Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/R_Q5FjP2t_IqIHQOVHEGWtJ5fl4.roa
File: R_Q5FjP2t_IqIHQOVHEGWtJ5fl4.roa (raw, json)
Hash identifier: uR/9KEef4yaIwy6TMXXgIFm+uWp4JxZdmbNnmdkTk+w=
Subject key identifier: 47:F4:39:16:33:F6:B7:F2:2A:20:74:0E:54:71:06:5A:D2:79:7E:5E
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 019427B59090971D2A7B39802317F83BCF1F
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/R_Q5FjP2t_IqIHQOVHEGWtJ5fl4.roa
Signing time: Thu 02 Jan 2025 15:49:57 +0000
ROA not before: Thu 02 Jan 2025 15:49:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 89.35.80.0/23 maxlen: 23
89.40.222.0/23 maxlen: 23
89.45.124.0/23 maxlen: 23
Validation: Failed, certificate revoked on Mon 27 Jan 2025 15:06:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:90:90:97:1d:2a:7b:39:80:23:17:f8:3b:cf:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Jan 2 15:49:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47f4391633f6b7f22a20740e5471065ad2797e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:db:f1:4b:16:0f:eb:8a:54:d8:b3:d1:ff:db:
28:10:b0:32:1a:44:32:79:d6:8f:05:4d:0c:94:57:
74:27:9c:e5:d8:7f:c3:e2:b8:ea:9e:01:29:87:76:
59:4a:5f:9d:02:3c:ef:50:00:fe:c6:e3:0b:19:45:
e2:b2:84:1c:9b:05:62:85:e5:23:5f:69:9d:e2:f9:
0d:fe:ea:1c:f3:f3:d2:67:1d:b6:ee:c9:e0:59:ce:
47:3f:fe:40:c9:90:e8:b9:54:e2:9f:d0:b4:7b:e5:
54:44:46:35:97:d6:e4:20:98:9d:b4:5f:d8:7d:88:
4c:fd:c9:24:e5:13:98:7b:81:84:47:de:d7:f1:88:
c2:0b:e3:5c:f9:f5:af:ae:95:81:89:6d:eb:b3:bb:
20:ec:c3:eb:dd:1c:d4:c4:a2:8d:43:4f:8b:e4:36:
89:12:bb:95:70:08:f1:e0:02:ad:9e:32:67:a8:7d:
a8:6b:83:57:75:41:0c:63:e6:86:15:2c:d0:66:4f:
06:2f:b4:79:c7:06:93:25:f9:eb:ed:ad:ae:35:47:
da:4c:59:40:de:11:42:22:4b:d2:56:2c:fe:74:57:
32:da:54:ca:d5:57:2a:63:64:a4:54:b0:fd:46:bf:
14:43:ec:b6:88:00:3a:79:5f:0c:2f:ab:3d:05:5d:
bd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F4:39:16:33:F6:B7:F2:2A:20:74:0E:54:71:06:5A:D2:79:7E:5E
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/R_Q5FjP2t_IqIHQOVHEGWtJ5fl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.80.0/23
89.40.222.0/23
89.45.124.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:15:1f:e8:92:8d:bb:9d:b3:13:57:41:93:cf:86:fb:cb:e7:
ec:7c:20:7a:35:84:62:b0:2d:89:da:62:2e:5e:0d:92:6c:ba:
36:a8:42:ae:9c:63:94:46:d8:55:54:63:04:db:a3:e2:f8:ab:
c9:47:93:09:8a:6d:b8:22:a0:d2:4f:11:3e:c9:c0:6a:0f:61:
d0:54:95:6c:bb:4a:bf:15:b3:9b:72:65:4e:cd:5d:fb:4e:41:
ac:29:97:b3:17:3d:1b:bc:82:b4:00:aa:10:4d:13:ba:65:79:
60:8d:7e:f3:5a:a8:03:74:cd:1f:1d:7f:cd:bf:5e:ee:fc:1d:
1c:b3:d6:fe:4b:c2:7f:43:db:b2:f2:7b:a3:d8:54:2e:97:ab:
16:c7:0c:fd:5f:76:7e:84:59:dd:67:8c:a6:b0:20:16:9a:7b:
39:f7:df:5d:9b:04:8b:7f:98:7d:d5:d3:d8:af:15:8e:78:54:
1c:79:ce:3c:dc:8d:ce:52:12:15:73:6e:87:2f:b5:a4:2b:ea:
09:7e:1b:99:fc:47:fe:35:b0:f9:ee:5f:46:96:b0:e4:aa:c4:
7f:dd:36:39:e7:fd:82:77:36:54:a1:78:e7:b6:5b:a4:2d:3e:
43:ca:dc:11:82:fd:9c:eb:5a:a0:fa:01:18:62:bc:f6:b4:e5:
0f:4a:1d:1c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntZCQlx0qezmAIxf4O88fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwMTAyMTU0OTU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2Y0MzkxNjMzZjZiN2YyMmEyMDc0MGU1NDcxMDY1YWQyNzk3ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm9vxSxYP64pU2LPR/9soELAyGkQy
edaPBU0MlFd0J5zl2H/D4rjqngEph3ZZSl+dAjzvUAD+xuMLGUXisoQcmwViheUj
X2md4vkN/uoc8/PSZx227sngWc5HP/5AyZDouVTin9C0e+VUREY1l9bkIJidtF/Y
fYhM/ckk5ROYe4GER97X8YjCC+Nc+fWvrpWBiW3rs7sg7MPr3RzUxKKNQ0+L5DaJ
EruVcAjx4AKtnjJnqH2oa4NXdUEMY+aGFSzQZk8GL7R5xwaTJfnr7a2uNUfaTFlA
3hFCIkvSViz+dFcy2lTK1VcqY2SkVLD9Rr8UQ+y2iAA6eV8ML6s9BV29MQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEf0ORYz9rfyKiB0DlRxBlrSeX5eMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvUl9RNUZqUDJ0X0lxSUhRT1ZIRUdXdEo1Zmw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBWSNQAwQB
WSjeAwQBWS18MA0GCSqGSIb3DQEBCwUAA4IBAQCkFR/oko27nbMTV0GTz4b7y+fs
fCB6NYRisC2J2mIuXg2SbLo2qEKunGOURthVVGME26Pi+KvJR5MJim24IqDSTxE+
ycBqD2HQVJVsu0q/FbObcmVOzV37TkGsKZezFz0bvIK0AKoQTRO6ZXlgjX7zWqgD
dM0fHX/Nv17u/B0cs9b+S8J/Q9uy8nuj2FQul6sWxwz9X3Z+hFndZ4ymsCAWmns5
999dmwSLf5h91dPYrxWOeFQcec483I3OUhIVc26HL7WkK+oJfhuZ/Ef+NbD57l9G
lrDkqsR/3TY55/2CdzZUoXjntlukLT5DytwRgv2c61qg+gEYYrz2tOUPSh0c
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:34:28 2025 by rpki-client