Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/P-4Jwpw0kb2WKtMHHIBgkjJHbZc.roa
File: P-4Jwpw0kb2WKtMHHIBgkjJHbZc.roa (raw, json)
Hash identifier: 5G280Vydr8Hwdo81qqtaC7V3QCLYHSsIvMmSUsQfl+4=
Subject key identifier: 3F:EE:09:C2:9C:34:91:BD:96:2A:D3:07:1C:80:60:92:32:47:6D:97
Certificate issuer: /CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Certificate serial: 0194DA663D0044CAABB00F769F0423E160A8
Authority key identifier: 1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/P-4Jwpw0kb2WKtMHHIBgkjJHbZc.roa
Signing time: Thu 06 Feb 2025 08:35:20 +0000
ROA not before: Thu 06 Feb 2025 08:35:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214099
IP address blocks: 89.18.52.0/22 maxlen: 22
89.18.56.0/22 maxlen: 22
Validation: Failed, certificate revoked on Mon 24 Feb 2025 08:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:da:66:3d:00:44:ca:ab:b0:0f:76:9f:04:23:e1:60:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1f1e2eaaef0701595ac2754d0121217e7b91d739
Validity
Not Before: Feb 6 08:35:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3fee09c29c3491bd962ad3071c80609232476d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a7:15:9b:f5:df:60:87:14:eb:10:1d:52:7e:
02:e8:67:fd:5b:02:47:31:44:0a:de:e3:9b:a4:6d:
b9:32:97:9e:35:fc:1a:6c:6a:bd:48:d1:24:ef:ef:
76:d4:56:07:ef:01:51:47:af:54:d5:e9:20:4e:c8:
f2:52:6a:06:f5:5a:9f:b4:38:14:68:ae:6b:9d:2a:
c0:e7:cb:41:20:56:06:9a:43:fd:c4:f2:49:16:f7:
24:85:6c:6f:0a:f5:5f:3c:0e:15:fc:96:d0:34:6f:
4b:58:e2:4c:3e:37:f0:2c:ef:04:1e:18:b4:56:30:
22:42:9e:d9:e1:62:c3:3f:3c:a5:8c:86:89:fb:b0:
f2:fe:4d:bd:3c:b2:66:35:98:c2:31:e5:ff:b3:eb:
9d:0f:47:f7:7f:b8:d7:a7:12:01:04:6a:44:e8:57:
77:6c:e6:92:27:06:6d:5d:12:5d:d6:a7:53:da:29:
b0:1b:b0:7b:82:cb:58:64:6f:fa:39:f0:10:c1:e0:
73:d2:c0:84:1a:b8:dd:83:88:0a:30:c8:79:bf:fd:
4a:1b:fd:05:ec:68:58:1c:8f:8d:65:b9:15:a0:c6:
3d:41:36:6a:fa:1e:40:3b:cf:42:8d:1d:ba:cc:7a:
69:38:b9:3b:ac:0b:d5:73:ad:e1:a0:41:a9:d0:42:
5b:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:EE:09:C2:9C:34:91:BD:96:2A:D3:07:1C:80:60:92:32:47:6D:97
X509v3 Authority Key Identifier:
keyid:1F:1E:2E:AA:EF:07:01:59:5A:C2:75:4D:01:21:21:7E:7B:91:D7:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hx4uqu8HAVlawnVNASEhfnuR1zk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/P-4Jwpw0kb2WKtMHHIBgkjJHbZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/4d6ffd-1fac-497f-810c-2b34b8433bb5/1/Hx4uqu8HAVlawnVNASEhfnuR1zk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.52.0-89.18.59.255
Signature Algorithm: sha256WithRSAEncryption
bf:1a:94:67:4d:86:24:6a:d1:7d:e2:e0:29:9e:81:e7:95:8a:
55:c0:85:4e:29:4f:49:18:d6:c8:52:aa:94:2f:85:cd:33:cf:
ca:1c:4b:c3:6a:c0:3f:62:75:ff:f2:0a:8e:5b:28:57:7f:1e:
11:ce:41:24:6b:e2:bc:41:8b:67:4d:02:26:93:5c:a0:fd:6e:
5d:df:c8:d1:26:0e:96:5d:d8:f5:a5:b7:95:e9:ce:f4:bc:ea:
1e:c8:0d:3b:4d:55:51:cb:9c:32:f8:82:bb:b1:da:e5:cd:2c:
47:56:c6:b2:41:11:d0:6c:11:17:81:6c:6a:19:3d:26:99:19:
79:63:6e:b8:98:8f:30:b4:60:28:7c:4d:2f:07:5e:09:11:97:
72:34:2e:41:a0:38:80:26:45:bb:cd:71:62:5f:de:eb:73:75:
f8:c8:ba:12:d1:b4:b6:57:df:d8:6c:1c:78:4c:08:f5:aa:e7:
41:c7:6b:f2:b9:83:b7:7e:ee:9e:3d:82:f2:38:73:db:2a:62:
b9:fb:03:ee:f3:62:4d:a5:d3:dc:fb:a2:9e:ba:02:fa:00:ba:
02:fa:46:d6:eb:6f:38:b7:bb:11:0a:12:63:5e:32:e1:ff:e7:
48:bc:cb:82:a0:e3:90:0a:0b:9f:01:95:ea:dc:1d:df:b9:2a:
74:bc:0e:4f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZTaZj0ARMqrsA92nwQj4WCoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFmMWUyZWFhZWYwNzAxNTk1YWMyNzU0ZDAxMjEyMTdlN2I5
MWQ3MzkwHhcNMjUwMjA2MDgzNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmVlMDljMjljMzQ5MWJkOTYyYWQzMDcxYzgwNjA5MjMyNDc2ZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyacVm/XfYIcU6xAdUn4C6Gf9WwJH
MUQK3uObpG25MpeeNfwabGq9SNEk7+921FYH7wFRR69U1ekgTsjyUmoG9VqftDgU
aK5rnSrA58tBIFYGmkP9xPJJFvckhWxvCvVfPA4V/JbQNG9LWOJMPjfwLO8EHhi0
VjAiQp7Z4WLDPzyljIaJ+7Dy/k29PLJmNZjCMeX/s+udD0f3f7jXpxIBBGpE6Fd3
bOaSJwZtXRJd1qdT2imwG7B7gstYZG/6OfAQweBz0sCEGrjdg4gKMMh5v/1KG/0F
7GhYHI+NZbkVoMY9QTZq+h5AO89CjR26zHppOLk7rAvVc63hoEGp0EJb6wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFD/uCcKcNJG9lirTBxyAYJIyR22XMB8GA1UdIwQY
MBaAFB8eLqrvBwFZWsJ1TQEhIX57kdc5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMt
MmIzNGI4NDMzYmI1LzEvUC00SndwdzBrYjJXS3RNSEhJQmdrakpIYlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS80ZDZmZmQtMWZhYy00OTdmLTgxMGMtMmIzNGI4NDMzYmI1
LzEvSHg0dXF1OEhBVmxhd25WTkFTRWhmbnVSMXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZEjQD
BAJZEjgwDQYJKoZIhvcNAQELBQADggEBAL8alGdNhiRq0X3i4CmegeeVilXAhU4p
T0kY1shSqpQvhc0zz8ocS8NqwD9idf/yCo5bKFd/HhHOQSRr4rxBi2dNAiaTXKD9
bl3fyNEmDpZd2PWlt5XpzvS86h7IDTtNVVHLnDL4grux2uXNLEdWxrJBEdBsEReB
bGoZPSaZGXljbriYjzC0YCh8TS8HXgkRl3I0LkGgOIAmRbvNcWJf3utzdfjIuhLR
tLZX39hsHHhMCPWq50HHa/K5g7d+7p49gvI4c9sqYrn7A+7zYk2l09z7op66AvoA
ugL6Rtbrbzi3uxEKEmNeMuH/50i8y4Kg45AKC58BlercHd+5KnS8Dk8=
-----END CERTIFICATE-----
Generated at Sun Mar 9 19:23:54 2025 by rpki-client