Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/_fSAgGttKO8QC0AEnIlwUrYoEhs.roa
File: _fSAgGttKO8QC0AEnIlwUrYoEhs.roa (raw, json)
Hash identifier: w2QZnaZUC9+31WHgEtLhgOTcl1aT/BgdfEGYwdpNo9w=
Subject key identifier: FD:F4:80:80:6B:6D:28:EF:10:0B:40:04:9C:89:70:52:B6:28:12:1B
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01914C263CDB88CAF55BF5DA9052A7651487
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/_fSAgGttKO8QC0AEnIlwUrYoEhs.roa
Signing time: Tue 13 Aug 2024 14:30:59 +0000
ROA not before: Tue 13 Aug 2024 14:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397086
IP address blocks: 89.249.196.0/24 maxlen: 24
89.249.197.0/24 maxlen: 24
89.249.198.0/24 maxlen: 24
212.42.197.0/24 maxlen: 24
212.42.198.0/24 maxlen: 24
212.42.201.0/24 maxlen: 24
212.42.202.0/24 maxlen: 24
212.42.204.0/24 maxlen: 24
212.42.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Oct 2024 10:37:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:26:3c:db:88:ca:f5:5b:f5:da:90:52:a7:65:14:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Aug 13 14:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fdf480806b6d28ef100b40049c897052b628121b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:e4:74:1d:f2:14:29:ec:20:5d:57:07:e8:3b:
4d:d5:79:8a:e7:3c:30:c8:e5:16:20:ca:f9:d5:6b:
f1:12:21:de:fa:d7:b5:37:4e:29:ee:7b:e2:81:0e:
0c:a7:60:43:2f:d3:e4:2f:f4:8f:3f:22:3b:50:37:
48:09:3e:94:d8:42:a4:61:c1:d7:61:96:14:50:43:
a1:91:24:ca:e3:0b:49:38:70:8b:48:f5:0a:74:e6:
19:56:44:46:db:c7:ca:34:bf:94:bd:2e:83:97:52:
83:36:41:4e:7b:be:28:33:12:e2:e8:4d:99:73:23:
1b:8a:17:fd:51:fd:12:26:57:aa:0d:39:0e:cd:39:
0a:79:11:03:6d:a4:12:e4:ac:7b:15:fc:dc:03:e8:
eb:0b:7b:c1:f8:32:4e:b9:e2:0d:66:16:e8:30:66:
58:56:d0:04:41:3f:3b:54:d7:f4:1b:83:be:60:5c:
59:e2:65:a2:b6:e0:8a:38:0d:41:84:f3:c3:8a:f7:
4d:3a:ae:77:93:2e:2c:49:f5:f6:3b:dd:ff:25:e7:
b6:4d:09:5e:9a:28:1a:02:6f:8a:12:23:49:2a:bf:
ce:c2:86:e6:c1:a7:0d:b1:45:94:0a:7c:35:b6:08:
eb:de:e4:49:25:34:c6:ba:f5:14:11:6f:e4:9a:1f:
5c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:F4:80:80:6B:6D:28:EF:10:0B:40:04:9C:89:70:52:B6:28:12:1B
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/_fSAgGttKO8QC0AEnIlwUrYoEhs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.196.0-89.249.198.255
212.42.197.0-212.42.198.255
212.42.201.0-212.42.202.255
212.42.204.0/23
Signature Algorithm: sha256WithRSAEncryption
b7:72:fd:ac:83:8b:1b:3c:1b:63:49:b5:b7:4d:a6:e8:a1:ee:
85:a0:51:b2:44:8e:cd:4c:e3:3c:e7:2f:5d:4a:6b:fa:63:ea:
c1:3d:60:d1:e8:b9:f8:ca:e4:68:56:cd:a8:ba:ef:25:b9:5c:
a6:28:c0:14:01:e7:3a:9d:db:50:cd:19:7c:70:d7:d8:35:6c:
99:77:66:38:46:5b:57:17:59:cc:a8:8c:23:48:d7:e4:53:ab:
c2:97:9f:9a:4f:26:8c:51:9f:5f:94:c5:bc:79:4d:3e:b1:0a:
79:09:ea:0d:a1:43:90:bd:95:09:80:87:70:08:99:36:7f:b0:
b8:53:8d:03:16:82:47:15:e8:9a:c7:a5:17:ad:5a:0f:2a:f9:
07:f5:31:09:c5:4c:37:a0:87:c3:58:bd:b8:1e:71:b9:23:ea:
ce:dd:4c:10:72:e1:6f:db:6c:a3:d1:a5:45:ce:fa:2f:c1:04:
98:78:84:56:c8:40:5a:7e:34:9b:a5:94:70:73:c8:d3:36:39:
4c:05:86:30:02:82:6c:90:5e:8d:34:34:b6:99:aa:65:50:5c:
9d:d1:79:c1:7a:d6:aa:d4:8b:c1:9c:29:20:9a:a1:72:92:3c:
be:a9:d9:08:d2:a2:ff:ce:e6:32:86:de:79:ab:64:7d:da:58:
13:5a:59:6a
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZFMJjzbiMr1W/XakFKnZRSHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwODEzMTQzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZGY0ODA4MDZiNmQyOGVmMTAwYjQwMDQ5Yzg5NzA1MmI2MjgxMjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyOR0HfIUKewgXVcH6DtN1XmK5zww
yOUWIMr51WvxEiHe+te1N04p7nvigQ4Mp2BDL9PkL/SPPyI7UDdICT6U2EKkYcHX
YZYUUEOhkSTK4wtJOHCLSPUKdOYZVkRG28fKNL+UvS6Dl1KDNkFOe74oMxLi6E2Z
cyMbihf9Uf0SJleqDTkOzTkKeREDbaQS5Kx7FfzcA+jrC3vB+DJOueINZhboMGZY
VtAEQT87VNf0G4O+YFxZ4mWituCKOA1BhPPDivdNOq53ky4sSfX2O93/Jee2TQle
migaAm+KEiNJKr/OwobmwacNsUWUCnw1tgjr3uRJJTTGuvUUEW/kmh9cWwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFP30gIBrbSjvEAtABJyJcFK2KBIbMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvX2ZTQWdHdHRLTzhRQzBBRW5JbHdVcllvRWhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwMAwDBAJZ+cQD
BABZ+cYwDAMEANQqxQMEANQqxjAMAwQA1CrJAwQA1CrKAwQB1CrMMA0GCSqGSIb3
DQEBCwUAA4IBAQC3cv2sg4sbPBtjSbW3Tabooe6FoFGyRI7NTOM85y9dSmv6Y+rB
PWDR6Ln4yuRoVs2ouu8luVymKMAUAec6ndtQzRl8cNfYNWyZd2Y4RltXF1nMqIwj
SNfkU6vCl5+aTyaMUZ9flMW8eU0+sQp5CeoNoUOQvZUJgIdwCJk2f7C4U40DFoJH
Feiax6UXrVoPKvkH9TEJxUw3oIfDWL24HnG5I+rO3UwQcuFv22yj0aVFzvovwQSY
eIRWyEBafjSbpZRwc8jTNjlMBYYwAoJskF6NNDS2maplUFyd0XnBetaq1IvBnCkg
mqFykjy+qdkI0qL/zuYyht55q2R92lgTWllq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:09 2025 by rpki-client