Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/O1iQKB2hKuI7YOK4rtam914JuHE.roa
File: O1iQKB2hKuI7YOK4rtam914JuHE.roa (raw, json)
Hash identifier: UGKn33uREnTA0WmOh/ZoXcj2oQhlIav7tPXLPh92zjk=
Subject key identifier: 3B:58:90:28:1D:A1:2A:E2:3B:60:E2:B8:AE:D6:A6:F7:5E:09:B8:71
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01908A9B1AAD7FBEE331B937CA7B4D0F2AF6
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/O1iQKB2hKuI7YOK4rtam914JuHE.roa
Signing time: Sun 07 Jul 2024 00:32:18 +0000
ROA not before: Sun 07 Jul 2024 00:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 89.249.192.0/21 maxlen: 21
185.21.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 10 Aug 2024 13:04:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:8a:9b:1a:ad:7f:be:e3:31:b9:37:ca:7b:4d:0f:2a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jul 7 00:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b5890281da12ae23b60e2b8aed6a6f75e09b871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:2b:49:05:f2:61:3f:c9:6d:32:3f:7f:60:9f:
19:b7:a3:4d:e7:5f:86:6a:07:93:4d:a6:c5:90:9d:
7b:da:00:fb:a1:e4:5a:4e:2c:be:df:f6:34:13:1b:
74:62:06:fd:1c:e2:1a:b7:5d:8a:eb:b8:ba:cf:9e:
3e:d4:2f:72:71:a6:93:c7:88:27:2d:6e:74:7d:db:
82:cd:40:39:fa:52:61:d0:21:f2:55:a6:97:84:de:
c6:db:88:9d:c7:b9:f5:c6:f8:25:6d:ee:1e:aa:e7:
89:97:7b:94:e1:f8:de:89:13:e0:6a:43:ab:bf:ec:
98:10:09:2f:a1:f8:87:2f:16:c5:68:ff:ff:ac:92:
bf:6a:34:3c:46:64:f0:bf:a4:25:7f:d6:09:62:ae:
8f:98:67:16:c3:b6:87:50:b5:c5:5a:e4:d8:96:4a:
60:97:c0:35:d1:a8:52:59:af:34:aa:77:13:7e:d0:
3c:f1:de:6f:fe:93:2d:cc:15:a7:e4:e3:c6:e3:7b:
2c:3e:64:dc:52:28:bf:d1:6e:f7:dc:fe:3e:a3:14:
57:95:4b:10:33:98:dc:b0:4a:40:32:97:ef:e6:24:
85:ca:c1:50:07:5e:00:10:a2:23:77:9c:60:71:21:
06:68:20:d5:0f:db:79:e6:1f:79:ab:88:bd:e4:5d:
58:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:58:90:28:1D:A1:2A:E2:3B:60:E2:B8:AE:D6:A6:F7:5E:09:B8:71
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/O1iQKB2hKuI7YOK4rtam914JuHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
185.21.253.0/24
Signature Algorithm: sha256WithRSAEncryption
06:fa:90:f4:f8:91:5c:a8:29:76:b9:4e:30:6d:8b:92:04:60:
4c:c0:e6:c4:30:46:b6:07:0b:ea:77:da:47:cd:c7:1a:52:18:
46:02:6e:0e:fe:55:6e:be:4c:ef:fc:89:bf:e8:9e:d7:39:ec:
78:b2:c1:d0:d5:24:e5:1c:b0:49:aa:4e:5a:af:30:65:54:f0:
47:e6:92:37:c9:c3:a2:4f:cd:20:e5:5f:67:a7:a6:2d:5f:c2:
15:9e:b7:06:f9:04:9b:30:c9:f3:de:b2:68:07:78:03:61:12:
c3:29:60:e5:ea:2a:c2:27:ce:9b:cd:fc:8d:6b:19:e7:08:7d:
0c:41:4a:3c:18:31:3d:2e:b2:a1:bb:8e:52:e8:73:ac:43:44:
b1:13:c3:df:ec:73:71:0e:83:1d:82:66:f6:bb:27:91:96:c5:
6d:44:d0:0f:e0:5f:30:73:56:5e:7c:6b:d1:ba:75:c3:96:15:
b7:d4:e1:3b:bc:dc:c0:23:e5:4f:d4:da:63:47:6e:f1:cd:0f:
39:79:91:69:1c:dc:b3:96:9d:bf:ff:a6:59:42:14:ab:d5:0f:
9e:94:e3:5f:d3:a6:e4:6c:2d:5e:7c:8d:22:4a:8e:d0:cb:01:
31:b5:e1:a8:fb:9e:74:4a:cc:cd:f6:f4:a8:25:97:21:52:f3:
b8:27:81:2d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCKmxqtf77jMbk3yntNDyr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNzA3MDAzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjU4OTAyODFkYTEyYWUyM2I2MGUyYjhhZWQ2YTZmNzVlMDliODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyytJBfJhP8ltMj9/YJ8Zt6NN51+G
ageTTabFkJ172gD7oeRaTiy+3/Y0Ext0Ygb9HOIat12K67i6z54+1C9ycaaTx4gn
LW50fduCzUA5+lJh0CHyVaaXhN7G24idx7n1xvglbe4equeJl3uU4fjeiRPgakOr
v+yYEAkvofiHLxbFaP//rJK/ajQ8RmTwv6Qlf9YJYq6PmGcWw7aHULXFWuTYlkpg
l8A10ahSWa80qncTftA88d5v/pMtzBWn5OPG43ssPmTcUii/0W733P4+oxRXlUsQ
M5jcsEpAMpfv5iSFysFQB14AEKIjd5xgcSEGaCDVD9t55h95q4i95F1YCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDtYkCgdoSriO2DiuK7WpvdeCbhxMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvTzFpUUtCMmhLdUk3WU9LNHJ0YW05MTRKdUhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWfnAAwQA
uRX9MA0GCSqGSIb3DQEBCwUAA4IBAQAG+pD0+JFcqCl2uU4wbYuSBGBMwObEMEa2
Bwvqd9pHzccaUhhGAm4O/lVuvkzv/Im/6J7XOex4ssHQ1STlHLBJqk5arzBlVPBH
5pI3ycOiT80g5V9np6YtX8IVnrcG+QSbMMnz3rJoB3gDYRLDKWDl6irCJ86bzfyN
axnnCH0MQUo8GDE9LrKhu45S6HOsQ0SxE8Pf7HNxDoMdgmb2uyeRlsVtRNAP4F8w
c1ZefGvRunXDlhW31OE7vNzAI+VP1NpjR27xzQ85eZFpHNyzlp2//6ZZQhSr1Q+e
lONf06bkbC1efI0iSo7QywExteGo+550SszN9vSoJZchUvO4J4Et
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:17 2025 by rpki-client