Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AGc-6XN2W288rx_yVC8NFk7oSt8.roa
File: AGc-6XN2W288rx_yVC8NFk7oSt8.roa (raw, json)
Hash identifier: nOzdvkD6NXYcdM0a5EH+RWFhmyxwLtzFcZ72iCXLbDQ=
Subject key identifier: 00:67:3E:E9:73:76:5B:6F:3C:AF:1F:F2:54:2F:0D:16:4E:E8:4A:DF
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0195EFDCF41B1B880E8CD21C3BF9C1B98072
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AGc-6XN2W288rx_yVC8NFk7oSt8.roa
Signing time: Tue 01 Apr 2025 05:39:49 +0000
ROA not before: Tue 01 Apr 2025 05:39:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.37.119.0/24 maxlen: 24
89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Fri 04 Apr 2025 07:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ef:dc:f4:1b:1b:88:0e:8c:d2:1c:3b:f9:c1:b9:80:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 1 05:39:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00673ee973765b6f3caf1ff2542f0d164ee84adf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a6:e0:c6:fd:ee:a0:42:5b:96:83:46:14:ca:
fd:ff:43:ac:a8:15:1d:5f:96:9b:1d:21:5f:8a:f3:
03:23:4a:2c:f1:a7:d2:3d:0e:63:d8:fe:2f:93:5f:
2d:34:48:60:b2:3c:57:8e:52:06:64:f3:50:f7:da:
db:ce:15:f2:a5:f1:e2:7d:63:3b:7a:56:83:e4:b9:
7d:72:2c:c2:4e:e1:b2:d7:af:31:43:ea:38:ab:17:
c5:e8:7a:69:1d:d6:e0:98:7b:99:6c:50:fd:a8:77:
de:d7:e0:fd:0e:ed:00:7e:ed:d0:51:80:63:26:00:
8a:f6:bf:a2:86:68:a6:30:82:a1:89:4a:3f:45:6c:
c3:38:b2:3b:a6:73:9d:94:8f:ee:c8:a4:0e:73:f3:
6d:76:28:98:cf:3b:f2:b0:9e:12:58:3f:af:2e:d5:
c2:05:ed:1d:b4:b1:fc:43:93:63:aa:26:1f:b4:70:
f9:63:0a:23:3f:94:f9:85:3f:0f:a3:5b:b6:cd:86:
b6:96:e6:33:6f:4c:89:0a:bd:5b:dd:f3:d3:69:8d:
9f:e7:ec:dd:be:1e:37:b3:a9:6b:67:10:a9:4a:d4:
2e:2d:0f:1a:80:d2:21:b5:64:91:1f:40:c0:86:34:
85:af:fe:38:47:2c:14:f9:bb:19:bf:c7:91:87:d2:
5b:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:67:3E:E9:73:76:5B:6F:3C:AF:1F:F2:54:2F:0D:16:4E:E8:4A:DF
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/AGc-6XN2W288rx_yVC8NFk7oSt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.119.0/24
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
5a:cc:46:85:38:e9:81:be:64:5d:5d:db:3d:68:b4:37:c0:1f:
57:5f:d6:fa:d0:f7:51:d6:02:1f:4c:6a:b9:ac:bf:00:ef:2f:
84:b3:e8:e3:90:b0:f0:a0:d0:05:4c:1f:57:60:42:50:b8:26:
9f:84:00:9b:31:c5:4c:60:62:12:79:e1:de:49:53:98:cf:a7:
d1:1f:5c:ad:d1:f5:e1:87:3f:92:f2:7b:f7:9c:31:10:b4:69:
b8:9d:3e:f2:4f:85:c7:77:3b:3b:b3:24:e5:e6:cd:7c:ee:2c:
e5:09:4e:83:4b:4b:c7:df:a6:d9:cc:d3:dc:6c:70:da:cb:ab:
fe:47:f7:f0:dc:86:54:d9:05:a0:e2:11:65:13:a9:35:a5:dc:
5c:a5:b4:c6:09:9a:dd:fb:39:20:6e:59:f3:17:cc:f2:fd:1f:
da:0b:f9:3b:5e:c2:c7:a5:04:b3:d4:ba:5e:ce:8f:77:ea:66:
97:19:e1:35:04:26:15:85:bb:a7:be:de:06:15:e8:e7:b0:67:
c0:f2:61:e6:ae:f2:59:d7:36:a0:58:54:07:71:1f:d8:58:da:
90:ff:ab:cf:67:59:aa:11:b3:ad:1a:ec:cd:34:b2:41:ce:97:
44:91:7c:c4:2f:e3:93:33:8e:a7:72:16:83:dd:e9:27:72:48:
04:ed:d5:b1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZXv3PQbG4gOjNIcO/nBuYByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNDAxMDUzOTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDY3M2VlOTczNzY1YjZmM2NhZjFmZjI1NDJmMGQxNjRlZTg0YWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6bgxv3uoEJbloNGFMr9/0OsqBUd
X5abHSFfivMDI0os8afSPQ5j2P4vk18tNEhgsjxXjlIGZPNQ99rbzhXypfHifWM7
elaD5Ll9cizCTuGy168xQ+o4qxfF6HppHdbgmHuZbFD9qHfe1+D9Du0Afu3QUYBj
JgCK9r+ihmimMIKhiUo/RWzDOLI7pnOdlI/uyKQOc/NtdiiYzzvysJ4SWD+vLtXC
Be0dtLH8Q5NjqiYftHD5YwojP5T5hT8Po1u2zYa2luYzb0yJCr1b3fPTaY2f5+zd
vh43s6lrZxCpStQuLQ8agNIhtWSRH0DAhjSFr/44RywU+bsZv8eRh9Jb4QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFABnPulzdltvPK8f8lQvDRZO6ErfMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQUdjLTZYTjJXMjg4cnhfeVZDOE5GazdvU3Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWSV3MAwD
BABZKlEDBAJZKlAwDQYJKoZIhvcNAQELBQADggEBAFrMRoU46YG+ZF1d2z1otDfA
H1df1vrQ91HWAh9MarmsvwDvL4Sz6OOQsPCg0AVMH1dgQlC4Jp+EAJsxxUxgYhJ5
4d5JU5jPp9EfXK3R9eGHP5Lye/ecMRC0abidPvJPhcd3OzuzJOXmzXzuLOUJToNL
S8ffptnM09xscNrLq/5H9/DchlTZBaDiEWUTqTWl3FyltMYJmt37OSBuWfMXzPL9
H9oL+TtewselBLPUul7Oj3fqZpcZ4TUEJhWFu6e+3gYV6OewZ8DyYeau8lnXNqBY
VAdxH9hY2pD/q89nWaoRs60a7M00skHOl0SRfMQv45MzjqdyFoPd6SdySATt1bE=
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:08:56 2025 by rpki-client