Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/XQFwXQLjxKeo8r63T9Axf1MTxf4.roa
File: XQFwXQLjxKeo8r63T9Axf1MTxf4.roa (raw, json)
Hash identifier: 2Vs8Ex6CLzoEHPeC8htC/uWMukyDslFPco4YEN2x9sY=
Subject key identifier: 5D:01:70:5D:02:E3:C4:A7:A8:F2:BE:B7:4F:D0:31:7F:53:13:C5:FE
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01936C175A0962B5969720DD26BB818A12EC
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/XQFwXQLjxKeo8r63T9Axf1MTxf4.roa
Signing time: Wed 27 Nov 2024 05:28:09 +0000
ROA not before: Wed 27 Nov 2024 05:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
89.249.207.0/24 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sat 30 Nov 2024 16:11:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6c:17:5a:09:62:b5:96:97:20:dd:26:bb:81:8a:12:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Nov 27 05:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d01705d02e3c4a7a8f2beb74fd0317f5313c5fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:43:6c:90:e5:72:e3:50:b1:08:09:7e:f7:3d:
4f:06:79:64:fe:ba:8a:93:cc:56:29:7b:b3:81:90:
0a:53:85:52:af:b1:b4:8f:c8:b5:d4:81:03:73:79:
17:60:70:03:80:b7:da:26:ae:a8:c3:05:df:a3:4e:
ce:1d:9d:21:cc:66:0a:ff:28:62:69:a7:2d:92:6e:
ea:8e:08:62:f0:c2:bf:3d:eb:6e:fe:c0:c3:67:be:
9b:80:a9:9f:72:5b:0c:8a:dc:7e:21:c9:89:93:59:
fd:2b:da:b4:bc:10:63:10:04:90:e8:65:56:0e:a4:
fb:81:e6:d5:6e:5e:a0:e0:5c:97:d4:98:c9:0a:2d:
cf:48:59:9b:43:14:3f:c3:6d:e2:cb:11:dd:dc:43:
77:90:4c:39:5d:41:be:59:00:0d:d5:c1:20:04:c8:
9d:db:c5:8b:bd:13:ba:e1:9a:d2:f0:29:16:fc:e3:
f6:21:b6:58:8e:5a:a0:ae:81:d6:e0:89:27:fc:da:
6f:6b:a0:ef:ea:d4:e4:eb:03:e4:ff:57:35:19:0b:
df:4a:b2:eb:f1:de:5c:fb:e4:12:15:8c:4e:9a:fa:
2b:8d:8b:ea:7d:62:e5:e2:4f:07:ce:3d:d1:aa:ae:
7a:74:3a:74:18:85:30:23:d8:54:82:5e:9c:6c:fc:
2e:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:01:70:5D:02:E3:C4:A7:A8:F2:BE:B7:4F:D0:31:7F:53:13:C5:FE
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/XQFwXQLjxKeo8r63T9Axf1MTxf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
64:24:36:0f:92:ff:8b:19:55:ae:e8:76:73:77:21:b9:8d:db:
80:2a:88:dd:96:b1:08:22:21:36:d6:77:dd:d3:76:b3:67:4c:
da:d0:0d:88:e4:4c:53:9b:cf:f8:2f:1c:a1:53:a5:bf:c8:82:
94:f8:48:67:9f:11:8c:55:c6:5c:96:dc:a9:12:5c:cf:1e:81:
cf:0d:3e:d2:fd:3c:c9:62:7d:bf:58:bc:83:90:3f:a1:0d:13:
7c:f1:e1:b1:e4:11:4e:c0:ce:76:74:56:dc:51:94:c0:0c:7e:
97:c9:80:92:42:c1:83:bd:58:84:cf:9f:b9:cb:fc:a4:61:a1:
a3:2c:e7:7d:d2:b2:b0:15:21:5f:ad:65:55:b6:03:e9:eb:a7:
b8:38:f0:47:0e:22:08:79:98:40:30:f6:1b:f8:05:20:63:fb:
a6:a4:53:b9:26:22:f8:46:7c:82:e5:87:7c:cf:e2:c5:bd:74:
80:d0:09:4d:f6:88:9a:18:35:38:28:19:1d:72:68:f0:02:80:
ab:f5:a7:1c:e3:43:42:48:39:4b:87:23:02:fa:9a:ad:2f:9a:
4c:c7:5e:c6:1a:82:ca:f3:36:3c:21:cd:6a:36:e2:59:99:f6:
4f:4a:14:0e:ad:9e:ce:b0:3f:e4:7c:6e:d1:0a:7b:42:8a:ea:
1e:7b:10:45
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNsF1oJYrWWlyDdJruBihLsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMTI3MDUyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDAxNzA1ZDAyZTNjNGE3YThmMmJlYjc0ZmQwMzE3ZjUzMTNjNWZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqENskOVy41CxCAl+9z1PBnlk/rqK
k8xWKXuzgZAKU4VSr7G0j8i11IEDc3kXYHADgLfaJq6owwXfo07OHZ0hzGYK/yhi
aactkm7qjghi8MK/Petu/sDDZ76bgKmfclsMitx+IcmJk1n9K9q0vBBjEASQ6GVW
DqT7gebVbl6g4FyX1JjJCi3PSFmbQxQ/w23iyxHd3EN3kEw5XUG+WQAN1cEgBMid
28WLvRO64ZrS8CkW/OP2IbZYjlqgroHW4Ikn/Npva6Dv6tTk6wPk/1c1GQvfSrLr
8d5c++QSFYxOmvorjYvqfWLl4k8Hzj3Rqq56dDp0GIUwI9hUgl6cbPwuKwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFF0BcF0C48SnqPK+t0/QMX9TE8X+MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvWFFGd1hRTGp4S2VvOHI2M1Q5QXhmMU1UeGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDWfnAAwQB
WfnOAwQE1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQBkJDYPkv+LGVWu6HZzdyG5jduA
KojdlrEIIiE21nfd03azZ0za0A2I5ExTm8/4LxyhU6W/yIKU+EhnnxGMVcZcltyp
ElzPHoHPDT7S/TzJYn2/WLyDkD+hDRN88eGx5BFOwM52dFbcUZTADH6XyYCSQsGD
vViEz5+5y/ykYaGjLOd90rKwFSFfrWVVtgPp66e4OPBHDiIIeZhAMPYb+AUgY/um
pFO5JiL4RnyC5Yd8z+LFvXSA0AlN9oiaGDU4KBkdcmjwAoCr9acc40NCSDlLhyMC
+pqtL5pMx17GGoLK8zY8Ic1qNuJZmfZPShQOrZ7OsD/kfG7RCntCiuoeexBF
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:27 2025 by rpki-client