Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GcUTNpPoVjExlTS_ivxjbbpdyhA.roa
File: GcUTNpPoVjExlTS_ivxjbbpdyhA.roa (raw, json)
Hash identifier: TnsS1I7quYUjA5ClRsQCsw6/+Oz65pbgOIaw0NXdOvY=
Subject key identifier: 19:C5:13:36:93:E8:56:31:31:95:34:BF:8A:FC:63:6D:BA:5D:CA:10
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 0195FF9A547A2F48CEAF77D1A844645FDCF9
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GcUTNpPoVjExlTS_ivxjbbpdyhA.roa
Signing time: Fri 04 Apr 2025 07:00:59 +0000
ROA not before: Fri 04 Apr 2025 07:00:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 10 Apr 2025 06:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:9a:54:7a:2f:48:ce:af:77:d1:a8:44:64:5f:dc:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 4 07:00:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=19c5133693e85631319534bf8afc636dba5dca10
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4d:be:3b:0f:1f:ca:c8:5c:bc:63:09:48:2a:
53:0c:0a:68:9b:11:50:58:ad:b5:a9:72:1e:6f:f2:
43:18:47:f8:23:7a:c3:90:19:b1:67:48:ed:b0:da:
c9:be:4f:cc:be:9c:48:39:06:3b:52:12:03:bb:ad:
ba:f3:d1:03:ae:3a:1c:5c:8f:4a:b0:e5:14:1c:3b:
6d:3d:fe:4e:05:96:eb:ad:6b:95:78:18:76:8a:e5:
37:51:4a:98:a8:ec:60:10:19:58:ae:79:c1:02:b4:
cc:da:44:90:02:a2:a8:18:4d:f7:09:2b:9e:d7:fd:
87:c1:d1:b0:45:4d:5b:39:e9:d3:55:ad:97:1f:5e:
6b:81:84:2b:19:4f:50:ed:6c:42:16:bc:a3:42:a3:
a4:d8:76:41:04:f4:ff:4a:be:8e:70:6a:13:ff:50:
22:7e:e1:51:57:e4:6b:37:f4:2f:4b:54:a9:b7:de:
c9:0b:28:e7:9d:cd:f3:9e:ad:1e:a8:f3:f7:f5:d9:
90:97:b8:bb:31:28:49:7d:46:d2:98:0d:cb:82:96:
2f:56:b7:79:4d:f3:b2:67:3a:db:e6:71:24:f9:65:
b4:7b:1a:7c:15:80:13:fe:e4:c8:ba:57:94:ee:38:
c9:1a:69:53:be:af:5b:01:b3:d1:dd:b6:66:75:90:
af:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:C5:13:36:93:E8:56:31:31:95:34:BF:8A:FC:63:6D:BA:5D:CA:10
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/GcUTNpPoVjExlTS_ivxjbbpdyhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
Signature Algorithm: sha256WithRSAEncryption
30:d7:c1:a3:cb:42:ec:2d:b8:05:f4:8b:33:12:93:66:80:c2:
8c:3f:b9:fc:17:96:7e:49:bb:3a:6e:cc:cb:16:e8:b1:21:e4:
9d:35:81:d0:ed:22:6e:60:af:79:02:ba:56:74:ba:fd:02:83:
62:bc:76:d6:1e:88:a0:f5:dc:e2:ed:9b:d5:f2:8a:ee:7f:24:
6d:38:e1:17:00:b3:7e:a5:dc:55:cf:2f:5c:d0:72:db:f4:53:
01:6c:76:60:ac:00:ec:15:54:17:fb:19:12:b9:54:b2:10:07:
4c:ef:ce:8e:e4:b5:41:8a:71:7e:c3:d8:5c:3c:e3:4f:f3:4a:
3e:f6:17:3b:1b:28:90:a6:fa:55:56:54:40:a5:d1:28:f8:4b:
34:5c:74:c8:c1:62:0e:ae:5c:70:04:c3:98:8a:34:20:a8:20:
f2:f2:28:4d:78:98:15:27:e0:98:a5:36:b5:4f:7f:cf:2e:39:
6a:b0:d9:e3:ca:b5:f4:1e:89:cf:f8:43:11:f6:54:f8:64:bf:
44:5b:ef:72:d7:cd:f9:62:16:80:33:d2:e4:c6:fc:96:a3:64:
3e:bf:bd:eb:cc:c6:60:7b:43:a9:65:f1:49:43:5e:a1:c2:33:
be:6f:43:1e:de:35:68:ed:1d:f3:d4:08:d6:3d:f6:64:d9:87:
18:ba:77:0f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZX/mlR6L0jOr3fRqERkX9z5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNDA0MDcwMDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOWM1MTMzNjkzZTg1NjMxMzE5NTM0YmY4YWZjNjM2ZGJhNWRjYTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk2+Ow8fyshcvGMJSCpTDApomxFQ
WK21qXIeb/JDGEf4I3rDkBmxZ0jtsNrJvk/MvpxIOQY7UhIDu62689EDrjocXI9K
sOUUHDttPf5OBZbrrWuVeBh2iuU3UUqYqOxgEBlYrnnBArTM2kSQAqKoGE33CSue
1/2HwdGwRU1bOenTVa2XH15rgYQrGU9Q7WxCFryjQqOk2HZBBPT/Sr6OcGoT/1Ai
fuFRV+RrN/QvS1Spt97JCyjnnc3znq0eqPP39dmQl7i7MShJfUbSmA3LgpYvVrd5
TfOyZzrb5nEk+WW0exp8FYAT/uTIuleU7jjJGmlTvq9bAbPR3bZmdZCvWwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBnFEzaT6FYxMZU0v4r8Y226XcoQMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvR2NVVE5wUG9WakV4bFRTX2l2eGpiYnBkeWhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABZKlED
BAJZKlAwDQYJKoZIhvcNAQELBQADggEBADDXwaPLQuwtuAX0izMSk2aAwow/ufwX
ln5JuzpuzMsW6LEh5J01gdDtIm5gr3kCulZ0uv0Cg2K8dtYeiKD13OLtm9Xyiu5/
JG044RcAs36l3FXPL1zQctv0UwFsdmCsAOwVVBf7GRK5VLIQB0zvzo7ktUGKcX7D
2Fw840/zSj72FzsbKJCm+lVWVECl0Sj4SzRcdMjBYg6uXHAEw5iKNCCoIPLyKE14
mBUn4JilNrVPf88uOWqw2ePKtfQeic/4QxH2VPhkv0Rb73LXzfliFoAz0uTG/Jaj
ZD6/vevMxmB7Q6ll8UlDXqHCM75vQx7eNWjtHfPUCNY99mTZhxi6dw8=
-----END CERTIFICATE-----
Generated at Mon Apr 28 00:44:54 2025 by rpki-client