Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/6LxMlH0cc0HhbriJDDHpUxAO6DE.roa
File: 6LxMlH0cc0HhbriJDDHpUxAO6DE.roa (raw, json)
Hash identifier: d3OO73pRBxeO3NW9ptUAE04mm3mCs7B4N3otk5wOtzQ=
Subject key identifier: E8:BC:4C:94:7D:1C:73:41:E1:6E:B8:89:0C:31:E9:53:10:0E:E8:31
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FC53085A4A38C8E4393C085DB5891C9A2
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/6LxMlH0cc0HhbriJDDHpUxAO6DE.roa
Signing time: Wed 29 May 2024 16:30:42 +0000
ROA not before: Wed 29 May 2024 16:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Jun 2024 22:30:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c5:30:85:a4:a3:8c:8e:43:93:c0:85:db:58:91:c9:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: May 29 16:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8bc4c947d1c7341e16eb8890c31e953100ee831
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:e5:51:5c:a3:b2:0c:9e:8c:f0:8f:c8:c8:
c5:6b:34:8d:14:3b:f4:f9:87:ac:e8:cd:84:ee:00:
fc:ea:92:6e:74:18:b1:a4:54:74:7c:df:86:3e:de:
ac:ab:7f:49:b5:2c:9b:e4:65:8a:42:03:bc:8c:60:
44:26:97:a2:18:3d:b6:b7:3f:a9:d7:a8:36:ee:ce:
8c:a4:52:c3:2b:10:d5:30:d3:c7:ec:a2:de:d7:6d:
38:5f:0c:0b:bb:e4:d7:57:62:fb:b7:be:1f:58:f8:
0e:ed:bf:4c:59:2a:89:69:f8:f4:bf:63:00:96:dd:
7f:40:df:f2:7b:b8:e1:17:7d:e9:a8:44:12:3b:7f:
16:f1:a3:2e:45:d1:fc:c3:16:29:5b:7b:69:86:90:
b6:c9:f3:98:fa:a3:6f:a7:93:76:28:bb:82:c3:a8:
8e:09:49:9f:aa:d9:41:97:7c:83:48:ce:e3:b3:da:
5c:74:41:17:41:ae:04:89:61:af:72:c6:a9:47:ac:
dc:9c:0c:90:4d:65:b1:40:12:8c:31:9d:2b:f5:d6:
d6:dd:78:e6:1e:b9:6c:bd:39:57:c8:6f:86:2e:45:
0e:61:6e:9b:9a:81:28:31:a2:7f:76:22:59:44:d8:
89:5b:3a:23:20:74:b6:cf:c7:60:06:c6:aa:55:79:
f4:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:BC:4C:94:7D:1C:73:41:E1:6E:B8:89:0C:31:E9:53:10:0E:E8:31
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/6LxMlH0cc0HhbriJDDHpUxAO6DE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/23
Signature Algorithm: sha256WithRSAEncryption
b3:ac:39:c9:88:62:04:52:ff:f7:cf:cc:05:b1:55:80:00:c1:
f3:2c:26:69:c0:98:7d:a0:43:82:22:c5:0f:88:47:ae:f3:29:
1e:63:c2:ea:39:7b:ed:49:f0:ac:a6:8d:a0:16:32:27:ee:bc:
2c:66:2b:44:f8:52:f4:c6:e7:f0:50:69:ee:13:5f:72:a1:67:
d4:0b:40:ac:52:02:b8:1e:93:b7:69:ad:59:13:72:65:35:e7:
94:e9:53:9e:66:a9:e9:78:66:22:77:d0:0d:ad:4b:de:86:f5:
c4:b9:e6:9e:77:7b:c9:87:c1:eb:0d:4f:57:50:88:06:a9:5b:
6f:b6:24:ab:4e:8b:a6:0b:dc:dd:c1:61:63:57:28:ea:be:d1:
ae:41:55:f8:64:de:65:5e:4b:06:47:47:f0:5f:da:04:c9:65:
0e:e9:09:8b:ba:b5:dd:ae:a5:1b:c4:ed:d2:14:d1:a7:b9:9e:
f1:f2:e2:d5:8e:f7:b6:04:b1:11:33:5b:ea:8a:dc:3d:2f:54:
ad:a6:0a:83:31:00:0a:69:8c:67:5c:14:39:e0:d7:52:73:1d:
30:9e:d0:9b:7f:47:e2:d6:bc:bf:27:e1:8b:5e:15:9f:d3:42:
3f:be:1f:f8:19:69:c2:55:7d:fc:03:5b:c5:ed:e8:e4:9d:c9:
92:bd:bf:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/FMIWko4yOQ5PAhdtYkcmiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNTI5MTYzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGJjNGM5NDdkMWM3MzQxZTE2ZWI4ODkwYzMxZTk1MzEwMGVlODMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRblUVyjsgyejPCPyMjFazSNFDv0
+Yes6M2E7gD86pJudBixpFR0fN+GPt6sq39JtSyb5GWKQgO8jGBEJpeiGD22tz+p
16g27s6MpFLDKxDVMNPH7KLe1204XwwLu+TXV2L7t74fWPgO7b9MWSqJafj0v2MA
lt1/QN/ye7jhF33pqEQSO38W8aMuRdH8wxYpW3tphpC2yfOY+qNvp5N2KLuCw6iO
CUmfqtlBl3yDSM7js9pcdEEXQa4EiWGvcsapR6zcnAyQTWWxQBKMMZ0r9dbW3Xjm
HrlsvTlXyG+GLkUOYW6bmoEoMaJ/diJZRNiJWzojIHS2z8dgBsaqVXn09QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOi8TJR9HHNB4W64iQwx6VMQDugxMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvNkx4TWxIMGNjMEhoYnJpSkRESHBVeEFPNkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfnOMA0G
CSqGSIb3DQEBCwUAA4IBAQCzrDnJiGIEUv/3z8wFsVWAAMHzLCZpwJh9oEOCIsUP
iEeu8ykeY8LqOXvtSfCspo2gFjIn7rwsZitE+FL0xufwUGnuE19yoWfUC0CsUgK4
HpO3aa1ZE3JlNeeU6VOeZqnpeGYid9ANrUvehvXEueaed3vJh8HrDU9XUIgGqVtv
tiSrToumC9zdwWFjVyjqvtGuQVX4ZN5lXksGR0fwX9oEyWUO6QmLurXdrqUbxO3S
FNGnuZ7x8uLVjve2BLERM1vqitw9L1StpgqDMQAKaYxnXBQ54NdScx0wntCbf0fi
1ry/J+GLXhWf00I/vh/4GWnCVX38A1vF7ejkncmSvb+Z
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:01 2025 by rpki-client