Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JsfUJ_SxbXqpUqcnQ5_N9Vri4lA.roa
File: JsfUJ_SxbXqpUqcnQ5_N9Vri4lA.roa (raw, json)
Hash identifier: XKn5EEkNr3M4r2Hw7fYYRlezGRJAnjtK+d3nJZc3APw=
Subject key identifier: 26:C7:D4:27:F4:B1:6D:7A:A9:52:A7:27:43:9F:CD:F5:5A:E2:E2:50
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01908A9B1994031F082B49C08EA2FCB81A5D
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JsfUJ_SxbXqpUqcnQ5_N9Vri4lA.roa
Signing time: Sun 07 Jul 2024 00:32:18 +0000
ROA not before: Sun 07 Jul 2024 00:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 25 Jul 2024 15:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8a:9b:19:94:03:1f:08:2b:49:c0:8e:a2:fc:b8:1a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jul 7 00:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=26c7d427f4b16d7aa952a727439fcdf55ae2e250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:2f:c7:e8:4d:81:c8:e6:b5:21:2f:f2:cb:ae:
ad:cb:a9:e7:f5:06:d5:43:e8:08:e6:0e:2d:be:a8:
f9:7a:95:22:ef:4e:df:5e:b2:a5:17:73:f1:6c:0d:
1a:10:79:eb:8e:6c:d7:dd:3d:f1:f6:ef:c1:60:45:
e6:12:60:88:f4:94:c1:fe:47:f5:7f:9c:7c:0f:1d:
94:0c:64:f7:a7:8e:c2:1c:4c:77:8d:cb:08:50:60:
2f:5b:d4:31:93:61:cc:e0:5b:43:68:0c:c6:84:b8:
ed:f2:62:7f:a4:d2:a6:03:6d:d6:6e:1c:5b:5a:ce:
10:e5:69:64:ef:b0:e6:3c:bd:19:61:2a:12:84:e9:
4d:a4:95:b8:51:23:d7:2e:db:6d:e5:dd:b9:54:fc:
fa:2c:ff:1d:94:54:9c:f5:01:95:da:f3:c7:71:6d:
8d:c1:d8:be:32:e1:3a:68:cb:be:14:24:fa:13:d4:
f7:7c:8a:95:a4:13:cc:7c:83:f2:bc:b7:cb:3c:d8:
ab:49:34:ed:f0:20:44:73:ee:11:09:99:18:53:8d:
1a:d4:f6:5b:67:95:25:3a:05:0d:33:af:bc:da:98:
06:58:43:d9:dc:a5:6e:49:d3:b5:09:29:28:10:00:
2a:95:8a:f8:43:80:6d:ec:11:e7:b5:40:5a:d0:15:
78:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:C7:D4:27:F4:B1:6D:7A:A9:52:A7:27:43:9F:CD:F5:5A:E2:E2:50
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/JsfUJ_SxbXqpUqcnQ5_N9Vri4lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/23
212.42.192.0/19
Signature Algorithm: sha256WithRSAEncryption
72:0d:83:a4:4e:b5:94:e3:6c:28:af:06:d7:f1:46:e0:21:05:
19:45:4d:3c:4f:49:94:23:91:5d:da:c5:79:98:07:a4:37:34:
52:8a:01:ca:3e:37:3e:9b:f8:a9:b2:d1:59:dd:22:81:80:87:
00:f4:13:e2:91:e3:69:f8:ca:a4:02:a9:e4:8b:66:57:a3:78:
89:ff:32:61:e6:93:30:40:a2:56:66:a9:54:f5:33:c0:36:af:
66:e8:94:8c:0e:d3:65:06:ba:3f:a8:31:f3:fa:6f:58:15:2a:
b6:fe:5d:21:92:74:59:a8:df:3b:49:92:8b:e7:9c:8f:d2:ad:
53:c0:92:ea:c4:db:e0:d4:8c:5b:99:1f:b9:3e:4a:33:72:4c:
03:f9:25:3b:5a:82:8a:c4:4b:a9:45:44:2a:e4:c0:19:42:59:
e6:18:d1:e6:d5:93:cc:78:7f:9b:f2:58:20:09:05:03:06:03:
75:d3:72:7a:42:ee:95:e2:3b:0b:14:8b:fa:59:99:20:28:78:
35:89:bf:bb:3c:21:39:dc:3f:1b:d2:51:49:6f:a4:4f:67:59:
f5:08:ed:a3:e7:42:dd:7b:fc:67:c3:6f:e2:6e:6a:72:89:4e:
6f:97:d6:bc:30:a2:4c:d0:57:00:03:08:e1:e3:69:50:fe:81:
34:68:5a:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCKmxmUAx8IK0nAjqL8uBpdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNzA3MDAzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyNmM3ZDQyN2Y0YjE2ZDdhYTk1MmE3Mjc0MzlmY2RmNTVhZTJlMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7y/H6E2ByOa1IS/yy66ty6nn9QbV
Q+gI5g4tvqj5epUi707fXrKlF3PxbA0aEHnrjmzX3T3x9u/BYEXmEmCI9JTB/kf1
f5x8Dx2UDGT3p47CHEx3jcsIUGAvW9Qxk2HM4FtDaAzGhLjt8mJ/pNKmA23Wbhxb
Ws4Q5Wlk77DmPL0ZYSoShOlNpJW4USPXLttt5d25VPz6LP8dlFSc9QGV2vPHcW2N
wdi+MuE6aMu+FCT6E9T3fIqVpBPMfIPyvLfLPNirSTTt8CBEc+4RCZkYU40a1PZb
Z5UlOgUNM6+82pgGWEPZ3KVuSdO1CSkoEAAqlYr4Q4Bt7BHntUBa0BV44QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCbH1Cf0sW16qVKnJ0OfzfVa4uJQMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSnNmVUpfU3hiWHFwVXFjblE1X045VnJpNGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfnOAwQF
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQByDYOkTrWU42worwbX8UbgIQUZRU08T0mU
I5Fd2sV5mAekNzRSigHKPjc+m/ipstFZ3SKBgIcA9BPikeNp+MqkAqnki2ZXo3iJ
/zJh5pMwQKJWZqlU9TPANq9m6JSMDtNlBro/qDHz+m9YFSq2/l0hknRZqN87SZKL
55yP0q1TwJLqxNvg1IxbmR+5PkozckwD+SU7WoKKxEupRUQq5MAZQlnmGNHm1ZPM
eH+b8lggCQUDBgN103J6Qu6V4jsLFIv6WZkgKHg1ib+7PCE53D8b0lFJb6RPZ1n1
CO2j50Lde/xnw2/ibmpyiU5vl9a8MKJM0FcAAwjh42lQ/oE0aFpp
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:39 2025 by rpki-client