Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/F50nQr6a1TKGhwQJs29Vth49lAw.roa
File: F50nQr6a1TKGhwQJs29Vth49lAw.roa (raw, json)
Hash identifier: PTZ9rziYHxQcWFH+g3ifm3Uc/IvlbrbETu9VQrwGbVw=
Subject key identifier: 17:9D:27:42:BE:9A:D5:32:86:87:04:09:B3:6F:55:B6:1E:3D:94:0C
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0195471EE8455A1AF339E09468F18F9CBEC1
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/F50nQr6a1TKGhwQJs29Vth49lAw.roa
Signing time: Thu 27 Feb 2025 11:16:02 +0000
ROA not before: Thu 27 Feb 2025 11:16:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.201.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 08 Mar 2025 09:14:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:47:1e:e8:45:5a:1a:f3:39:e0:94:68:f1:8f:9c:be:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 27 11:16:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=179d2742be9ad53286870409b36f55b61e3d940c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:42:d7:aa:f1:f2:47:02:53:64:36:c1:15:5c:
c4:49:f9:09:71:64:da:71:a0:f7:03:ee:8a:0a:15:
24:79:d3:90:92:d1:4d:87:49:18:09:af:d4:cf:41:
19:94:4b:ed:c4:d1:3d:25:ab:82:1b:d5:18:67:ff:
ae:bd:c5:fe:0a:38:66:70:06:05:4d:9f:be:8a:b0:
25:63:d5:66:92:36:6d:23:67:12:b6:9a:2f:79:df:
b6:61:49:94:8c:3c:8e:59:10:07:eb:3f:27:f7:9f:
bd:15:23:dd:6b:43:59:6c:ae:80:09:9b:06:f5:11:
4c:df:d2:33:de:b9:e4:a3:52:81:2f:10:88:d9:eb:
5c:02:f1:ca:1f:fe:55:18:18:90:b2:ed:3c:37:69:
86:64:23:f7:4b:ce:b4:74:7d:91:24:78:ec:60:6d:
ae:59:b8:46:1c:37:75:21:8e:2e:2c:9d:fe:ba:cd:
f7:2f:75:06:f0:0c:57:04:95:55:61:dc:68:97:cf:
c1:f8:dc:5f:96:5c:9d:72:83:0d:b7:ad:9b:d8:43:
91:55:d3:0c:19:fa:88:17:a4:8a:ad:59:c6:5b:da:
aa:c3:a6:a8:81:bb:43:d3:52:47:7e:6e:d5:db:65:
46:34:9b:2a:66:86:c5:2b:6e:00:f1:6f:2f:8f:77:
f5:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:9D:27:42:BE:9A:D5:32:86:87:04:09:B3:6F:55:B6:1E:3D:94:0C
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/F50nQr6a1TKGhwQJs29Vth49lAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.201.0/24
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
a7:ac:99:54:f3:6e:2f:b5:0e:f9:85:ba:44:48:9f:5a:4b:ab:
45:c2:31:8c:76:73:c3:dc:b9:b8:19:da:bb:41:af:25:d7:d4:
cc:63:a1:cc:28:3c:f6:a1:7c:cb:a2:74:1c:8c:e9:f8:d9:5f:
fb:4d:03:86:05:fa:40:10:c6:10:f0:30:2b:98:af:26:c9:25:
71:af:ff:db:2a:ca:74:13:b0:ea:e4:90:ac:df:f0:d5:9b:50:
50:d6:a5:99:c7:f0:e8:46:dd:e8:90:0e:b2:87:c9:fc:ac:fa:
ec:32:8d:3a:d4:e8:44:7e:ff:e2:bc:e3:36:a7:4d:42:48:6a:
53:62:0b:ea:40:07:a1:2a:c4:95:b2:42:07:c6:53:35:18:3c:
94:e1:61:de:41:1a:b8:b2:c1:cb:68:c7:ee:6f:37:44:e4:35:
ab:43:b5:d8:3d:4e:ac:a5:89:7b:df:2d:24:9f:93:c1:0c:fa:
1c:9a:13:69:97:1f:6d:40:9d:18:bd:8e:46:74:19:53:94:17:
17:40:8f:67:d2:2f:e1:5a:c7:7c:f5:3a:d2:35:af:e0:ac:bf:
af:15:c4:b8:b2:31:26:ef:50:3e:19:e1:11:b1:62:bb:c7:a2:
97:6e:2a:7c:2a:8f:47:50:90:13:56:4f:43:28:04:35:67:fd:
91:d3:60:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZVHHuhFWhrzOeCUaPGPnL7BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwMjI3MTExNjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzlkMjc0MmJlOWFkNTMyODY4NzA0MDliMzZmNTViNjFlM2Q5NDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA40LXqvHyRwJTZDbBFVzESfkJcWTa
caD3A+6KChUkedOQktFNh0kYCa/Uz0EZlEvtxNE9JauCG9UYZ/+uvcX+CjhmcAYF
TZ++irAlY9VmkjZtI2cStpoved+2YUmUjDyOWRAH6z8n95+9FSPda0NZbK6ACZsG
9RFM39Iz3rnko1KBLxCI2etcAvHKH/5VGBiQsu08N2mGZCP3S860dH2RJHjsYG2u
WbhGHDd1IY4uLJ3+us33L3UG8AxXBJVVYdxol8/B+NxfllydcoMNt62b2EORVdMM
GfqIF6SKrVnGW9qqw6aogbtD01JHfm7V22VGNJsqZobFK24A8W8vj3f1FQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBedJ0K+mtUyhocECbNvVbYePZQMMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvRjUwblFyNmExVEtHaHdRSnMyOVZ0aDQ5bEF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDWfnAAwQA
WfnJAwQBWfnOAwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQCnrJlU824vtQ75hbpE
SJ9aS6tFwjGMdnPD3Lm4Gdq7Qa8l19TMY6HMKDz2oXzLonQcjOn42V/7TQOGBfpA
EMYQ8DArmK8mySVxr//bKsp0E7Dq5JCs3/DVm1BQ1qWZx/DoRt3okA6yh8n8rPrs
Mo061OhEfv/ivOM2p01CSGpTYgvqQAehKsSVskIHxlM1GDyU4WHeQRq4ssHLaMfu
bzdE5DWrQ7XYPU6spYl73y0kn5PBDPocmhNplx9tQJ0YvY5GdBlTlBcXQI9n0i/h
Wsd89TrSNa/grL+vFcS4sjEm71A+GeERsWK7x6KXbip8Ko9HUJATVk9DKAQ1Z/2R
02CA
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:13 2025 by rpki-client