Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/HYmDuc2UJ5g5jbk5rdBJJMiXYjc.roa
File: HYmDuc2UJ5g5jbk5rdBJJMiXYjc.roa (raw, json)
Hash identifier: GxO3IRoru9MApGeEk32ShtcMpeGNIOEwnJ8icPQSY+Y=
Subject key identifier: 1D:89:83:B9:CD:94:27:98:39:8D:B9:39:AD:D0:49:24:C8:97:62:37
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D8379D228C2292BE7FBF9CBD2790811B9
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/HYmDuc2UJ5g5jbk5rdBJJMiXYjc.roa
Signing time: Wed 07 Feb 2024 12:10:15 +0000
ROA not before: Wed 07 Feb 2024 12:10:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.201.0/24 maxlen: 24
89.249.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 08 Feb 2024 13:37:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:79:d2:28:c2:29:2b:e7:fb:f9:cb:d2:79:08:11:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 7 12:10:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1d8983b9cd942798398db939add04924c8976237
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:aa:8d:c1:25:b1:4d:24:11:c2:53:13:dc:02:
2c:eb:2f:a2:14:de:7f:cb:17:0c:18:73:cc:74:64:
30:2c:92:40:77:e5:39:d9:00:d8:0c:d0:46:7f:70:
95:ac:25:de:7d:a6:ea:ae:d3:c4:34:75:9f:c6:9f:
66:8b:26:53:e2:a5:76:b2:2e:f1:68:8f:cf:88:87:
08:0e:03:b0:2a:99:78:ac:b8:b9:65:c2:77:f2:5a:
b0:0f:0a:6c:1c:3c:b2:7a:47:25:59:bf:61:3c:58:
9b:c9:c6:b3:43:49:5a:d0:c2:c3:db:60:ab:5d:c7:
d9:d2:8c:f0:f9:bb:68:88:7d:6e:fa:1d:18:cc:d5:
f9:fa:c6:0e:a9:15:ce:31:a2:49:f4:ad:d9:7d:b0:
fb:6b:39:47:08:b1:b9:8c:4a:c7:65:9e:46:80:e9:
7e:5c:c6:11:51:87:1a:b9:7b:15:08:b6:28:46:5a:
a4:57:05:3b:99:4b:3e:de:dd:24:d8:d3:8f:0e:63:
bf:f8:b6:04:2f:a9:15:cc:d4:0e:ba:d7:a1:59:24:
61:a3:8b:a0:c8:69:29:c2:22:08:42:90:cc:d3:b5:
4f:ac:37:fa:08:47:b6:4b:c0:26:cf:f4:bb:f6:8f:
d2:81:2d:50:15:08:d7:11:61:24:96:19:ec:d8:30:
14:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:89:83:B9:CD:94:27:98:39:8D:B9:39:AD:D0:49:24:C8:97:62:37
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/HYmDuc2UJ5g5jbk5rdBJJMiXYjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
89.249.203.0/24
Signature Algorithm: sha256WithRSAEncryption
46:2e:70:97:03:25:d9:d1:b3:e1:e4:f8:c8:b7:e2:20:0f:ed:
16:bf:16:bc:03:23:80:19:c6:6c:64:74:f2:d6:3b:5f:56:01:
81:18:b8:64:6a:ca:ff:47:6b:21:a8:f0:59:39:d5:9d:47:8c:
bd:20:ac:f5:41:84:7c:b6:84:99:90:af:5b:8f:db:c0:dd:93:
66:52:db:09:b3:66:9a:e4:3b:98:03:65:f1:4d:95:72:e1:ba:
af:02:b4:ff:69:59:81:ad:81:0b:93:8b:e5:3e:4c:ca:5d:fc:
9f:14:95:99:d6:6e:80:5f:3d:20:2f:fb:c2:a3:d0:a5:9e:2b:
b8:c2:df:e7:23:f7:af:3d:04:db:63:0e:81:df:dd:6d:2d:14:
04:4f:04:a4:45:a7:a8:1f:a1:33:51:de:20:05:ba:4f:df:9c:
48:fd:f4:98:22:51:e1:bc:af:2f:ce:b8:29:c6:39:82:29:80:
56:09:4f:71:c2:2f:c9:5d:e1:2e:dc:c5:2b:7f:4a:58:58:54:
cb:6e:88:6e:be:f0:cb:2c:7d:cb:14:99:8b:7b:13:ef:d9:1d:
95:45:ff:1b:23:2f:97:11:9e:c7:d5:5b:9f:4d:d0:1d:fe:67:
6b:55:6f:ad:01:81:dd:cd:4d:8d:43:04:b1:23:a2:32:f6:3f:
be:b7:ce:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2DedIowikr5/v5y9J5CBG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjA3MTIxMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDg5ODNiOWNkOTQyNzk4Mzk4ZGI5MzlhZGQwNDkyNGM4OTc2MjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkqqNwSWxTSQRwlMT3AIs6y+iFN5/
yxcMGHPMdGQwLJJAd+U52QDYDNBGf3CVrCXefabqrtPENHWfxp9miyZT4qV2si7x
aI/PiIcIDgOwKpl4rLi5ZcJ38lqwDwpsHDyyekclWb9hPFibycazQ0la0MLD22Cr
XcfZ0ozw+btoiH1u+h0YzNX5+sYOqRXOMaJJ9K3ZfbD7azlHCLG5jErHZZ5GgOl+
XMYRUYcauXsVCLYoRlqkVwU7mUs+3t0k2NOPDmO/+LYEL6kVzNQOutehWSRho4ug
yGkpwiIIQpDM07VPrDf6CEe2S8Amz/S79o/SgS1QFQjXEWEklhns2DAUnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB2Jg7nNlCeYOY25Oa3QSSTIl2I3MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSFltRHVjMlVKNWc1amJrNXJkQkpKTWlYWWpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnJAwQA
WfnLMA0GCSqGSIb3DQEBCwUAA4IBAQBGLnCXAyXZ0bPh5PjIt+IgD+0Wvxa8AyOA
GcZsZHTy1jtfVgGBGLhkasr/R2shqPBZOdWdR4y9IKz1QYR8toSZkK9bj9vA3ZNm
UtsJs2aa5DuYA2XxTZVy4bqvArT/aVmBrYELk4vlPkzKXfyfFJWZ1m6AXz0gL/vC
o9Clniu4wt/nI/evPQTbYw6B391tLRQETwSkRaeoH6EzUd4gBbpP35xI/fSYIlHh
vK8vzrgpxjmCKYBWCU9xwi/JXeEu3MUrf0pYWFTLbohuvvDLLH3LFJmLexPv2R2V
Rf8bIy+XEZ7H1VufTdAd/mdrVW+tAYHdzU2NQwSxI6Iy9j++t85X
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:46 2025 by rpki-client