Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/NYIONTZCGJ13T5qiat0HkOLiUWA.roa
File: NYIONTZCGJ13T5qiat0HkOLiUWA.roa (raw, json)
Hash identifier: TS3qtrzM0vleIK/ny+OKJxTzod/uXijwVexl1m2Vh2s=
Subject key identifier: 35:82:0E:35:36:42:18:9D:77:4F:9A:A2:6A:DD:07:90:E2:E2:51:60
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01919370B46C1DECFFB665204DBB10B55554
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/NYIONTZCGJ13T5qiat0HkOLiUWA.roa
Signing time: Tue 27 Aug 2024 10:45:22 +0000
ROA not before: Tue 27 Aug 2024 10:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Sep 2024 09:46:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:93:70:b4:6c:1d:ec:ff:b6:65:20:4d:bb:10:b5:55:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Aug 27 10:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=35820e353642189d774f9aa26add0790e2e25160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fb:5f:cd:b2:31:c1:24:9b:31:83:42:5e:dc:
f1:0d:5c:cb:21:20:9c:db:cf:86:17:df:a2:3c:26:
8d:b8:90:f2:66:49:16:95:b3:ab:40:79:75:ca:f2:
54:1a:81:30:08:41:ba:88:af:e9:1c:fe:3c:5e:50:
ef:79:18:74:2f:2f:41:7c:47:74:65:8f:7e:97:c9:
da:2e:9e:96:fa:a9:f3:23:07:1a:3c:a4:1e:a0:cf:
c0:bb:e1:57:b5:b5:60:54:ef:8f:42:17:3c:44:2b:
87:82:49:1b:ec:20:3d:95:5b:cc:8e:b4:20:eb:50:
6a:35:a1:a0:6b:35:78:65:31:9c:31:9c:14:bd:42:
38:31:ba:c2:16:01:eb:ee:04:12:21:53:a5:e4:8b:
58:67:8f:e1:bc:03:1a:1b:18:e3:25:c2:85:f5:c9:
bf:1f:09:0b:7a:a3:4d:12:e1:6e:12:17:9d:18:86:
fa:0c:fd:ae:e5:2a:b7:49:22:6a:00:88:23:f5:f7:
4d:83:78:b8:e7:b4:e7:fa:04:01:14:78:0c:6b:f9:
75:6a:b5:fc:72:a5:e3:fc:9c:ba:ee:ed:ee:6a:0d:
8f:36:3a:40:94:73:ad:05:61:eb:ad:85:b5:9b:d5:
be:d4:de:c1:34:f0:54:bc:0a:ed:e0:53:9b:fc:b1:
3b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:82:0E:35:36:42:18:9D:77:4F:9A:A2:6A:DD:07:90:E2:E2:51:60
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/NYIONTZCGJ13T5qiat0HkOLiUWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
21:95:92:72:ab:6c:74:6e:bc:3c:43:55:04:b4:0a:d3:d8:3a:
82:84:2f:49:43:97:d8:ed:68:7d:d9:79:63:1a:10:4c:a0:d4:
f5:da:ec:3d:64:c3:f9:a5:c6:87:1d:30:8a:2e:90:37:e5:7d:
17:de:01:54:2b:4f:73:53:ca:62:96:72:1a:39:60:d8:5a:51:
f0:d3:4f:24:6a:3a:43:6c:d2:0c:e8:22:7e:55:a3:26:87:32:
8f:b2:3b:3e:99:f1:15:24:92:17:63:31:04:2a:ea:72:ed:1a:
ff:d0:30:42:af:a8:5c:d0:ce:f6:a5:84:74:d1:b6:6b:6f:a2:
57:1d:ba:9d:f7:71:fc:3c:20:b1:7b:35:72:42:9a:02:ca:fd:
86:9e:f5:3b:ef:92:ff:da:27:3d:01:90:33:24:da:27:34:89:
e2:00:d5:d9:3b:dd:ec:64:4a:86:ef:ad:ee:9c:96:18:3d:ae:
b7:8f:32:6c:be:d1:64:fa:9b:68:43:dc:f8:57:7d:2d:5f:d1:
57:80:90:90:9b:2a:c6:47:7e:84:81:f1:18:0e:ca:b3:33:58:
5c:fe:d1:e9:60:ee:bd:39:9d:18:27:b5:17:34:68:49:8b:94:
b6:7b:7f:74:90:a8:c6:b2:e7:a0:42:e0:8f:3a:0b:07:07:b5:
89:7f:4c:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZGTcLRsHez/tmUgTbsQtVVUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwODI3MTA0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNTgyMGUzNTM2NDIxODlkNzc0ZjlhYTI2YWRkMDc5MGUyZTI1MTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/tfzbIxwSSbMYNCXtzxDVzLISCc
28+GF9+iPCaNuJDyZkkWlbOrQHl1yvJUGoEwCEG6iK/pHP48XlDveRh0Ly9BfEd0
ZY9+l8naLp6W+qnzIwcaPKQeoM/Au+FXtbVgVO+PQhc8RCuHgkkb7CA9lVvMjrQg
61BqNaGgazV4ZTGcMZwUvUI4MbrCFgHr7gQSIVOl5ItYZ4/hvAMaGxjjJcKF9cm/
HwkLeqNNEuFuEhedGIb6DP2u5Sq3SSJqAIgj9fdNg3i457Tn+gQBFHgMa/l1arX8
cqXj/Jy67u3uag2PNjpAlHOtBWHrrYW1m9W+1N7BNPBUvArt4FOb/LE7VQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDWCDjU2Qhidd0+aomrdB5Di4lFgMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvTllJT05UWkNHSjEzVDVxaWF0MEhrT0xpVVdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWfnAAwQB
WfnOAwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQAhlZJyq2x0brw8Q1UEtArT2DqC
hC9JQ5fY7Wh92XljGhBMoNT12uw9ZMP5pcaHHTCKLpA35X0X3gFUK09zU8pilnIa
OWDYWlHw008kajpDbNIM6CJ+VaMmhzKPsjs+mfEVJJIXYzEEKupy7Rr/0DBCr6hc
0M72pYR00bZrb6JXHbqd93H8PCCxezVyQpoCyv2GnvU775L/2ic9AZAzJNonNIni
ANXZO93sZEqG763unJYYPa63jzJsvtFk+ptoQ9z4V30tX9FXgJCQmyrGR36EgfEY
DsqzM1hc/tHpYO69OZ0YJ7UXNGhJi5S2e390kKjGsuegQuCPOgsHB7WJf0yP
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:28 2025 by rpki-client