Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/8bsK2S7yZZ_BGmGizVnI9q2qwvM.roa
File: 8bsK2S7yZZ_BGmGizVnI9q2qwvM.roa (raw, json)
Hash identifier: wc0ggrsVF2XrNrTpeQMU12fvBOAkRQ5G5HQ2KVZ/O54=
Subject key identifier: F1:BB:0A:D9:2E:F2:65:9F:C1:1A:61:A2:CD:59:C8:F6:AD:AA:C2:F3
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018E2E18412CA5694FC27EA8F06BAE40EC52
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/8bsK2S7yZZ_BGmGizVnI9q2qwvM.roa
Signing time: Mon 11 Mar 2024 15:18:45 +0000
ROA not before: Mon 11 Mar 2024 15:18:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44620
IP address blocks: 89.249.200.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 22 Mar 2024 21:16:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2e:18:41:2c:a5:69:4f:c2:7e:a8:f0:6b:ae:40:ec:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Mar 11 15:18:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1bb0ad92ef2659fc11a61a2cd59c8f6adaac2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:6e:c2:f1:74:66:b2:8d:63:fd:e8:8e:c7:e4:
b1:05:45:6d:8a:08:a3:02:82:94:d7:1d:b7:c4:b4:
85:be:c0:a5:80:a1:9e:66:7e:fd:52:83:34:d0:5d:
8a:be:85:fa:81:05:b5:6c:68:4e:96:91:df:a8:f5:
55:4b:b6:f6:cc:a0:49:f0:c8:54:ec:d3:db:29:4c:
0f:a8:6f:8f:a3:aa:fb:0f:f3:5e:1e:92:cf:b9:47:
92:a4:76:5c:6b:52:0b:3f:d3:65:d9:c7:dc:07:6e:
6c:0b:aa:43:ce:0b:0e:7c:3f:7e:1f:aa:d7:3f:bf:
75:9a:f8:73:1b:06:ad:91:52:0d:16:35:b8:50:72:
e9:cd:5a:f7:bf:8a:99:bb:4a:68:0b:12:91:99:15:
ab:3b:ed:9d:d1:db:9d:24:ec:4e:2d:7d:ad:87:40:
ec:95:bd:5d:24:ed:5c:29:1e:3a:ef:47:d7:a5:53:
0e:e5:17:6b:cb:65:66:77:88:67:6c:41:a2:bc:d3:
a2:f4:d6:60:cd:57:5c:3e:10:56:ba:af:22:d9:f3:
00:70:99:cc:be:9d:9b:a9:01:66:ec:10:ed:0a:04:
1c:96:b1:f6:0b:3b:7d:4d:d2:19:6d:49:dc:68:c0:
44:f7:40:b7:3e:85:69:5e:d5:71:66:ce:d3:74:c1:
da:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:BB:0A:D9:2E:F2:65:9F:C1:1A:61:A2:CD:59:C8:F6:AD:AA:C2:F3
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/8bsK2S7yZZ_BGmGizVnI9q2qwvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:ba:e4:ac:56:56:3e:f6:0c:e5:73:ae:cf:1d:be:43:19:42:
d0:13:2a:02:88:41:b1:d7:ce:36:3f:da:0c:43:fd:cb:50:9d:
b9:53:9b:44:27:64:29:9c:6c:5c:b2:35:c6:31:2d:29:c1:21:
61:47:00:ba:a1:a0:89:a5:ea:d4:25:46:7d:c1:7d:e0:c1:6b:
0a:1c:2d:6f:dd:2c:41:82:9e:cd:df:f5:d5:99:8d:a7:6d:13:
30:26:ef:38:2b:ad:4d:bd:b0:70:c4:79:22:d1:4c:4b:41:c9:
48:79:b4:4a:6b:5f:49:1e:55:a0:64:c3:46:84:f6:66:22:9c:
40:a8:82:1c:19:f7:dc:d8:6a:05:d4:43:6d:17:b0:f4:85:48:
4d:37:25:79:60:90:3f:71:0e:e9:9c:d2:a6:87:67:5e:11:ab:
3f:01:3a:6e:e8:98:88:fa:97:8a:46:20:13:12:33:e1:56:db:
c7:83:70:5e:84:69:7f:e2:7f:45:3a:28:81:f7:b7:47:31:b8:
39:4e:98:7a:b8:d1:b0:15:50:6a:65:a6:cc:c6:d4:51:3d:15:
fe:2e:a0:89:aa:4f:15:d6:e9:9d:ec:58:5f:db:a3:e7:f5:fb:
b0:6f:1b:33:08:50:28:25:31:e7:db:7b:4d:e6:bf:9d:ce:49:
68:2f:fe:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4uGEEspWlPwn6o8GuuQOxSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMzExMTUxODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWJiMGFkOTJlZjI2NTlmYzExYTYxYTJjZDU5YzhmNmFkYWFjMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7W7C8XRmso1j/eiOx+SxBUVtigij
AoKU1x23xLSFvsClgKGeZn79UoM00F2KvoX6gQW1bGhOlpHfqPVVS7b2zKBJ8MhU
7NPbKUwPqG+Po6r7D/NeHpLPuUeSpHZca1ILP9Nl2cfcB25sC6pDzgsOfD9+H6rX
P791mvhzGwatkVINFjW4UHLpzVr3v4qZu0poCxKRmRWrO+2d0dudJOxOLX2th0Ds
lb1dJO1cKR4670fXpVMO5Rdry2Vmd4hnbEGivNOi9NZgzVdcPhBWuq8i2fMAcJnM
vp2bqQFm7BDtCgQclrH2Czt9TdIZbUncaMBE90C3PoVpXtVxZs7TdMHajQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPG7Ctku8mWfwRphos1ZyPatqsLzMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvOGJzSzJTN3laWl9CR21HaXpWbkk5cTJxd3ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnIMA0G
CSqGSIb3DQEBCwUAA4IBAQB9uuSsVlY+9gzlc67PHb5DGULQEyoCiEGx1842P9oM
Q/3LUJ25U5tEJ2QpnGxcsjXGMS0pwSFhRwC6oaCJperUJUZ9wX3gwWsKHC1v3SxB
gp7N3/XVmY2nbRMwJu84K61NvbBwxHki0UxLQclIebRKa19JHlWgZMNGhPZmIpxA
qIIcGffc2GoF1ENtF7D0hUhNNyV5YJA/cQ7pnNKmh2deEas/ATpu6JiI+peKRiAT
EjPhVtvHg3BehGl/4n9FOiiB97dHMbg5Tph6uNGwFVBqZabMxtRRPRX+LqCJqk8V
1umd7Fhf26Pn9fuwbxszCFAoJTHn23tN5r+dzkloL/59
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:27 2025 by rpki-client