Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qeXmN3jvi1CAhnqQVSdnS3psDOs.roa
File: qeXmN3jvi1CAhnqQVSdnS3psDOs.roa (raw, json)
Hash identifier: jxdtsI+74cLiGGDJqqoNRY5H+jXFvU0LaW2Ittsprs4=
Subject key identifier: A9:E5:E6:37:78:EF:8B:50:80:86:7A:90:55:27:67:4B:7A:6C:0C:EB
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01942DD286684043D019BD84202032F5B237
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qeXmN3jvi1CAhnqQVSdnS3psDOs.roa
Signing time: Fri 03 Jan 2025 20:19:19 +0000
ROA not before: Fri 03 Jan 2025 20:19:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Sat 04 Jan 2025 08:05:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:2d:d2:86:68:40:43:d0:19:bd:84:20:20:32:f5:b2:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 3 20:19:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a9e5e63778ef8b5080867a905527674b7a6c0ceb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:08:30:1c:66:22:14:ec:5a:bf:10:fa:db:2a:
e5:17:50:68:c3:a4:61:79:94:f8:14:e8:5b:8b:8e:
23:a6:2c:fc:a5:53:0a:2c:0e:f7:e3:ec:dd:be:76:
01:9f:93:28:ea:ae:c0:96:cc:e8:ce:c8:55:dd:b6:
f8:cb:51:ab:04:8c:75:ca:08:a5:2a:dc:fd:e5:9d:
11:4b:69:d8:3b:b9:43:81:17:69:c3:98:5a:e3:f6:
cb:ab:85:84:18:a8:59:26:e6:71:47:4e:5f:34:bc:
77:bd:36:a4:a6:13:60:63:cc:8a:2b:62:13:67:5b:
1a:ce:d1:3a:92:ab:65:14:ba:42:20:0d:1a:1c:88:
58:72:b3:ab:50:15:45:83:79:65:59:7e:e2:0a:38:
4c:9f:67:2b:e9:3d:ff:89:8f:3c:e0:12:24:cf:49:
53:e6:31:16:56:66:2e:c5:fd:17:6e:ee:d5:67:fa:
7d:03:ef:3f:58:9c:32:51:00:9a:2b:68:45:ab:36:
b3:f9:4b:09:be:98:f2:28:88:c8:04:4c:9f:74:8a:
82:34:51:5b:a9:f9:03:13:fc:07:13:87:61:5a:1f:
3a:55:20:2d:40:55:2d:42:08:1b:a5:24:6f:a4:9c:
82:41:ac:c7:51:7c:72:e8:d0:06:1b:7f:a3:28:f6:
1a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:E5:E6:37:78:EF:8B:50:80:86:7A:90:55:27:67:4B:7A:6C:0C:EB
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/qeXmN3jvi1CAhnqQVSdnS3psDOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
7a:9a:23:be:54:d0:10:05:b0:17:cc:0f:c3:d4:53:e5:1d:bb:
e4:bd:7b:ac:69:bc:cf:7d:f4:4c:ac:3c:73:1c:a4:45:e4:c9:
65:12:87:a3:24:32:75:fb:c1:04:22:8a:e9:66:ad:bf:b2:75:
c4:ce:3f:b1:2e:41:a8:ad:3e:d4:66:a5:43:ee:b5:d3:bc:1f:
df:cf:96:c5:0d:64:63:a0:ed:8b:15:73:a3:dd:ff:be:3d:1d:
ee:13:f8:4c:60:98:4b:a5:f2:2c:f0:24:74:26:eb:46:75:37:
23:2f:b2:ad:53:1d:ea:b4:0d:03:5f:0a:bd:07:cc:ef:9a:2b:
17:5f:85:e8:8b:0a:56:ec:56:84:32:7b:8f:98:42:bc:28:e2:
ef:47:2e:cd:21:8f:0e:8c:ea:21:e9:61:18:da:e7:f8:5b:31:
91:b3:55:13:c9:6f:71:ea:d2:80:31:91:a4:19:38:c7:2e:ba:
8b:b7:7f:16:ad:52:cf:d9:ca:44:b2:39:aa:0e:ee:aa:ad:96:
b6:0b:e3:6c:fc:79:86:38:92:14:c9:9e:dc:1a:a0:e7:39:10:
ad:b9:6a:b1:f9:ff:98:be:df:d0:6a:c2:96:9a:24:08:4d:20:
45:b0:bc:f2:49:51:af:96:3c:3a:c6:dc:11:2e:d0:77:58:2f:
80:04:f7:36
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQt0oZoQEPQGb2EICAy9bI3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwMTAzMjAxOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOWU1ZTYzNzc4ZWY4YjUwODA4NjdhOTA1NTI3Njc0YjdhNmMwY2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAywgwHGYiFOxavxD62yrlF1Bow6Rh
eZT4FOhbi44jpiz8pVMKLA734+zdvnYBn5Mo6q7AlszozshV3bb4y1GrBIx1ygil
Ktz95Z0RS2nYO7lDgRdpw5ha4/bLq4WEGKhZJuZxR05fNLx3vTakphNgY8yKK2IT
Z1saztE6kqtlFLpCIA0aHIhYcrOrUBVFg3llWX7iCjhMn2cr6T3/iY884BIkz0lT
5jEWVmYuxf0Xbu7VZ/p9A+8/WJwyUQCaK2hFqzaz+UsJvpjyKIjIBEyfdIqCNFFb
qfkDE/wHE4dhWh86VSAtQFUtQggbpSRvpJyCQazHUXxy6NAGG3+jKPYaPQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKnl5jd474tQgIZ6kFUnZ0t6bAzrMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvcWVYbU4zanZpMUNBaG5xUVZTZG5TM3BzRE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBAHqaI75U0BAFsBfMD8PUU+Udu+S9e6xp
vM999EysPHMcpEXkyWUSh6MkMnX7wQQiiulmrb+ydcTOP7EuQaitPtRmpUPutdO8
H9/PlsUNZGOg7YsVc6Pd/749He4T+ExgmEul8izwJHQm60Z1NyMvsq1THeq0DQNf
Cr0HzO+aKxdfheiLClbsVoQye4+YQrwo4u9HLs0hjw6M6iHpYRja5/hbMZGzVRPJ
b3Hq0oAxkaQZOMcuuou3fxatUs/ZykSyOaoO7qqtlrYL42z8eYY4khTJntwaoOc5
EK25arH5/5i+39BqwpaaJAhNIEWwvPJJUa+WPDrG3BEu0HdYL4AE9zY=
-----END CERTIFICATE-----
Generated at Sat Apr 5 16:16:31 2025 by rpki-client