Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/9_qutBp7JlgC4eEG_RKP9dfzUeE.roa
File: 9_qutBp7JlgC4eEG_RKP9dfzUeE.roa (raw, json)
Hash identifier: azQd4sD5GI5L+zu3t4BZgbeSGZ33nVLKqGkzT//RLiA=
Subject key identifier: F7:FA:AE:B4:1A:7B:26:58:02:E1:E1:06:FD:12:8F:F5:D7:F3:51:E1
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018CC8DE3370E6D67D9E09F5A4C9024C078F
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/9_qutBp7JlgC4eEG_RKP9dfzUeE.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.249.206.0/23 maxlen: 24
89.249.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jan 2024 04:36:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:33:70:e6:d6:7d:9e:09:f5:a4:c9:02:4c:07:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7faaeb41a7b265802e1e106fd128ff5d7f351e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:0e:30:f7:c3:1c:a4:93:8c:8f:d4:4a:e0:15:
8f:7e:e9:cb:b6:8d:e2:12:72:5d:bf:80:7c:85:64:
7a:8c:ef:70:c7:62:00:eb:3f:90:62:9c:00:7b:cd:
31:f8:87:16:c0:b9:46:63:b7:e5:dc:4a:b0:5b:8b:
d4:aa:13:7c:63:7c:96:50:22:d6:b5:ea:30:16:7d:
e4:b1:df:16:91:24:33:df:7a:f0:31:d2:d4:ec:3e:
c1:23:f1:7a:b5:78:54:41:80:ba:d3:7c:17:29:f3:
9d:78:b4:42:23:a0:be:d8:81:3c:96:55:13:6a:35:
c3:9c:81:10:ac:69:d2:a3:ba:48:16:f9:2f:19:60:
6b:21:70:9c:43:fe:69:0b:b1:0f:f0:6d:83:fb:79:
25:a1:11:e4:fb:d1:2c:86:45:04:01:37:e1:dc:b8:
05:a3:96:bb:a0:9e:72:3b:5f:64:44:92:16:4d:b9:
1d:08:1f:fa:40:d3:3c:5b:3f:66:03:e9:ef:92:dc:
09:da:e2:68:8f:2c:dc:b2:07:d5:08:2a:a8:dc:bb:
30:c1:c2:14:a9:26:89:84:73:44:0e:9a:eb:64:39:
9d:e2:72:59:a1:d7:30:a5:ba:36:51:0e:c3:a3:d8:
2d:af:6e:0d:60:32:57:1d:55:b1:26:c8:cd:df:d3:
42:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:FA:AE:B4:1A:7B:26:58:02:E1:E1:06:FD:12:8F:F5:D7:F3:51:E1
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/9_qutBp7JlgC4eEG_RKP9dfzUeE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.203.0/24
89.249.206.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:02:32:8a:51:a1:09:82:74:1a:7f:26:6e:76:be:1c:9f:f5:
6b:1f:6f:cf:3b:20:87:f2:8c:d8:09:c4:64:7c:19:a0:ae:02:
2a:e9:e7:82:95:2d:60:0a:02:22:34:39:34:47:07:f1:e0:17:
27:7d:47:c3:6f:37:a6:0f:42:2a:55:dc:01:12:a1:89:b5:fa:
e3:1a:3a:fe:aa:d5:7f:a6:82:15:7c:10:35:7b:54:e9:3a:10:
56:5a:7f:0e:65:f4:81:61:44:bd:27:df:21:2b:43:11:a0:e4:
8a:96:8a:13:50:66:69:ef:b5:7d:ee:f8:62:a1:02:14:18:cb:
6a:d9:06:ba:e5:f7:62:ec:b7:e4:05:d7:07:0e:9c:75:8c:b4:
9a:71:ad:d0:e5:a8:c7:c5:de:86:b3:e0:fa:9a:a2:b1:b3:08:
0a:62:ac:1d:ad:d6:2b:45:ed:8a:19:8c:06:76:9c:09:1d:53:
f7:19:db:f1:64:fe:ba:f8:1e:75:95:cf:b6:bd:bb:1f:a8:f9:
74:9c:61:46:c4:8e:2b:50:6f:d4:48:0a:67:fc:e6:bc:ae:81:
d1:a7:fc:6a:36:3e:46:98:5c:76:b3:73:9e:f8:f5:0e:38:b1:
2f:6b:24:a4:3f:18:cd:55:f3:e7:51:a7:38:ce:19:1c:7d:c1:
b7:80:e6:68
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3jNw5tZ9ngn1pMkCTAePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2ZhYWViNDFhN2IyNjU4MDJlMWUxMDZmZDEyOGZmNWQ3ZjM1MWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlg4w98McpJOMj9RK4BWPfunLto3i
EnJdv4B8hWR6jO9wx2IA6z+QYpwAe80x+IcWwLlGY7fl3EqwW4vUqhN8Y3yWUCLW
teowFn3ksd8WkSQz33rwMdLU7D7BI/F6tXhUQYC603wXKfOdeLRCI6C+2IE8llUT
ajXDnIEQrGnSo7pIFvkvGWBrIXCcQ/5pC7EP8G2D+3kloRHk+9EshkUEATfh3LgF
o5a7oJ5yO19kRJIWTbkdCB/6QNM8Wz9mA+nvktwJ2uJojyzcsgfVCCqo3LswwcIU
qSaJhHNEDprrZDmd4nJZodcwpbo2UQ7Do9gtr24NYDJXHVWxJsjN39NCPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPf6rrQaeyZYAuHhBv0Sj/XX81HhMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvOV9xdXRCcDdKbGdDNGVFR19SS1A5ZGZ6VWVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnLAwQB
WfnOMA0GCSqGSIb3DQEBCwUAA4IBAQBNAjKKUaEJgnQafyZudr4cn/VrH2/POyCH
8ozYCcRkfBmgrgIq6eeClS1gCgIiNDk0Rwfx4BcnfUfDbzemD0IqVdwBEqGJtfrj
Gjr+qtV/poIVfBA1e1TpOhBWWn8OZfSBYUS9J98hK0MRoOSKlooTUGZp77V97vhi
oQIUGMtq2Qa65fdi7LfkBdcHDpx1jLSaca3Q5ajHxd6Gs+D6mqKxswgKYqwdrdYr
Re2KGYwGdpwJHVP3GdvxZP66+B51lc+2vbsfqPl0nGFGxI4rUG/USApn/Oa8roHR
p/xqNj5GmFx2s3Oe+PUOOLEvaySkPxjNVfPnUac4zhkcfcG3gOZo
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:07:23 2025 by rpki-client