Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Duf0OVwzug-RfekucasZGgxZSQY.roa
File: Duf0OVwzug-RfekucasZGgxZSQY.roa (raw, json)
Hash identifier: kL5A02agx3Z855Dn/WlfDiktIzNfIcH44eHQFtOk4zg=
Subject key identifier: 0E:E7:F4:39:5C:33:BA:0F:91:7D:E9:2E:71:AB:19:1A:0C:59:49:06
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01913C63E3D92BA8F2C9CACD91C6BDE5C522
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Duf0OVwzug-RfekucasZGgxZSQY.roa
Signing time: Sat 10 Aug 2024 13:04:24 +0000
ROA not before: Sat 10 Aug 2024 13:04:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 06:57:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:3c:63:e3:d9:2b:a8:f2:c9:ca:cd:91:c6:bd:e5:c5:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Aug 10 13:04:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ee7f4395c33ba0f917de92e71ab191a0c594906
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:3d:97:be:25:a2:0b:2d:fb:43:61:03:6a:d3:
b2:8d:1d:fd:0f:25:e3:ba:30:9d:9f:3f:f5:23:84:
6a:be:e4:75:81:ca:f5:01:61:16:3b:d6:c5:29:1e:
db:03:8c:a1:1c:6c:1c:10:6c:08:7f:f6:27:56:59:
f1:53:b3:08:ad:77:04:3c:01:ef:2f:7a:d2:52:2f:
ee:a7:50:c5:7b:70:14:a8:91:79:6d:58:4e:f6:0c:
6f:c9:a9:34:98:3b:a3:ab:d5:38:1b:6e:94:cf:94:
91:d4:38:33:95:06:47:f3:fa:ec:7e:c2:cb:df:96:
22:ab:57:c4:e7:80:ca:70:5a:1c:9e:c4:76:c0:e4:
46:3a:8a:ed:e0:76:54:2c:4a:aa:1b:66:bb:b4:c5:
05:a7:2d:7e:f7:21:4d:9b:85:19:f1:b7:b8:37:2e:
72:f3:9d:d2:ed:04:25:c3:75:3d:54:93:d0:d4:38:
ba:4d:ff:73:b4:e3:47:fa:1c:15:1a:63:d0:c0:18:
40:1e:b9:1b:3a:ef:3a:ce:4b:82:f9:53:8f:31:6a:
67:29:c7:00:ca:a7:bf:7d:5c:32:5c:7e:cb:88:39:
e4:86:f3:03:4d:ea:cf:fb:e3:60:e4:94:01:fd:27:
28:57:0f:4d:68:cb:4e:9a:6d:12:1d:d7:5a:cb:c0:
96:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:E7:F4:39:5C:33:BA:0F:91:7D:E9:2E:71:AB:19:1A:0C:59:49:06
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/Duf0OVwzug-RfekucasZGgxZSQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
29:39:aa:62:90:ad:01:cc:25:47:31:60:42:60:83:90:d9:10:
a5:1f:27:9c:b9:ef:37:c0:6b:60:d5:54:e8:3f:da:a6:84:99:
71:72:26:bc:31:fc:65:42:54:fc:0e:42:a8:dc:9e:5b:7b:5c:
4b:4f:7a:5c:ab:07:10:ff:39:48:f2:d2:67:32:23:ca:89:24:
40:2a:fb:13:c2:af:6b:da:57:0d:6b:28:47:8a:b2:ad:c4:81:
43:db:ef:48:84:35:48:2d:7b:3a:1c:8a:11:95:53:63:12:df:
7f:fb:9e:dc:db:11:1f:8d:32:3d:53:c1:a6:71:ae:43:92:6d:
f4:46:a3:b7:b4:09:52:90:9d:e8:be:34:41:8b:94:ec:9f:20:
e3:89:01:51:89:69:c8:59:78:e3:5e:45:a8:c4:cf:85:28:1d:
f3:c8:51:3d:e2:ba:62:0c:28:84:97:cd:a1:9b:a8:1c:b1:15:
6d:9a:35:e1:fd:51:ca:6b:cb:99:d6:15:1c:b4:0f:4c:93:9f:
ae:a6:07:ae:25:76:c1:44:92:98:6e:71:a0:79:4e:9c:6d:f8:
7f:4b:f0:7c:13:fe:b4:66:43:d5:d4:a4:fa:be:0d:70:98:ad:
c8:8d:4c:05:f4:81:3a:7e:2b:91:bb:31:09:34:7b:33:e2:26:
1a:4e:b9:e9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZE8Y+PZK6jyycrNkca95cUiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwODEwMTMwNDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWU3ZjQzOTVjMzNiYTBmOTE3ZGU5MmU3MWFiMTkxYTBjNTk0OTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApD2XviWiCy37Q2EDatOyjR39DyXj
ujCdnz/1I4RqvuR1gcr1AWEWO9bFKR7bA4yhHGwcEGwIf/YnVlnxU7MIrXcEPAHv
L3rSUi/up1DFe3AUqJF5bVhO9gxvyak0mDujq9U4G26Uz5SR1DgzlQZH8/rsfsLL
35Yiq1fE54DKcFocnsR2wORGOort4HZULEqqG2a7tMUFpy1+9yFNm4UZ8be4Ny5y
853S7QQlw3U9VJPQ1Di6Tf9ztONH+hwVGmPQwBhAHrkbOu86zkuC+VOPMWpnKccA
yqe/fVwyXH7LiDnkhvMDTerP++Ng5JQB/ScoVw9NaMtOmm0SHdday8CWOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFA7n9DlcM7oPkX3pLnGrGRoMWUkGMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvRHVmME9Wd3p1Zy1SZmVrdWNhc1pHZ3haU1FZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWfnAAwQB
WfnOAwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQApOapikK0BzCVHMWBCYIOQ2RCl
Hyecue83wGtg1VToP9qmhJlxcia8MfxlQlT8DkKo3J5be1xLT3pcqwcQ/zlI8tJn
MiPKiSRAKvsTwq9r2lcNayhHirKtxIFD2+9IhDVILXs6HIoRlVNjEt9/+57c2xEf
jTI9U8Gmca5Dkm30RqO3tAlSkJ3ovjRBi5TsnyDjiQFRiWnIWXjjXkWoxM+FKB3z
yFE94rpiDCiEl82hm6gcsRVtmjXh/VHKa8uZ1hUctA9Mk5+upgeuJXbBRJKYbnGg
eU6cbfh/S/B8E/60ZkPV1KT6vg1wmK3IjUwF9IE6fiuRuzEJNHsz4iYaTrnp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:15 2025 by rpki-client