Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/T3sz0lNvAcUT29gyN819VPcG-Y4.roa
File: T3sz0lNvAcUT29gyN819VPcG-Y4.roa (raw, json)
Hash identifier: tZ+qtFYlNpVhKw6L4iT0plYODneUVjvTWxzvZMs1K2s=
Subject key identifier: 4F:7B:33:D2:53:6F:01:C5:13:DB:D8:32:37:CD:7D:54:F7:06:F9:8E
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018CD98493A0CF3023996B6CA6A7F50F6FEA
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/T3sz0lNvAcUT29gyN819VPcG-Y4.roa
Signing time: Fri 05 Jan 2024 12:06:33 +0000
ROA not before: Fri 05 Jan 2024 12:06:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.200.0/23 maxlen: 24
185.21.254.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 06 Jan 2024 22:17:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:84:93:a0:cf:30:23:99:6b:6c:a6:a7:f5:0f:6f:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 5 12:06:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f7b33d2536f01c513dbd83237cd7d54f706f98e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8b:37:47:8b:e7:64:b4:63:3e:68:b4:df:ee:
2b:c9:c2:6d:a2:06:7d:ae:cf:79:47:c0:22:d3:27:
25:0d:a6:36:74:05:da:1c:b5:a7:d2:23:03:8b:6f:
69:e9:5f:f2:99:ec:3e:0d:5a:75:7d:48:f2:4b:08:
25:a0:0a:0b:2e:e0:f2:a0:93:69:be:e5:96:2c:4d:
ec:3d:98:bd:32:f2:94:b3:df:e0:6a:7f:42:27:06:
34:d2:14:38:63:a2:d0:41:46:7f:2c:cd:46:9a:3d:
ae:a0:22:ae:ec:4c:20:67:a6:e2:c4:ec:b8:fe:b0:
d7:1a:45:21:95:44:22:19:0b:ed:9e:42:3a:23:c1:
f6:01:3d:b8:93:1b:cb:53:14:a3:2a:f7:85:30:11:
c3:57:99:6a:6f:f7:f3:ea:51:69:b2:71:8a:36:a7:
b1:73:78:e6:6c:32:eb:ff:a8:35:86:02:d4:d2:7b:
3b:b0:e4:bb:9f:c5:bc:26:2d:92:11:bb:5c:a7:69:
e4:ce:b9:14:46:f7:74:09:e2:69:0b:d0:40:53:5e:
db:79:83:0d:00:ad:8f:f3:9c:e4:a8:38:db:81:97:
db:40:a6:04:cb:24:90:ec:dd:48:94:b8:d7:2c:fe:
d3:92:53:ed:51:45:b4:34:94:bc:27:df:53:6e:35:
5a:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:7B:33:D2:53:6F:01:C5:13:DB:D8:32:37:CD:7D:54:F7:06:F9:8E
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/T3sz0lNvAcUT29gyN819VPcG-Y4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0-89.249.201.255
185.21.254.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:f2:76:3f:8e:59:95:be:9a:c9:a4:b5:6b:2d:b1:17:f2:43:
9b:cd:27:c2:5c:06:60:a6:e0:ff:1b:70:e3:29:ab:08:20:8c:
e4:bb:8f:40:31:df:76:16:ec:03:05:d0:7f:6c:ea:a6:82:4e:
ef:92:fe:1e:92:40:0f:17:0a:89:2b:1a:55:fa:8c:b1:41:1b:
e2:7f:c8:32:52:39:78:0f:9b:86:8d:c6:ae:e3:bb:30:b2:5c:
f1:8a:e0:00:41:b3:46:ea:48:77:b1:b5:47:d6:98:cd:69:6e:
1d:9e:a3:a0:82:d1:c6:ca:03:cb:66:8c:26:c3:ef:ed:dc:eb:
ca:c5:52:2a:74:b1:af:d2:65:88:a5:3e:ac:bb:a3:fb:65:c6:
92:65:7a:f2:f4:c3:6b:a4:44:86:b2:6a:6c:ba:b9:bd:b0:60:
3f:9c:7a:2b:c2:21:5f:94:d5:f6:76:18:4f:e1:fc:8f:94:98:
ab:4b:f8:fb:b6:28:d8:a1:66:6c:34:47:e6:c6:f3:1f:b9:5f:
bb:06:ac:52:88:69:6e:80:f0:f2:0f:0a:73:52:66:1a:93:d3:
eb:28:1d:37:85:63:bd:9d:65:af:1e:1a:49:eb:9b:a3:3c:fe:
47:76:2c:ca:bc:ff:50:e6:d0:f0:b4:fc:60:d8:9d:7a:1a:1c:
5d:33:de:0f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzZhJOgzzAjmWtspqf1D2/qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTA1MTIwNjMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjdiMzNkMjUzNmYwMWM1MTNkYmQ4MzIzN2NkN2Q1NGY3MDZmOThlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIs3R4vnZLRjPmi03+4rycJtogZ9
rs95R8Ai0yclDaY2dAXaHLWn0iMDi29p6V/ymew+DVp1fUjySwgloAoLLuDyoJNp
vuWWLE3sPZi9MvKUs9/gan9CJwY00hQ4Y6LQQUZ/LM1Gmj2uoCKu7EwgZ6bixOy4
/rDXGkUhlUQiGQvtnkI6I8H2AT24kxvLUxSjKveFMBHDV5lqb/fz6lFpsnGKNqex
c3jmbDLr/6g1hgLU0ns7sOS7n8W8Ji2SEbtcp2nkzrkURvd0CeJpC9BAU17beYMN
AK2P85zkqDjbgZfbQKYEyySQ7N1IlLjXLP7TklPtUUW0NJS8J99TbjVaHQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFE97M9JTbwHFE9vYMjfNfVT3BvmOMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvVDNzejBsTnZBY1VUMjlneU44MTlWUGNHLVk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAZZ+cAD
BAFZ+cgDBAC5Ff4wDQYJKoZIhvcNAQELBQADggEBAH3ydj+OWZW+msmktWstsRfy
Q5vNJ8JcBmCm4P8bcOMpqwggjOS7j0Ax33YW7AMF0H9s6qaCTu+S/h6SQA8XCokr
GlX6jLFBG+J/yDJSOXgPm4aNxq7juzCyXPGK4ABBs0bqSHextUfWmM1pbh2eo6CC
0cbKA8tmjCbD7+3c68rFUip0sa/SZYilPqy7o/tlxpJlevL0w2ukRIayamy6ub2w
YD+ceivCIV+U1fZ2GE/h/I+UmKtL+Pu2KNihZmw0R+bG8x+5X7sGrFKIaW6A8PIP
CnNSZhqT0+soHTeFY72dZa8eGknrm6M8/kd2LMq8/1Dm0PC0/GDYnXoaHF0z3g8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:40 2025 by rpki-client