Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ETz6eX0gnDW1UxhjUGrAfmk2TCE.roa
File: ETz6eX0gnDW1UxhjUGrAfmk2TCE.roa (raw, json)
Hash identifier: fZseNpbV9y9f81khlmMjt2tJCXYb7vntT9yD0KLHCtE=
Subject key identifier: 11:3C:FA:79:7D:20:9C:35:B5:53:18:63:50:6A:C0:7E:69:36:4C:21
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D072E244AA9E540B4A29788B0BB0C39A6
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ETz6eX0gnDW1UxhjUGrAfmk2TCE.roa
Signing time: Sun 14 Jan 2024 08:54:40 +0000
ROA not before: Sun 14 Jan 2024 08:54:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.21.253.0/24 maxlen: 24
89.249.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 04:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:07:2e:24:4a:a9:e5:40:b4:a2:97:88:b0:bb:0c:39:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 14 08:54:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=113cfa797d209c35b5531863506ac07e69364c21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:09:aa:5a:ee:a5:42:15:8e:ea:a8:76:e9:98:
3d:8e:d8:39:f9:e0:8a:a4:2e:8b:76:02:42:f9:f3:
3c:26:39:00:07:bd:6f:0a:62:bd:06:11:61:bc:6e:
13:70:be:d2:10:81:fb:77:e7:27:7b:7c:0a:45:1d:
7a:41:5b:7f:e2:75:c9:9b:80:8c:f3:62:83:fd:d8:
5e:0d:84:62:ed:5b:53:c1:18:92:a7:cc:f2:cf:ae:
4b:65:cc:3b:44:e3:a9:ca:2c:bd:bc:6e:77:0e:84:
57:94:74:56:8d:33:10:5d:88:be:e0:13:8d:3f:39:
1d:eb:ef:67:c9:1e:0f:36:cb:09:63:5d:3b:71:4c:
24:cc:fd:c5:02:30:64:81:80:85:1c:41:34:31:07:
90:ae:fb:dd:90:58:67:7f:dc:00:df:66:a2:5b:3f:
e3:8b:bc:59:fc:78:90:d2:38:0d:d9:e4:4b:9b:d6:
e8:87:10:98:0a:e1:9c:4b:02:07:72:78:20:39:71:
c7:6a:bf:8e:d9:9d:c0:0c:25:05:58:bf:4b:10:46:
24:81:9e:7d:1e:19:6c:e2:4d:cb:b8:5f:7c:e1:85:
e4:f6:b9:6e:f9:17:67:38:97:5c:09:6c:aa:3b:30:
b8:8b:02:f0:5a:8b:50:0b:d2:94:30:bc:d2:8e:25:
5f:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:3C:FA:79:7D:20:9C:35:B5:53:18:63:50:6A:C0:7E:69:36:4C:21
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ETz6eX0gnDW1UxhjUGrAfmk2TCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.205.0/24
185.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
73:73:8e:60:c6:f4:80:34:45:43:e3:a5:9e:e0:65:b8:ca:7d:
42:68:5d:b3:49:9f:fa:86:c2:6d:e4:4a:bd:45:d1:58:71:2e:
2d:37:64:40:e7:3d:21:34:e2:e7:4d:1b:8a:44:59:60:d6:8e:
46:d7:a2:3b:8c:a3:54:1b:50:14:f5:36:99:fa:d2:a9:2b:2e:
61:f2:54:cf:d7:47:97:26:f9:45:ae:41:b3:81:d6:ba:c6:f0:
03:aa:c8:a1:b3:21:86:26:c2:a5:a1:a1:1b:75:24:19:2f:bf:
d9:ef:f4:d6:69:a7:d3:35:74:4c:e0:2e:34:0f:3c:b1:04:e0:
07:59:8a:06:98:7a:ee:48:4c:56:45:2a:24:6c:30:96:25:96:
cf:b6:36:6e:64:bf:c3:09:b8:49:d9:8e:fd:36:0b:43:d8:f7:
1d:0b:24:78:b2:3a:50:54:72:54:02:e4:f4:9b:d7:9b:5a:54:
16:f5:d5:90:f3:7a:ac:9e:4d:a1:ea:7f:ed:b1:06:68:91:9e:
ea:1a:7a:17:ac:91:7c:bc:5c:17:1d:ab:76:33:29:48:59:00:
a5:16:fc:8e:35:00:b4:5f:e0:3e:30:6d:46:b2:77:11:33:ea:
ba:08:e6:00:49:e7:ad:6c:c7:9a:d8:a2:c4:48:93:6d:23:c7:
aa:3e:e7:8c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0HLiRKqeVAtKKXiLC7DDmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTE0MDg1NDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTNjZmE3OTdkMjA5YzM1YjU1MzE4NjM1MDZhYzA3ZTY5MzY0YzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwmqWu6lQhWO6qh26Zg9jtg5+eCK
pC6LdgJC+fM8JjkAB71vCmK9BhFhvG4TcL7SEIH7d+cne3wKRR16QVt/4nXJm4CM
82KD/dheDYRi7VtTwRiSp8zyz65LZcw7ROOpyiy9vG53DoRXlHRWjTMQXYi+4BON
Pzkd6+9nyR4PNssJY107cUwkzP3FAjBkgYCFHEE0MQeQrvvdkFhnf9wA32aiWz/j
i7xZ/HiQ0jgN2eRLm9bohxCYCuGcSwIHcnggOXHHar+O2Z3ADCUFWL9LEEYkgZ59
Hhls4k3LuF984YXk9rlu+RdnOJdcCWyqOzC4iwLwWotQC9KUMLzSjiVf1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBE8+nl9IJw1tVMYY1BqwH5pNkwhMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvRVR6NmVYMGduRFcxVXhoalVHckFmbWsyVENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnNAwQA
uRX9MA0GCSqGSIb3DQEBCwUAA4IBAQBzc45gxvSANEVD46We4GW4yn1CaF2zSZ/6
hsJt5Eq9RdFYcS4tN2RA5z0hNOLnTRuKRFlg1o5G16I7jKNUG1AU9TaZ+tKpKy5h
8lTP10eXJvlFrkGzgda6xvADqsihsyGGJsKloaEbdSQZL7/Z7/TWaafTNXRM4C40
DzyxBOAHWYoGmHruSExWRSokbDCWJZbPtjZuZL/DCbhJ2Y79NgtD2PcdCyR4sjpQ
VHJUAuT0m9ebWlQW9dWQ83qsnk2h6n/tsQZokZ7qGnoXrJF8vFwXHat2MylIWQCl
FvyONQC0X+A+MG1GsncRM+q6COYASeetbMea2KLESJNtI8eqPueM
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:49 2025 by rpki-client