Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/De2z2kqfN51eeiQ5aWOv6rXCUwE.roa
File: De2z2kqfN51eeiQ5aWOv6rXCUwE.roa (raw, json)
Hash identifier: Dzqif3PM7YhnpxS+fVKR6X2Z09dQ0gA/88SQfGmY/I0=
Subject key identifier: 0D:ED:B3:DA:4A:9F:37:9D:5E:7A:24:39:69:63:AF:EA:B5:C2:53:01
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FF3D844CDD57219FC5A87E5028C779471
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/De2z2kqfN51eeiQ5aWOv6rXCUwE.roa
Signing time: Fri 07 Jun 2024 17:56:27 +0000
ROA not before: Fri 07 Jun 2024 17:56:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Jun 2024 06:43:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f3:d8:44:cd:d5:72:19:fc:5a:87:e5:02:8c:77:94:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jun 7 17:56:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0dedb3da4a9f379d5e7a24396963afeab5c25301
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:b9:32:c0:a1:6c:45:2f:88:60:f3:22:37:0f:
a5:a9:03:a7:ab:24:da:9f:fb:a1:48:e2:51:be:b1:
61:ed:cd:01:19:78:7d:14:96:07:05:59:46:0e:cf:
3d:55:62:76:74:a4:0e:a8:b4:41:e7:9a:d6:15:74:
f4:4c:90:f9:b3:df:bd:eb:00:fd:e1:13:e4:e8:86:
46:b5:1f:0c:28:26:b1:59:4b:1c:95:ed:3e:5a:46:
83:8a:57:05:09:e5:52:38:49:4c:7d:a3:e3:00:50:
dc:99:73:34:86:09:e9:aa:8b:54:4a:70:a9:f8:22:
19:f2:25:ce:15:01:1e:42:8a:75:58:b9:b4:5e:60:
49:5e:9f:c3:3f:cc:7f:ac:ce:97:c6:21:3d:76:dc:
6c:78:67:d3:c6:d0:af:b1:e3:3e:c5:04:29:19:23:
6f:63:d3:d9:dd:b9:88:77:a4:5c:ed:d6:38:ec:18:
6c:ca:a1:16:43:84:17:01:a9:73:aa:ab:56:0e:53:
f3:b3:ed:cc:d7:f6:36:41:0f:e6:a1:2b:3c:90:9f:
04:bf:f7:31:c5:b1:47:16:6f:7a:13:b6:2f:59:c0:
75:f8:af:78:04:35:58:8d:ea:49:f2:8c:37:6f:3b:
6e:cb:2f:15:a4:04:65:36:26:2b:81:6c:e9:fe:9c:
9b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:ED:B3:DA:4A:9F:37:9D:5E:7A:24:39:69:63:AF:EA:B5:C2:53:01
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/De2z2kqfN51eeiQ5aWOv6rXCUwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/23
Signature Algorithm: sha256WithRSAEncryption
a9:9d:27:4a:41:cd:ce:50:3b:1e:6a:8c:b0:49:26:a3:a9:5f:
df:9a:ce:e8:a5:e5:0b:23:8c:d8:0a:f1:d3:af:5d:ef:13:7c:
71:6f:99:fd:18:7a:7e:11:a8:c6:a5:b2:30:02:d8:14:67:86:
70:ad:4d:a1:2b:8d:ab:ec:0e:f5:67:25:f8:20:58:7b:fd:42:
df:9f:ad:b1:8c:87:38:49:4e:03:7c:a3:f5:28:4c:2d:14:94:
1f:49:36:01:4b:ed:e9:49:fe:92:12:40:9f:de:7f:50:01:ac:
58:d8:d3:03:b1:66:fa:7b:82:7e:4a:82:db:76:99:6f:87:a2:
65:b8:a1:6d:e8:42:34:d8:ec:0e:5c:a0:de:03:42:b8:73:c5:
77:c3:90:b2:18:0d:f2:20:80:ec:58:5a:37:7f:98:a7:66:fa:
05:4a:e7:0e:c0:f3:04:4a:a4:99:ee:60:49:c8:ac:01:90:58:
fb:94:58:6a:94:40:a6:54:6c:84:b4:63:c1:18:10:75:ae:df:
0d:20:88:8e:ab:bc:f1:be:6d:c7:9e:55:b3:dc:07:72:b8:dd:
ee:18:98:3d:e1:15:fe:58:a7:02:95:f4:a7:d3:dd:b1:bd:fe:
28:5a:dd:c0:bc:0c:02:d6:b8:c9:c6:c7:a3:76:59:f5:30:ec:
05:f9:0e:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/z2ETN1XIZ/FqH5QKMd5RxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNjA3MTc1NjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGVkYjNkYTRhOWYzNzlkNWU3YTI0Mzk2OTYzYWZlYWI1YzI1MzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqbkywKFsRS+IYPMiNw+lqQOnqyTa
n/uhSOJRvrFh7c0BGXh9FJYHBVlGDs89VWJ2dKQOqLRB55rWFXT0TJD5s9+96wD9
4RPk6IZGtR8MKCaxWUscle0+WkaDilcFCeVSOElMfaPjAFDcmXM0hgnpqotUSnCp
+CIZ8iXOFQEeQop1WLm0XmBJXp/DP8x/rM6XxiE9dtxseGfTxtCvseM+xQQpGSNv
Y9PZ3bmId6Rc7dY47BhsyqEWQ4QXAalzqqtWDlPzs+3M1/Y2QQ/moSs8kJ8Ev/cx
xbFHFm96E7YvWcB1+K94BDVYjepJ8ow3bztuyy8VpARlNiYrgWzp/pybAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA3ts9pKnzedXnokOWljr+q1wlMBMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvRGUyejJrcWZONTFlZWlRNWFXT3Y2clhDVXdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWfnOMA0G
CSqGSIb3DQEBCwUAA4IBAQCpnSdKQc3OUDseaoywSSajqV/fms7opeULI4zYCvHT
r13vE3xxb5n9GHp+EajGpbIwAtgUZ4ZwrU2hK42r7A71ZyX4IFh7/ULfn62xjIc4
SU4DfKP1KEwtFJQfSTYBS+3pSf6SEkCf3n9QAaxY2NMDsWb6e4J+SoLbdplvh6Jl
uKFt6EI02OwOXKDeA0K4c8V3w5CyGA3yIIDsWFo3f5inZvoFSucOwPMESqSZ7mBJ
yKwBkFj7lFhqlECmVGyEtGPBGBB1rt8NIIiOq7zxvm3HnlWz3AdyuN3uGJg94RX+
WKcClfSn092xvf4oWt3AvAwC1rjJxsejdln1MOwF+Q5F
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:34 2025 by rpki-client