Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7M7-_0_0_HEDNVuNsv7wQO4bLnI.roa
File: 7M7-_0_0_HEDNVuNsv7wQO4bLnI.roa (raw, json)
Hash identifier: Fj3FFT1pok+0rlLRqy8G6TEUEV6duKuxSVPf71qcxQY=
Subject key identifier: EC:CE:FE:FF:4F:F4:FC:71:03:35:5B:8D:B2:FE:F0:40:EE:1B:2E:72
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D18F788099ED3F42BA69A1EFE4F5AB48A
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7M7-_0_0_HEDNVuNsv7wQO4bLnI.roa
Signing time: Wed 17 Jan 2024 19:48:11 +0000
ROA not before: Wed 17 Jan 2024 19:48:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197842
IP address blocks: 89.249.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 10:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:18:f7:88:09:9e:d3:f4:2b:a6:9a:1e:fe:4f:5a:b4:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 17 19:48:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eccefeff4ff4fc7103355b8db2fef040ee1b2e72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:68:bf:33:9b:d7:e8:cc:5b:df:62:21:72:21:
20:81:4f:4b:5c:09:d4:70:23:c7:a0:c2:d6:dd:9f:
65:1e:1c:8b:86:0b:df:35:f7:0c:11:fc:ed:05:cb:
7b:54:59:4b:65:1e:33:ac:82:e3:32:1d:0b:27:cd:
20:f2:db:bf:7a:56:1b:b7:e9:68:6b:71:5d:d2:ce:
9a:b5:11:3f:8e:1c:ee:0c:7e:dd:b9:b5:01:6a:63:
cf:71:8a:2a:2e:a8:92:ca:d8:b6:b6:d9:90:d1:a2:
d8:1e:df:8d:98:cf:7f:37:25:0a:1e:0f:5b:b6:d2:
01:63:6c:16:9e:77:4d:9d:83:88:c2:5c:5b:4f:00:
2e:64:e2:d6:ea:93:aa:c2:b6:cd:8d:76:73:74:fe:
33:3d:ac:82:25:dc:11:18:51:70:0c:41:5b:fa:d4:
83:09:19:7c:4e:a0:26:be:e8:21:b5:81:d2:ab:4b:
27:cb:aa:09:62:21:de:29:51:0b:1a:d5:8c:6d:62:
ee:c7:7f:44:c0:2a:a5:2c:cb:16:77:e7:51:c4:44:
60:61:3b:b0:49:fc:54:00:b0:68:54:33:79:5f:fe:
f5:52:57:93:1e:e8:cb:fe:2b:c9:6d:f4:3b:1b:f3:
e1:d9:ba:49:47:86:fc:e4:31:7f:d4:ee:94:53:12:
98:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:CE:FE:FF:4F:F4:FC:71:03:35:5B:8D:B2:FE:F0:40:EE:1B:2E:72
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/7M7-_0_0_HEDNVuNsv7wQO4bLnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.203.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c1:f2:ac:d1:a0:01:d1:a6:f5:2c:9c:95:4b:7a:5f:e3:3e:
f2:ea:7a:aa:05:06:de:13:39:0f:58:0a:2b:13:d8:9e:62:44:
76:20:26:eb:99:5d:62:5b:14:0f:8e:05:05:10:46:e1:61:17:
6f:ee:2a:65:ad:6b:e6:27:52:de:6c:03:04:73:55:e6:d8:84:
c4:29:2f:8b:90:dd:41:f4:ec:35:87:75:40:66:66:e0:b1:6b:
b3:ac:c3:e6:db:bb:40:34:ea:4e:a1:2b:64:14:ea:23:1f:23:
b9:4a:da:5f:96:a9:5d:c8:54:37:6f:4e:2b:ec:91:0e:a6:d0:
4a:43:29:20:9a:1a:88:47:21:e7:c4:fd:ef:0a:d5:30:92:c1:
54:01:51:48:a1:84:07:cd:e0:f7:d7:1e:9e:10:50:97:a7:8c:
69:09:29:bd:f6:81:15:24:f7:59:ea:87:88:f6:82:5f:35:13:
b1:58:22:72:23:67:1d:35:02:b9:c4:f4:f0:48:37:a3:e3:3c:
28:78:20:91:3f:26:09:19:af:e1:d8:6e:0f:5a:2d:c3:f3:c2:
f5:e3:cd:0a:77:04:a2:aa:fd:5e:cd:32:d8:9e:cf:11:a6:50:
54:c3:8a:80:71:91:f4:72:be:50:2e:68:1f:e9:13:8d:3a:cf:
3d:b9:1b:a7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0Y94gJntP0K6aaHv5PWrSKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTE3MTk0ODExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2NlZmVmZjRmZjRmYzcxMDMzNTViOGRiMmZlZjA0MGVlMWIyZTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq2i/M5vX6Mxb32IhciEggU9LXAnU
cCPHoMLW3Z9lHhyLhgvfNfcMEfztBct7VFlLZR4zrILjMh0LJ80g8tu/elYbt+lo
a3Fd0s6atRE/jhzuDH7dubUBamPPcYoqLqiSyti2ttmQ0aLYHt+NmM9/NyUKHg9b
ttIBY2wWnndNnYOIwlxbTwAuZOLW6pOqwrbNjXZzdP4zPayCJdwRGFFwDEFb+tSD
CRl8TqAmvughtYHSq0sny6oJYiHeKVELGtWMbWLux39EwCqlLMsWd+dRxERgYTuw
SfxUALBoVDN5X/71UleTHujL/ivJbfQ7G/Ph2bpJR4b85DF/1O6UUxKYgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOzO/v9P9PxxAzVbjbL+8EDuGy5yMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvN003LV8wXzBfSEVETlZ1TnN2N3dRTzRiTG5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnLMA0G
CSqGSIb3DQEBCwUAA4IBAQAwwfKs0aAB0ab1LJyVS3pf4z7y6nqqBQbeEzkPWAor
E9ieYkR2ICbrmV1iWxQPjgUFEEbhYRdv7iplrWvmJ1LebAMEc1Xm2ITEKS+LkN1B
9Ow1h3VAZmbgsWuzrMPm27tANOpOoStkFOojHyO5StpflqldyFQ3b04r7JEOptBK
QykgmhqIRyHnxP3vCtUwksFUAVFIoYQHzeD31x6eEFCXp4xpCSm99oEVJPdZ6oeI
9oJfNROxWCJyI2cdNQK5xPTwSDej4zwoeCCRPyYJGa/h2G4PWi3D88L1480KdwSi
qv1ezTLYns8RplBUw4qAcZH0cr5QLmgf6RONOs89uRun
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:33 2025 by rpki-client