Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JUl2XJ7ITteVa0YZiH_2fdnHLHE.roa
File: JUl2XJ7ITteVa0YZiH_2fdnHLHE.roa (raw, json)
Hash identifier: MYOIjvxFWT6ugCgMn3KkkM/0xAtUD56C4vyfiv1viSw=
Subject key identifier: 25:49:76:5C:9E:C8:4E:D7:95:6B:46:19:88:7F:F6:7D:D9:C7:2C:71
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018E868EBC0589430BA4299CB996D49328AE
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JUl2XJ7ITteVa0YZiH_2fdnHLHE.roa
Signing time: Thu 28 Mar 2024 19:34:44 +0000
ROA not before: Thu 28 Mar 2024 19:34:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211975
IP address blocks: 89.249.200.0/24 maxlen: 24
185.21.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 24 May 2024 20:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:86:8e:bc:05:89:43:0b:a4:29:9c:b9:96:d4:93:28:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Mar 28 19:34:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2549765c9ec84ed7956b4619887ff67dd9c72c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:98:72:32:46:43:91:d4:5d:f9:8c:bd:dc:4c:
2d:2b:71:75:2a:45:87:de:42:67:8c:d2:cf:e2:50:
bf:82:06:d3:74:19:74:0f:a0:a3:37:84:fc:00:86:
b9:c0:71:ac:5c:74:3e:18:af:2b:4a:08:ac:6c:ff:
a7:c6:4c:47:7b:c3:ce:68:6a:40:0f:c5:f7:01:f5:
b6:5a:32:5a:ec:fb:6b:02:89:0b:c5:50:cc:47:91:
58:00:b2:54:c6:d8:1c:a6:0b:c2:98:00:f1:c5:d9:
aa:9c:17:36:f3:33:2d:6a:2e:3f:eb:66:e8:2b:45:
3b:4c:b6:47:67:32:91:b5:7c:00:3a:bd:99:14:10:
7a:7b:f3:69:92:15:02:cb:1c:f6:f1:06:d5:3b:ad:
9f:ae:8b:9b:0c:3f:5c:cc:2b:06:bc:cf:7f:99:1e:
0c:7b:85:5f:d0:78:90:29:6d:2c:1a:36:4e:53:20:
50:dd:a3:c6:d4:09:21:49:a8:f1:7c:42:28:3d:1e:
79:64:5f:52:af:b7:b4:c5:c1:ce:af:85:21:1c:5b:
c7:cb:f3:25:af:c2:8d:88:4e:6e:25:4c:0c:c2:8c:
9b:59:d6:18:43:5c:1f:be:d8:f9:ba:02:9b:03:90:
77:67:ee:07:27:5d:73:76:3b:83:f5:9b:00:fa:4c:
be:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:49:76:5C:9E:C8:4E:D7:95:6B:46:19:88:7F:F6:7D:D9:C7:2C:71
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JUl2XJ7ITteVa0YZiH_2fdnHLHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.200.0/24
185.21.255.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:e6:12:ec:13:4f:af:52:a7:59:29:eb:15:6e:02:82:be:d3:
f9:06:f1:3b:82:4b:3a:d2:08:ed:e7:1c:2d:16:e2:1f:1e:08:
86:75:37:85:15:97:31:ac:cb:02:80:9a:19:03:0e:e3:62:bb:
e9:24:ea:ba:ee:2b:7a:21:12:12:f0:1e:b7:bb:2f:94:a5:8d:
ec:94:56:80:8d:bd:e7:2d:f2:ea:fa:11:54:93:ab:4c:d1:38:
09:6f:a1:9b:94:8f:2e:cf:ba:08:a9:1b:fb:ff:36:ea:ef:ef:
d4:23:fc:06:38:46:ee:ca:f9:08:3a:18:c6:87:71:e7:f1:f8:
cc:3f:08:4b:94:db:91:a1:82:c5:ff:9a:3a:1c:f9:8b:c4:33:
5a:32:da:a9:94:e4:87:a9:75:32:50:82:f0:23:a8:08:84:b6:
99:13:8c:b4:c5:60:8d:a5:8b:c1:00:1c:6e:99:88:03:d9:d6:
d8:20:b0:9f:92:12:f4:76:24:8d:ae:58:21:6d:93:9c:41:f8:
7a:54:e4:b4:f8:15:76:77:a1:5a:09:5a:cc:73:d3:c8:63:85:
c2:8c:87:eb:6f:bb:31:8c:1a:b7:fc:18:91:6c:7a:c9:a8:fd:
ca:34:da:50:99:f7:a8:08:86:d4:56:79:83:44:3d:17:67:0c:
53:11:46:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6GjrwFiUMLpCmcuZbUkyiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMzI4MTkzNDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNTQ5NzY1YzllYzg0ZWQ3OTU2YjQ2MTk4ODdmZjY3ZGQ5YzcyYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJhyMkZDkdRd+Yy93EwtK3F1KkWH
3kJnjNLP4lC/ggbTdBl0D6CjN4T8AIa5wHGsXHQ+GK8rSgisbP+nxkxHe8POaGpA
D8X3AfW2WjJa7PtrAokLxVDMR5FYALJUxtgcpgvCmADxxdmqnBc28zMtai4/62bo
K0U7TLZHZzKRtXwAOr2ZFBB6e/NpkhUCyxz28QbVO62froubDD9czCsGvM9/mR4M
e4Vf0HiQKW0sGjZOUyBQ3aPG1AkhSajxfEIoPR55ZF9Sr7e0xcHOr4UhHFvHy/Ml
r8KNiE5uJUwMwoybWdYYQ1wfvtj5ugKbA5B3Z+4HJ11zdjuD9ZsA+ky+CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCVJdlyeyE7XlWtGGYh/9n3ZxyxxMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSlVsMlhKN0lUdGVWYTBZWmlIXzJmZG5ITEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnIAwQA
uRX/MA0GCSqGSIb3DQEBCwUAA4IBAQBu5hLsE0+vUqdZKesVbgKCvtP5BvE7gks6
0gjt5xwtFuIfHgiGdTeFFZcxrMsCgJoZAw7jYrvpJOq67it6IRIS8B63uy+UpY3s
lFaAjb3nLfLq+hFUk6tM0TgJb6GblI8uz7oIqRv7/zbq7+/UI/wGOEbuyvkIOhjG
h3Hn8fjMPwhLlNuRoYLF/5o6HPmLxDNaMtqplOSHqXUyUILwI6gIhLaZE4y0xWCN
pYvBABxumYgD2dbYILCfkhL0diSNrlghbZOcQfh6VOS0+BV2d6FaCVrMc9PIY4XC
jIfrb7sxjBq3/BiRbHrJqP3KNNpQmfeoCIbUVnmDRD0XZwxTEUbV
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:40 2025 by rpki-client