQt3xENONCy3dl1KpMAk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.224.0/23
89.34.228.0/24
89.34.231.0/24
89.38.228.0/23
89.40.82.0/24
89.42.80.0-89.42.82.255
89.42.86.0/24
89.42.95.0/24
89.42.143.0/24
89.43.140.0/24
89.43.143.0/24
89.46.0.0/24
89.46.3.0/24
89.47.99.0/24
89.47.115.0/24
89.47.117.0/24
89.47.119.0/24
89.47.125.0-89.47.127.255
93.113.181.0/24
185.101.105.0/24
Signature Algorithm: sha256WithRSAEncryption
70:60:57:10:4a:d9:51:c4:28:74:19:1e:f4:8c:1a:e9:64:13:
e4:de:c0:bf:b1:fa:55:2a:37:ab:90:c5:0c:fc:80:6d:0b:2f:
e0:08:db:d6:f7:3a:45:80:6f:96:79:c4:65:06:a8:4c:3b:53:
e4:07:cc:54:41:83:e1:a2:f3:ea:e2:77:61:94:1f:b1:33:b3:
8f:9c:0d:e1:31:0b:08:9a:73:bc:ee:e5:72:42:3c:18:22:95:
6d:03:58:77:c1:9c:9f:4f:4c:90:20:fe:5f:f6:32:89:58:b0:
27:36:06:81:88:c1:8e:51:1e:d9:b2:c8:fd:1a:9d:52:be:bf:
f8:1f:b0:02:92:c3:6e:26:1d:45:27:10:8e:21:af:fc:e4:d7:
f0:a3:09:bb:5e:1e:6f:20:f4:35:a8:08:09:a5:08:b5:bb:44:
bf:ce:0b:7a:53:e2:9a:68:e9:3e:36:59:6e:39:84:cd:2a:cd:
bc:d6:b7:0c:72:33:0e:54:bd:c0:07:6a:5d:5e:f5:a1:f8:b5:
66:73:01:5c:d6:c7:b4:53:7e:d8:ad:ff:d1:22:b1:9e:b2:07:
f4:2b:58:4d:00:18:1a:3b:0a:46:e5:b2:fd:14:9c:6a:5b:d2:
f5:a3:8d:e6:df:b2:40:02:0c:fb:2f:5e:ed:27:04:8b:5a:85:
b7:a6:0f:bd
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZQj1rRXrgd92H1KznfX4Y0WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAxMjE0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzM2MzMxZGE3ZTU0MmRkZjExMGQzOGQwYjJkZGQ5NzUyYTkzMDA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3zsX9YfelL2/vGYpH2rnhDmFcSq+
Be04T559cnYHoqyYbGurGytO/Y94d2mHJMgkvhJw1G21NGD94tGhRORWc1+JoDcO
0zaAhnpCIEMWXN84wmxcPZVqSYRxi9VL19wEe9dypaiGiMWjQMN0BDRNJC67k2iX
uvNWeA4Sn2mn13gNrP0Q3Dga+zuVJwSIJWRQHwBCFkAaxYfTBR/UAMHuQyazIWMx
0BWCUr1s/seBQYFtlePLVXXFVfR/UF3F4eeYxy1vvl6K4Qo5m2HxEbAeAmWMrWXv
XIyag7fTdtUyIc2PC8cTfNEWxrLz24gysv2QTuUaHwnOW5b3UeMzxug+ywIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFKM2Mx2n5ULd8RDTjQst3ZdSqTAJMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvb3pZekhhZmxRdDN4RU5PTkN5M2RsMUtwTUFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAFZ
IuADBABZIuQDBABZIucDBAFZJuQDBABZKFIwDAMEBFkqUAMEAFkqUgMEAFkqVgME
AFkqXwMEAFkqjwMEAFkrjAMEAFkrjwMEAFkuAAMEAFkuAwMEAFkvYwMEAFkvcwME
AFkvdQMEAFkvdzAMAwQAWS99AwQHWS8AAwQAXXG1AwQAuWVpMA0GCSqGSIb3DQEB
CwUAA4IBAQBwYFcQStlRxCh0GR70jBrpZBPk3sC/sfpVKjerkMUM/IBtCy/gCNvW
9zpFgG+WecRlBqhMO1PkB8xUQYPhovPq4ndhlB+xM7OPnA3hMQsImnO87uVyQjwY
IpVtA1h3wZyfT0yQIP5f9jKJWLAnNgaBiMGOUR7Zssj9Gp1Svr/4H7ACksNuJh1F
JxCOIa/85Nfwowm7Xh5vIPQ1qAgJpQi1u0S/zgt6U+KaaOk+NlluOYTNKs281rcM
cjMOVL3AB2pdXvWh+LVmcwFc1se0U37Yrf/RIrGesgf0K1hNABgaOwpG5bL9FJxq
W9L1o43m37JAAgz7L17tJwSLWoW3pg+9
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:51:24 2025 by rpki-client