Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/WSxGdM4yD8lpDbjzCzjFOZT_jvY.roa
File: WSxGdM4yD8lpDbjzCzjFOZT_jvY.roa (raw, json)
Hash identifier: vWHOgc+mZ+X9EDFw5U7odyQssyRkH9WD2YZoVi+DwDQ=
Subject key identifier: 59:2C:46:74:CE:32:0F:C9:69:0D:B8:F3:0B:38:C5:39:94:FF:8E:F6
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 019072D855E16F754F0818E14F0F90D9319A
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/WSxGdM4yD8lpDbjzCzjFOZT_jvY.roa
Signing time: Tue 02 Jul 2024 09:48:18 +0000
ROA not before: Tue 02 Jul 2024 09:48:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 07 Jul 2024 00:32:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:72:d8:55:e1:6f:75:4f:08:18:e1:4f:0f:90:d9:31:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jul 2 09:48:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=592c4674ce320fc9690db8f30b38c53994ff8ef6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:fe:ef:a7:f8:be:57:10:b2:1c:22:ff:ee:a0:
87:ea:23:4e:d7:80:37:dd:fa:77:cc:df:49:34:6c:
08:37:ba:26:b2:46:d2:86:98:de:45:dd:77:81:89:
1d:52:92:0a:03:93:de:3a:15:f3:6c:91:0d:77:51:
2d:6c:e2:6e:1b:20:2f:0f:ab:53:59:22:e6:cc:48:
17:9b:53:5d:70:d2:41:12:68:dd:d3:16:dc:75:15:
70:85:6d:0c:0b:36:de:67:8a:d2:34:84:d9:4b:d6:
c8:f5:96:e5:e9:b1:32:3c:a2:2f:bc:6b:09:f1:38:
39:1c:82:4d:52:b2:b6:f8:0c:20:87:82:f3:6c:91:
a7:c6:77:18:0c:43:b1:60:f5:3a:41:6e:dd:f9:60:
0e:90:77:be:e2:00:33:34:d8:ea:1f:04:ed:46:78:
d2:66:0a:1f:f2:a5:5c:64:b9:b0:3b:04:78:68:66:
56:5c:50:a1:04:0e:0e:20:62:31:46:46:4c:d3:16:
05:20:c5:4b:36:2c:85:bb:67:89:41:27:6a:b8:6d:
cb:8c:02:41:e3:c7:99:3a:76:04:9f:cb:94:06:ef:
8e:65:1b:c9:44:7f:47:b5:2e:b0:27:44:21:e0:f7:
1a:fa:cd:40:94:6f:3b:37:96:a6:ca:74:8a:43:30:
c9:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:2C:46:74:CE:32:0F:C9:69:0D:B8:F3:0B:38:C5:39:94:FF:8E:F6
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/WSxGdM4yD8lpDbjzCzjFOZT_jvY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
70:1a:27:8c:52:53:37:0b:70:b9:65:eb:57:6d:62:a3:a2:28:
87:06:8f:25:b6:ae:74:31:7b:d9:e9:7b:59:db:d8:67:8f:d3:
f4:0b:b6:34:e3:64:0d:46:0f:5f:64:42:a1:5c:d8:c4:56:da:
3a:73:b1:0c:65:25:82:8b:56:55:69:1a:cf:bb:9f:bb:f2:ba:
f8:c3:bc:10:87:5a:c0:3b:fb:a1:92:77:3d:81:94:84:8d:d0:
d9:20:95:99:02:73:31:2d:80:1d:c2:4c:b3:0e:bd:b8:8c:5e:
48:1f:2b:3f:42:d2:16:09:f6:7b:4a:4f:3c:5f:1a:70:52:87:
49:b5:0a:ce:92:f7:2f:e4:33:f5:39:82:cd:2d:c4:36:ea:c2:
6b:e0:34:83:34:86:f3:fb:3b:82:9b:cb:8d:05:ac:fe:52:a7:
9e:9e:23:9b:6e:e7:32:e6:38:f7:06:74:cc:ac:ad:b7:b4:c3:
fc:88:99:03:20:02:aa:93:56:6f:42:d4:89:2b:55:8f:0b:6b:
9e:a3:a9:01:61:34:18:4e:b0:b9:7f:7c:af:05:62:3e:87:5e:
77:03:7a:f2:b4:79:17:1e:ca:30:2b:e7:e1:ca:d0:9d:cd:36:
c3:3a:10:21:27:0d:f8:a1:41:b3:f5:2b:4a:3e:e2:df:01:c7:
38:21:e0:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBy2FXhb3VPCBjhTw+Q2TGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNzAyMDk0ODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OTJjNDY3NGNlMzIwZmM5NjkwZGI4ZjMwYjM4YzUzOTk0ZmY4ZWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2P7vp/i+VxCyHCL/7qCH6iNO14A3
3fp3zN9JNGwIN7omskbShpjeRd13gYkdUpIKA5PeOhXzbJENd1EtbOJuGyAvD6tT
WSLmzEgXm1NdcNJBEmjd0xbcdRVwhW0MCzbeZ4rSNITZS9bI9Zbl6bEyPKIvvGsJ
8Tg5HIJNUrK2+Awgh4LzbJGnxncYDEOxYPU6QW7d+WAOkHe+4gAzNNjqHwTtRnjS
Zgof8qVcZLmwOwR4aGZWXFChBA4OIGIxRkZM0xYFIMVLNiyFu2eJQSdquG3LjAJB
48eZOnYEn8uUBu+OZRvJRH9HtS6wJ0Qh4Pca+s1AlG87N5amynSKQzDJ2wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFksRnTOMg/JaQ248ws4xTmU/472MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvV1N4R2RNNHlEOGxwRGJqekN6akZPWlRfanZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfnOAwQE
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQBwGieMUlM3C3C5ZetXbWKjoiiHBo8ltq50
MXvZ6XtZ29hnj9P0C7Y042QNRg9fZEKhXNjEVto6c7EMZSWCi1ZVaRrPu5+78rr4
w7wQh1rAO/uhknc9gZSEjdDZIJWZAnMxLYAdwkyzDr24jF5IHys/QtIWCfZ7Sk88
XxpwUodJtQrOkvcv5DP1OYLNLcQ26sJr4DSDNIbz+zuCm8uNBaz+UqeeniObbucy
5jj3BnTMrK23tMP8iJkDIAKqk1ZvQtSJK1WPC2ueo6kBYTQYTrC5f3yvBWI+h153
A3rytHkXHsowK+fhytCdzTbDOhAhJw34oUGz9StKPuLfAcc4IeAk
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:01 2025 by rpki-client