Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/T_yCSU7DrlGLuHRyhZHdYCRZJnM.roa
File: T_yCSU7DrlGLuHRyhZHdYCRZJnM.roa (raw, json)
Hash identifier: C7qCgak3s4mNIpskSQhoMDTfPoQhtnposl08nmCAqPU=
Subject key identifier: 4F:FC:82:49:4E:C3:AE:51:8B:B8:74:72:85:91:DD:60:24:59:26:73
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0191BC6D90B8380217D46CB3365424E9DC6A
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/T_yCSU7DrlGLuHRyhZHdYCRZJnM.roa
Signing time: Wed 04 Sep 2024 09:46:22 +0000
ROA not before: Wed 04 Sep 2024 09:46:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.200.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 10:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bc:6d:90:b8:38:02:17:d4:6c:b3:36:54:24:e9:dc:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Sep 4 09:46:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ffc82494ec3ae518bb874728591dd6024592673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0b:a0:21:f1:e3:f6:d5:1a:3b:54:09:1b:5c:
17:c8:dc:26:f2:05:16:24:b4:48:2f:20:c9:51:94:
1f:d0:42:36:01:b4:5b:37:a2:83:d4:e8:42:1e:0e:
79:0f:06:2e:18:d9:b1:7d:4a:aa:5f:37:af:66:e5:
c6:30:6d:6e:af:34:cb:9d:47:35:cb:48:a9:63:e2:
3c:9f:48:1b:c4:6c:e7:94:1c:f9:a8:62:45:1e:d8:
d4:50:ba:dd:1c:a6:4d:c9:53:48:39:f1:8f:7c:c2:
d0:60:8f:41:0b:68:6d:98:24:61:3f:6a:cf:ce:05:
cb:ce:24:47:4f:18:06:06:bb:8f:86:da:34:d6:61:
5d:b2:d7:a9:b0:f9:37:48:e9:54:1d:21:2c:75:76:
16:34:4d:5b:31:69:a3:54:20:14:cd:f1:9d:28:d1:
13:cc:7c:ec:33:e6:3d:23:1d:8d:8a:22:55:53:3b:
c6:8a:11:82:9a:c0:dd:89:c9:25:35:a3:6a:4c:7a:
70:3e:fe:13:78:09:e8:ad:3a:c3:0c:6d:7d:c2:b0:
3d:59:04:9c:7b:54:fe:02:22:b6:f5:52:41:1c:43:
e3:c0:7a:37:f6:bd:4e:bd:de:38:5d:52:26:c0:fc:
6e:c2:b1:05:4e:aa:5e:93:93:cb:87:67:1c:5a:40:
d3:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FC:82:49:4E:C3:AE:51:8B:B8:74:72:85:91:DD:60:24:59:26:73
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/T_yCSU7DrlGLuHRyhZHdYCRZJnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0-89.249.200.255
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
a1:04:1b:9d:52:7c:80:43:c3:50:d5:3e:54:b7:50:58:d2:55:
d4:2b:b9:77:f9:1e:ca:89:3b:fb:0c:65:3d:ff:1e:21:12:13:
fd:16:f4:31:a1:3b:89:f1:d1:b4:45:d3:93:00:4a:dd:06:d7:
73:c7:fd:03:0a:81:01:26:0d:b6:df:dc:be:d6:e4:ab:47:8c:
e1:df:97:65:55:73:fe:7a:01:25:47:2e:4a:24:14:c4:de:70:
20:bd:d1:c0:84:da:9a:59:69:36:b0:c0:6a:cc:7b:97:96:8f:
b4:e8:ac:af:6a:6e:01:e7:8d:ef:19:4f:49:65:68:b6:4e:e6:
4a:34:05:a5:88:3b:43:cd:5f:65:68:71:97:b5:24:c3:db:1f:
00:ca:98:61:83:e2:78:77:80:d6:f7:68:19:c4:91:c3:00:4e:
6d:b1:4b:c3:ff:98:6d:d5:9d:84:74:fe:94:83:32:06:b6:3d:
52:39:54:d8:c1:f9:ca:87:8d:72:f0:83:05:ec:a0:1f:fc:d1:
b5:cd:9c:00:40:01:00:79:65:b9:ce:44:46:90:f3:3a:94:91:
e7:77:0a:25:b3:ac:90:e6:27:d2:37:29:ae:28:f2:af:27:de:
cb:ef:94:19:71:45:63:8c:9d:db:40:0f:57:45:99:6f:00:f4:
f0:86:72:bc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZG8bZC4OAIX1GyzNlQk6dxqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwOTA0MDk0NjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZjODI0OTRlYzNhZTUxOGJiODc0NzI4NTkxZGQ2MDI0NTkyNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQugIfHj9tUaO1QJG1wXyNwm8gUW
JLRILyDJUZQf0EI2AbRbN6KD1OhCHg55DwYuGNmxfUqqXzevZuXGMG1urzTLnUc1
y0ipY+I8n0gbxGznlBz5qGJFHtjUULrdHKZNyVNIOfGPfMLQYI9BC2htmCRhP2rP
zgXLziRHTxgGBruPhto01mFdstepsPk3SOlUHSEsdXYWNE1bMWmjVCAUzfGdKNET
zHzsM+Y9Ix2NiiJVUzvGihGCmsDdicklNaNqTHpwPv4TeAnorTrDDG19wrA9WQSc
e1T+AiK29VJBHEPjwHo39r1Ovd44XVImwPxuwrEFTqpek5PLh2ccWkDT5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE/8gklOw65Ri7h0coWR3WAkWSZzMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvVF95Q1NVN0RybEdMdUhSeWhaSGRZQ1JaSm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAZZ+cAD
BABZ+cgDBAFZ+c4DBATUKsAwDQYJKoZIhvcNAQELBQADggEBAKEEG51SfIBDw1DV
PlS3UFjSVdQruXf5HsqJO/sMZT3/HiESE/0W9DGhO4nx0bRF05MASt0G13PH/QMK
gQEmDbbf3L7W5KtHjOHfl2VVc/56ASVHLkokFMTecCC90cCE2ppZaTawwGrMe5eW
j7TorK9qbgHnje8ZT0llaLZO5ko0BaWIO0PNX2VocZe1JMPbHwDKmGGD4nh3gNb3
aBnEkcMATm2xS8P/mG3VnYR0/pSDMga2PVI5VNjB+cqHjXLwgwXsoB/80bXNnABA
AQB5ZbnOREaQ8zqUked3CiWzrJDmJ9I3Ka4o8q8n3svvlBlxRWOMndtAD1dFmW8A
9PCGcrw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:30 2025 by rpki-client