Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/65cI1u3ApmWvQOnNOTXYaKKMe3Y.roa
File: 65cI1u3ApmWvQOnNOTXYaKKMe3Y.roa (raw, json)
Hash identifier: 91OGAgbVK49MP+HB+L3XwSGvUMskHghY7a4p+g9bekI=
Subject key identifier: EB:97:08:D6:ED:C0:A6:65:AF:40:E9:CD:39:35:D8:68:A2:8C:7B:76
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018DB29ABDBCE8927EFB397A466AC709C35B
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/65cI1u3ApmWvQOnNOTXYaKKMe3Y.roa
Signing time: Fri 16 Feb 2024 15:48:22 +0000
ROA not before: Fri 16 Feb 2024 15:48:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 24 Feb 2024 00:06:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b2:9a:bd:bc:e8:92:7e:fb:39:7a:46:6a:c7:09:c3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 16 15:48:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eb9708d6edc0a665af40e9cd3935d868a28c7b76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:cf:83:61:81:c9:93:ce:8d:6d:11:44:5f:
37:97:2a:de:a2:c9:e2:be:2b:07:d9:74:73:9e:da:
53:7a:2e:fe:59:55:71:6f:b7:b0:7b:44:ef:d9:ae:
7a:23:81:6e:bb:4f:4b:81:a2:67:88:22:cd:1b:fa:
c9:c9:c8:83:25:25:91:05:23:7b:f1:73:6f:46:48:
12:1d:4c:28:ea:1f:14:b9:47:c1:60:eb:76:4d:34:
d1:5c:ce:79:cb:93:c2:b9:49:9d:f8:0c:81:aa:f1:
41:f5:6c:ce:97:56:df:d3:a2:18:52:52:8a:44:4a:
37:68:f2:c7:09:ec:62:bc:12:f0:5d:81:4a:64:4c:
8f:0a:35:90:7f:36:bd:f3:37:25:28:e9:6e:8f:aa:
a9:1a:e4:28:0e:73:f7:1c:48:a7:38:7d:26:2a:c2:
57:11:f5:34:ef:7b:e2:3a:a6:88:32:b4:15:bd:4d:
a9:02:38:3d:53:4c:9c:e8:9c:59:f8:47:6c:f6:b4:
a3:13:c9:27:c5:2b:32:7c:6c:45:16:75:2d:c1:31:
76:fe:c8:24:c0:b6:ea:3d:52:31:e8:dc:56:4d:dc:
6c:b3:31:09:87:30:f0:6f:e6:8c:d6:75:5b:1a:09:
9b:be:7e:5b:08:90:e4:e3:a8:05:87:b8:d2:77:2a:
7f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:97:08:D6:ED:C0:A6:65:AF:40:E9:CD:39:35:D8:68:A2:8C:7B:76
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/65cI1u3ApmWvQOnNOTXYaKKMe3Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
Signature Algorithm: sha256WithRSAEncryption
da:bb:04:37:41:4c:f3:0b:bd:4c:24:97:bf:55:64:69:43:55:
e4:c2:a9:c1:40:cb:b2:98:18:37:2c:c6:f8:b7:d3:6b:20:f6:
c0:6e:81:51:eb:e4:1e:68:85:8c:5e:ad:25:79:27:60:57:93:
72:ad:8a:85:44:85:19:6b:c2:7e:d1:cd:ad:a1:d2:6d:66:8a:
16:14:b5:d5:ad:c6:ba:f8:a8:2e:fd:02:6a:f0:ca:be:78:f2:
70:4b:47:44:c8:f2:e7:07:06:c1:e3:e7:84:06:85:69:b0:32:
d8:7a:54:8f:a4:a9:5f:c5:8d:55:94:32:ba:62:7e:1c:90:8e:
8a:e2:dc:2d:21:91:84:58:6a:ca:05:49:05:c0:92:f4:79:5a:
07:df:1b:ce:3f:26:72:71:aa:84:ad:92:77:b7:7e:ba:12:36:
f1:8d:08:e7:28:3a:4c:04:c5:a1:16:70:f0:40:2c:36:94:1a:
47:b8:f9:d4:f5:b0:4a:4f:81:e8:50:52:92:ac:d4:55:3f:da:
9b:2f:32:b8:88:07:15:8b:d9:b5:a4:9d:80:af:99:44:3b:fd:
1b:76:bc:5e:48:64:44:37:d6:3c:4b:ba:69:d9:70:8b:57:d4:
6e:45:1d:e8:39:39:3c:7c:a2:81:b3:63:45:ee:8a:2b:96:79:
1c:1f:dc:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2ymr286JJ++zl6RmrHCcNbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjE2MTU0ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjk3MDhkNmVkYzBhNjY1YWY0MGU5Y2QzOTM1ZDg2OGEyOGM3Yjc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD7Pg2GByZPOjW0RRF83lyreosni
visH2XRzntpTei7+WVVxb7ewe0Tv2a56I4Fuu09LgaJniCLNG/rJyciDJSWRBSN7
8XNvRkgSHUwo6h8UuUfBYOt2TTTRXM55y5PCuUmd+AyBqvFB9WzOl1bf06IYUlKK
REo3aPLHCexivBLwXYFKZEyPCjWQfza98zclKOluj6qpGuQoDnP3HEinOH0mKsJX
EfU073viOqaIMrQVvU2pAjg9U0yc6JxZ+Eds9rSjE8knxSsyfGxFFnUtwTF2/sgk
wLbqPVIx6NxWTdxsszEJhzDwb+aM1nVbGgmbvn5bCJDk46gFh7jSdyp/swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOuXCNbtwKZlr0DpzTk12GiijHt2MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvNjVjSTF1M0FwbVd2UU9uTk9UWFlhS0tNZTNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnJMA0G
CSqGSIb3DQEBCwUAA4IBAQDauwQ3QUzzC71MJJe/VWRpQ1XkwqnBQMuymBg3LMb4
t9NrIPbAboFR6+QeaIWMXq0leSdgV5NyrYqFRIUZa8J+0c2todJtZooWFLXVrca6
+Kgu/QJq8Mq+ePJwS0dEyPLnBwbB4+eEBoVpsDLYelSPpKlfxY1VlDK6Yn4ckI6K
4twtIZGEWGrKBUkFwJL0eVoH3xvOPyZycaqErZJ3t366EjbxjQjnKDpMBMWhFnDw
QCw2lBpHuPnU9bBKT4HoUFKSrNRVP9qbLzK4iAcVi9m1pJ2Ar5lEO/0bdrxeSGRE
N9Y8S7pp2XCLV9RuRR3oOTk8fKKBs2NF7oorlnkcH9zh
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:38 2025 by rpki-client