Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/bO9V03-pN9KMOjdywMPZknIqyP8.roa
File: bO9V03-pN9KMOjdywMPZknIqyP8.roa (raw, json)
Hash identifier: 2iOZWwVhD9/7OqsJB4CeDHlDnnw2plabm0qP99aluwY=
Subject key identifier: 6C:EF:55:D3:7F:A9:37:D2:8C:3A:37:72:C0:C3:D9:92:72:2A:C8:FF
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D3EADC3A8151D511C4DBA3ECF9D1E83B7
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/bO9V03-pN9KMOjdywMPZknIqyP8.roa
Signing time: Thu 25 Jan 2024 03:33:11 +0000
ROA not before: Thu 25 Jan 2024 03:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.200.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sat 27 Jan 2024 11:27:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3e:ad:c3:a8:15:1d:51:1c:4d:ba:3e:cf:9d:1e:83:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 25 03:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cef55d37fa937d28c3a3772c0c3d992722ac8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:80:d3:30:3b:89:50:70:8a:e3:8f:36:3a:23:
c3:69:93:75:38:e1:86:d7:d3:36:32:5b:87:15:a3:
75:26:13:4e:ff:64:59:74:d1:7f:6d:79:1c:e1:12:
ca:b7:09:2c:bd:d6:0e:be:62:2f:6d:13:99:e9:03:
3d:7a:1f:7c:85:5e:4e:55:99:ae:b4:fb:a8:ba:1e:
d4:f7:d1:82:12:cd:1c:fa:cd:a1:9d:59:b2:09:9c:
9d:7e:0f:33:20:c6:8a:a7:0c:42:1b:af:82:56:f0:
c7:50:e1:71:95:54:c0:74:19:30:b7:12:ee:4d:e3:
f8:4c:2b:69:5f:e7:5a:72:88:12:53:46:62:dc:9b:
28:07:40:75:8b:5f:93:eb:cf:ef:99:af:a4:de:5e:
1c:c2:5c:74:69:66:55:86:3c:46:1f:12:da:85:50:
cb:c8:ee:14:bc:33:6b:f0:bf:5b:eb:56:0b:77:8e:
af:99:89:10:c2:3f:ff:dd:73:a1:a7:15:ce:b4:32:
86:a1:a5:1d:03:af:2d:5d:be:02:a6:1c:9d:da:e5:
61:a0:7a:a4:3f:6f:61:2e:dc:52:41:7f:cd:f8:4c:
f3:68:cc:a0:d1:ed:2d:4f:49:d0:a1:b4:4e:75:28:
86:00:5d:28:41:ee:fb:2f:be:1f:6d:a8:f3:86:89:
9f:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:EF:55:D3:7F:A9:37:D2:8C:3A:37:72:C0:C3:D9:92:72:2A:C8:FF
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/bO9V03-pN9KMOjdywMPZknIqyP8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0-89.249.201.255
Signature Algorithm: sha256WithRSAEncryption
37:25:c1:68:ae:67:d6:59:6c:f1:50:7d:0a:26:6b:ca:0a:67:
6c:f9:59:2f:99:d6:bb:27:fa:6d:5d:f1:e3:c3:d4:9f:c7:77:
33:79:dd:2e:67:f1:01:78:38:69:1a:68:43:26:39:4d:60:49:
a9:92:b8:64:e6:ea:23:5c:10:6c:90:6b:dd:56:8e:7a:d9:04:
6a:71:b7:8a:91:25:a0:30:77:e1:f0:aa:a5:40:64:cc:e4:25:
16:1a:73:7a:91:5b:02:72:32:58:31:ba:56:99:cb:60:e9:e2:
f8:9b:bc:48:71:62:8f:70:87:63:e9:95:75:94:c4:48:5c:e3:
49:a5:38:b1:6b:43:b3:07:ce:14:c0:6a:53:47:93:16:16:30:
8b:79:e8:98:54:0d:46:18:13:d5:97:11:84:e2:10:ab:3f:b4:
ee:83:e4:af:a7:bf:96:7b:27:74:50:f7:d8:2e:2a:ae:b1:50:
73:51:64:9b:b9:1e:48:ac:59:01:23:df:19:35:de:f2:a8:78:
dd:b2:2f:3a:21:5c:89:50:76:62:4d:ec:b1:48:3a:91:30:c0:
53:03:f1:b7:55:4f:a7:64:44:a1:aa:99:56:dc:2b:8c:39:a2:
d3:fa:23:48:43:9d:7a:bd:cd:a7:73:82:09:75:0f:91:68:eb:
78:be:18:90
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY0+rcOoFR1RHE26Ps+dHoO3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTI1MDMzMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2VmNTVkMzdmYTkzN2QyOGMzYTM3NzJjMGMzZDk5MjcyMmFjOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYDTMDuJUHCK4482OiPDaZN1OOGG
19M2MluHFaN1JhNO/2RZdNF/bXkc4RLKtwksvdYOvmIvbROZ6QM9eh98hV5OVZmu
tPuouh7U99GCEs0c+s2hnVmyCZydfg8zIMaKpwxCG6+CVvDHUOFxlVTAdBkwtxLu
TeP4TCtpX+dacogSU0Zi3JsoB0B1i1+T68/vma+k3l4cwlx0aWZVhjxGHxLahVDL
yO4UvDNr8L9b61YLd46vmYkQwj//3XOhpxXOtDKGoaUdA68tXb4Cphyd2uVhoHqk
P29hLtxSQX/N+EzzaMyg0e0tT0nQobROdSiGAF0oQe77L74fbajzhomf8wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGzvVdN/qTfSjDo3csDD2ZJyKsj/MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvYk85VjAzLXBOOUtNT2pkeXdNUFprbklxeVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAZZ+cAD
BAFZ+cgwDQYJKoZIhvcNAQELBQADggEBADclwWiuZ9ZZbPFQfQoma8oKZ2z5WS+Z
1rsn+m1d8ePD1J/HdzN53S5n8QF4OGkaaEMmOU1gSamSuGTm6iNcEGyQa91WjnrZ
BGpxt4qRJaAwd+HwqqVAZMzkJRYac3qRWwJyMlgxulaZy2Dp4vibvEhxYo9wh2Pp
lXWUxEhc40mlOLFrQ7MHzhTAalNHkxYWMIt56JhUDUYYE9WXEYTiEKs/tO6D5K+n
v5Z7J3RQ99guKq6xUHNRZJu5HkisWQEj3xk13vKoeN2yLzohXIlQdmJN7LFIOpEw
wFMD8bdVT6dkRKGqmVbcK4w5otP6I0hDnXq9zadzggl1D5Fo63i+GJA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:04 2025 by rpki-client