Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wtf-IsfDAAoHMgT0U6BEPgiORh8.roa
File: wtf-IsfDAAoHMgT0U6BEPgiORh8.roa (raw, json)
Hash identifier: tV1FIVJRT68ymlzdPYN+RBf7tXFLJjlA7k/32nndSPc=
Subject key identifier: C2:D7:FE:22:C7:C3:00:0A:07:32:04:F4:53:A0:44:3E:08:8E:46:1F
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 01964A430D0962C8524D95BE096221933264
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wtf-IsfDAAoHMgT0U6BEPgiORh8.roa
Signing time: Fri 18 Apr 2025 18:57:10 +0000
ROA not before: Fri 18 Apr 2025 18:57:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.42.81.0/24 maxlen: 24
89.42.82.0/23 maxlen: 23
89.42.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 20 Apr 2025 04:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4a:43:0d:09:62:c8:52:4d:95:be:09:62:21:93:32:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Apr 18 18:57:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2d7fe22c7c3000a073204f453a0443e088e461f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c6:54:ea:6b:39:da:6b:6a:50:b6:98:c3:b2:
20:d1:1f:b5:72:ef:4d:fd:de:f5:00:db:0c:34:ae:
81:7f:74:0d:64:46:49:e4:11:3e:98:1f:5e:d2:62:
f1:de:4e:9b:bd:16:61:d2:f6:74:e3:66:57:b8:bf:
fb:b1:b7:cb:dd:9f:14:c2:fc:95:9a:8e:87:2d:3f:
d7:9e:99:7f:81:93:54:0d:10:19:aa:c5:bc:82:f9:
09:2e:41:24:5a:51:c6:1d:dd:1e:00:50:01:59:4e:
5e:b0:59:da:10:47:63:ee:e3:45:f6:1f:db:23:03:
23:a1:37:0e:d0:6b:a6:8b:4e:55:b4:f9:dc:a8:a7:
2e:85:ec:d1:35:3c:58:33:c2:c5:26:75:77:c2:c0:
ee:68:0e:0b:62:1d:69:f3:2e:16:64:fa:69:11:ca:
22:7d:72:fc:2d:8d:0c:b4:46:d9:08:f4:56:95:4c:
69:15:23:d0:a4:2f:54:93:54:e1:1f:40:db:f9:8f:
00:74:d2:fb:22:78:b8:be:33:cb:f4:3a:c9:77:45:
16:29:03:8f:da:97:7e:1f:a1:c7:e7:13:71:11:55:
c8:bc:6e:a3:13:11:09:5e:49:5b:6c:11:a0:55:a9:
c4:0d:4c:f2:ab:0a:5b:91:ee:21:11:86:16:6d:d1:
f3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D7:FE:22:C7:C3:00:0A:07:32:04:F4:53:A0:44:3E:08:8E:46:1F
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/wtf-IsfDAAoHMgT0U6BEPgiORh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.81.0-89.42.83.255
89.42.85.0/24
Signature Algorithm: sha256WithRSAEncryption
14:a8:65:da:52:5f:08:a1:eb:32:53:9a:d9:08:a3:0b:e6:87:
5a:e7:78:47:80:06:ce:76:68:e7:dd:9a:cf:12:48:1f:69:22:
be:77:81:6f:7e:a6:f3:65:95:16:ce:96:29:0b:f9:e5:01:ef:
58:1f:b4:49:a4:cd:4c:fe:33:2e:4c:95:aa:1d:ff:35:4f:1b:
55:c8:dc:1c:9d:91:a9:4f:b2:98:39:8c:90:49:c7:7b:46:a8:
78:c0:6c:dd:04:35:a7:4f:82:e5:d7:36:3e:b4:c4:69:89:fc:
aa:a9:c3:17:38:51:6f:cd:1e:a9:c5:c2:38:a8:fc:02:de:3e:
7a:fd:06:d7:ee:ac:0e:3f:c6:60:54:f1:47:b9:4e:3a:2a:8c:
9a:8c:73:f3:6f:e7:ae:d5:d3:82:53:53:ee:1c:43:b9:a7:eb:
b8:94:6f:f4:44:ca:94:f5:91:f8:97:0f:4a:c8:ca:9b:53:18:
52:c3:ba:a2:cf:20:ee:0c:5a:57:a9:60:ca:33:92:93:15:6e:
6c:4b:2e:74:54:36:d1:d2:87:da:9d:66:ca:0f:ea:ce:5a:c4:
1c:d2:f2:18:3b:74:1f:bd:35:0b:6a:97:8e:6a:2b:a5:ed:d0:
12:6a:66:3b:ed:aa:75:9d:4a:01:8a:66:66:f7:49:53:ab:f3:
8d:93:60:91
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZZKQw0JYshSTZW+CWIhkzJkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjUwNDE4MTg1NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmQ3ZmUyMmM3YzMwMDBhMDczMjA0ZjQ1M2EwNDQzZTA4OGU0NjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMZU6ms52mtqULaYw7Ig0R+1cu9N
/d71ANsMNK6Bf3QNZEZJ5BE+mB9e0mLx3k6bvRZh0vZ042ZXuL/7sbfL3Z8UwvyV
mo6HLT/Xnpl/gZNUDRAZqsW8gvkJLkEkWlHGHd0eAFABWU5esFnaEEdj7uNF9h/b
IwMjoTcO0Gumi05VtPncqKcuhezRNTxYM8LFJnV3wsDuaA4LYh1p8y4WZPppEcoi
fXL8LY0MtEbZCPRWlUxpFSPQpC9Uk1ThH0Db+Y8AdNL7Ini4vjPL9DrJd0UWKQOP
2pd+H6HH5xNxEVXIvG6jExEJXklbbBGgVanEDUzyqwpbke4hEYYWbdHzjwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMLX/iLHwwAKBzIE9FOgRD4IjkYfMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvd3RmLUlzZkRBQW9ITWdUMFU2QkVQZ2lPUmg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZKlED
BAJZKlADBABZKlUwDQYJKoZIhvcNAQELBQADggEBABSoZdpSXwih6zJTmtkIowvm
h1rneEeABs52aOfdms8SSB9pIr53gW9+pvNllRbOlikL+eUB71gftEmkzUz+My5M
laod/zVPG1XI3BydkalPspg5jJBJx3tGqHjAbN0ENadPguXXNj60xGmJ/Kqpwxc4
UW/NHqnFwjio/ALePnr9BtfurA4/xmBU8Ue5TjoqjJqMc/Nv567V04JTU+4cQ7mn
67iUb/REypT1kfiXD0rIyptTGFLDuqLPIO4MWlepYMozkpMVbmxLLnRUNtHSh9qd
ZsoP6s5axBzS8hg7dB+9NQtql45qK6Xt0BJqZjvtqnWdSgGKZmb3SVOr842TYJE=
-----END CERTIFICATE-----
Generated at Tue Apr 29 09:17:07 2025 by rpki-client