Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ApZPgHf5SCuvBMp5N0HUC5LoOU0.roa
File: ApZPgHf5SCuvBMp5N0HUC5LoOU0.roa (raw, json)
Hash identifier: Se0cPwccsw0ON2+9viwZ1I4ghiRp6P2GMuvl9e8Mujs=
Subject key identifier: 02:96:4F:80:77:F9:48:2B:AF:04:CA:79:37:41:D4:0B:92:E8:39:4D
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01961E49558FA8A1AE8F6D69D2FB40D97016
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ApZPgHf5SCuvBMp5N0HUC5LoOU0.roa
Signing time: Thu 10 Apr 2025 06:00:44 +0000
ROA not before: Thu 10 Apr 2025 06:00:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.47.100.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Apr 2025 13:24:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:1e:49:55:8f:a8:a1:ae:8f:6d:69:d2:fb:40:d9:70:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 10 06:00:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02964f8077f9482baf04ca793741d40b92e8394d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d1:c3:16:72:08:63:ab:f5:b4:0c:1f:2b:5c:
0e:9b:b2:35:03:24:29:e0:5a:f5:50:44:db:77:7a:
4e:dc:2a:fd:0a:1b:90:cb:14:ad:d5:1d:e7:a5:d0:
0b:3b:55:46:59:32:62:f7:fb:1a:6f:0d:62:3e:b0:
49:5f:31:96:ef:3e:d1:84:85:62:71:de:4a:38:18:
ab:e2:fd:9c:25:50:f2:fe:4c:b3:60:ce:da:30:2b:
6e:a6:ef:40:55:fb:c7:4c:22:36:ef:97:e8:e3:f8:
2a:3a:ef:02:de:ed:ed:1e:6e:50:6a:84:63:2a:25:
29:00:e1:fa:c8:10:4d:c9:4f:58:5e:f8:69:c3:50:
42:95:13:ba:e9:42:d5:b5:6d:90:b4:77:58:f5:b5:
55:7b:37:de:df:af:23:a9:c0:36:cb:69:34:70:dd:
5e:66:9a:e1:6c:71:3a:92:38:fc:54:de:05:08:b4:
8b:56:ff:4b:69:64:08:d3:cb:ba:ca:68:9c:57:ce:
40:dd:a4:5e:a1:4e:33:b3:59:a7:b1:64:a4:5a:49:
84:64:95:6b:ad:26:86:66:61:b1:3b:cc:46:ed:c3:
ed:55:e4:2d:9f:81:93:41:17:5b:56:eb:7a:06:74:
b9:2a:d2:08:ed:5d:e0:e4:03:ef:4b:26:b3:74:ae:
25:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:96:4F:80:77:F9:48:2B:AF:04:CA:79:37:41:D4:0B:92:E8:39:4D
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/ApZPgHf5SCuvBMp5N0HUC5LoOU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.47.100.0/24
Signature Algorithm: sha256WithRSAEncryption
47:17:b5:1e:39:ec:bd:bd:02:b3:59:3d:3d:c6:5e:72:17:95:
38:0c:49:b9:ce:75:48:54:ba:3e:a2:a3:9e:3c:74:a5:5f:65:
65:4b:f4:52:c4:8c:cc:d2:a2:56:1e:7d:85:31:a0:78:c3:20:
6b:a7:81:18:0f:ac:8b:dd:bf:e1:e1:19:a4:44:a2:db:be:5d:
87:56:30:e0:5d:e6:e0:50:22:e2:65:88:98:09:ea:84:56:7b:
29:5a:71:9e:0c:38:fc:d8:e6:3d:3b:dc:6a:30:8e:03:10:17:
33:c4:cc:a1:9c:0d:ee:fa:cc:21:78:e2:4e:c1:81:0f:ae:50:
7d:04:42:f0:8b:52:70:32:95:54:23:8e:88:45:f6:85:21:f4:
76:fb:7b:97:2f:a4:67:b7:27:fe:98:57:53:25:2e:30:fe:b9:
10:6b:bc:cc:c5:cc:2a:b1:9e:dd:ae:a4:0b:4f:7f:f8:ac:af:
03:94:b3:b4:01:8f:d6:0e:8f:43:42:d5:37:2d:50:ac:fe:fc:
af:42:cc:85:d3:0a:86:bd:12:bb:1a:64:20:25:b3:d0:ae:03:
5f:c8:72:fd:5d:44:72:fb:30:ca:ab:c0:e6:9a:c4:a8:d2:62:
44:07:88:85:43:41:96:52:3c:08:5f:8f:50:28:34:07:3d:3b:
4f:c1:66:13
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZYeSVWPqKGuj21p0vtA2XAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNDEwMDYwMDQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjk2NGY4MDc3Zjk0ODJiYWYwNGNhNzkzNzQxZDQwYjkyZTgzOTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9HDFnIIY6v1tAwfK1wOm7I1AyQp
4Fr1UETbd3pO3Cr9ChuQyxSt1R3npdALO1VGWTJi9/sabw1iPrBJXzGW7z7RhIVi
cd5KOBir4v2cJVDy/kyzYM7aMCtupu9AVfvHTCI275fo4/gqOu8C3u3tHm5QaoRj
KiUpAOH6yBBNyU9YXvhpw1BClRO66ULVtW2QtHdY9bVVezfe368jqcA2y2k0cN1e
ZprhbHE6kjj8VN4FCLSLVv9LaWQI08u6ymicV85A3aReoU4zs1mnsWSkWkmEZJVr
rSaGZmGxO8xG7cPtVeQtn4GTQRdbVut6BnS5KtII7V3g5APvSyazdK4l3wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAKWT4B3+UgrrwTKeTdB1AuS6DlNMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvQXBaUGdIZjVTQ3V2Qk1wNU4wSFVDNUxvT1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZL2QwDQYJKoZIhvcNAQELBQADggEBAEcXtR457L29ArNZPT3GXnIX
lTgMSbnOdUhUuj6io548dKVfZWVL9FLEjMzSolYefYUxoHjDIGungRgPrIvdv+Hh
GaREotu+XYdWMOBd5uBQIuJliJgJ6oRWeylacZ4MOPzY5j073GowjgMQFzPEzKGc
De76zCF44k7BgQ+uUH0EQvCLUnAylVQjjohF9oUh9Hb7e5cvpGe3J/6YV1MlLjD+
uRBrvMzFzCqxnt2upAtPf/isrwOUs7QBj9YOj0NC1TctUKz+/K9CzIXTCoa9Ersa
ZCAls9CuA1/Icv1dRHL7MMqrwOaaxKjSYkQHiIVDQZZSPAhfj1AoNAc9O0/BZhM=
-----END CERTIFICATE-----
Generated at Sun Apr 27 23:14:38 2025 by rpki-client