Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ars-8HRKY8OMJqsUlGkAXa9hxF0.roa
File: ars-8HRKY8OMJqsUlGkAXa9hxF0.roa (raw, json)
Hash identifier: AjkYsUEn9K/WlXmh5g0QoOlUdk3b6AAoZWqwWt4X/e0=
Subject key identifier: 6A:BB:3E:F0:74:4A:63:C3:8C:26:AB:14:94:69:00:5D:AF:61:C4:5D
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 019053CBF7E37E9B7EFD02725733240191E5
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ars-8HRKY8OMJqsUlGkAXa9hxF0.roa
Signing time: Wed 26 Jun 2024 09:06:34 +0000
ROA not before: Wed 26 Jun 2024 09:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.201.0/24 maxlen: 24
89.249.204.0/24 maxlen: 24
89.249.206.0/23 maxlen: 24
Validation: Failed, certificate revoked on Fri 28 Jun 2024 00:02:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:53:cb:f7:e3:7e:9b:7e:fd:02:72:57:33:24:01:91:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jun 26 09:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6abb3ef0744a63c38c26ab149469005daf61c45d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:2a:c9:e3:3b:1a:41:d2:cd:61:34:03:67:57:
26:4a:9a:e1:e9:4b:8d:aa:08:db:6d:4f:4a:fa:1b:
53:d4:6e:f5:7b:e3:4f:d8:2c:35:e2:57:2e:13:db:
ec:7d:4e:80:bb:79:b9:3d:b9:fa:57:61:5c:75:34:
ca:6a:95:cb:7c:68:90:f4:e5:d3:63:cd:a9:27:63:
4a:ae:e4:7d:9c:e3:33:fc:67:bd:cb:f8:12:23:46:
2f:41:70:d7:6e:0e:96:b4:34:c5:22:cb:21:24:4f:
3f:2b:51:ed:87:27:08:95:b6:e8:ea:be:74:9d:0f:
6f:76:dd:96:bb:a6:fc:bc:fb:d6:48:2e:71:d9:f0:
d2:f4:24:85:9c:09:39:02:06:6d:44:a7:8f:0f:f2:
84:4a:6b:0b:66:64:4d:f4:1b:82:aa:dd:56:92:ff:
4c:fe:f3:3f:4b:91:5c:50:67:cc:76:8c:30:0f:41:
19:13:59:71:91:db:18:a4:ea:1d:29:d1:7e:88:09:
67:e6:b8:55:f2:ef:f7:b8:06:47:4e:61:2e:2d:02:
96:4a:54:85:6f:93:d5:50:f5:63:d0:4b:c4:d9:16:
b3:5b:aa:5c:ce:a6:cc:44:75:a9:a1:df:28:ed:a7:
4c:74:8d:44:30:53:02:6e:36:df:bc:9a:68:a1:8e:
6c:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:BB:3E:F0:74:4A:63:C3:8C:26:AB:14:94:69:00:5D:AF:61:C4:5D
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ars-8HRKY8OMJqsUlGkAXa9hxF0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
89.249.204.0/24
89.249.206.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:5b:66:43:1d:5e:b5:7a:ec:17:27:d2:f3:44:8d:33:1d:6d:
46:54:3d:b3:fc:b7:74:5a:75:ba:8a:bb:f5:09:b5:96:3a:2c:
65:a3:28:b3:2a:eb:c0:81:52:0b:01:08:aa:b9:05:ca:a7:d9:
61:cb:46:63:53:e3:11:30:cc:bb:fe:3a:9b:c4:60:e2:11:84:
24:f1:0f:d1:d4:45:e6:07:28:d3:93:56:3d:92:67:b0:f2:47:
3f:56:17:dc:db:20:a4:cb:af:b0:db:a1:31:15:43:98:2b:16:
1a:98:01:4e:50:b2:e8:f1:9f:28:23:34:6e:0f:81:69:95:90:
50:6a:e4:8b:bf:b8:9a:4d:e1:2a:95:3b:8a:e6:87:e5:bd:70:
49:16:33:72:53:d1:1b:cc:fe:68:34:1c:55:d0:7f:22:43:92:
9e:bd:4a:4f:6d:4a:98:00:1a:f1:7d:86:ad:c1:bd:61:5c:57:
4f:4a:3e:32:4e:ff:a3:1a:8f:5f:f8:e4:2e:45:f4:a4:a1:39:
64:2d:45:e5:48:3a:f1:7e:59:45:e7:79:a6:5b:2c:e8:d5:ff:
da:f8:d3:67:02:24:ee:b5:d2:1d:f1:ab:ad:aa:63:68:4f:6e:
a8:b3:11:82:dd:53:c6:fa:76:85:86:20:3b:2a:d2:25:40:91:
15:54:84:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBTy/fjfpt+/QJyVzMkAZHlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNjI2MDkwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWJiM2VmMDc0NGE2M2MzOGMyNmFiMTQ5NDY5MDA1ZGFmNjFjNDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyirJ4zsaQdLNYTQDZ1cmSprh6UuN
qgjbbU9K+htT1G71e+NP2Cw14lcuE9vsfU6Au3m5Pbn6V2FcdTTKapXLfGiQ9OXT
Y82pJ2NKruR9nOMz/Ge9y/gSI0YvQXDXbg6WtDTFIsshJE8/K1HthycIlbbo6r50
nQ9vdt2Wu6b8vPvWSC5x2fDS9CSFnAk5AgZtRKePD/KESmsLZmRN9BuCqt1Wkv9M
/vM/S5FcUGfMdowwD0EZE1lxkdsYpOodKdF+iAln5rhV8u/3uAZHTmEuLQKWSlSF
b5PVUPVj0EvE2RazW6pczqbMRHWpod8o7adMdI1EMFMCbjbfvJpooY5shwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGq7PvB0SmPDjCarFJRpAF2vYcRdMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvYXJzLThIUktZOE9NSnFzVWxHa0FYYTloeEYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfnJAwQA
WfnMAwQBWfnOMA0GCSqGSIb3DQEBCwUAA4IBAQCKW2ZDHV61euwXJ9LzRI0zHW1G
VD2z/Ld0WnW6irv1CbWWOixloyizKuvAgVILAQiquQXKp9lhy0ZjU+MRMMy7/jqb
xGDiEYQk8Q/R1EXmByjTk1Y9kmew8kc/Vhfc2yCky6+w26ExFUOYKxYamAFOULLo
8Z8oIzRuD4FplZBQauSLv7iaTeEqlTuK5oflvXBJFjNyU9EbzP5oNBxV0H8iQ5Ke
vUpPbUqYABrxfYatwb1hXFdPSj4yTv+jGo9f+OQuRfSkoTlkLUXlSDrxfllF53mm
Wyzo1f/a+NNnAiTutdId8autqmNoT26osxGC3VPG+naFhiA7KtIlQJEVVIQW
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:30 2025 by rpki-client