Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/f_EAZ4jjl_ze66UYZWPknyPORKI.roa
File: f_EAZ4jjl_ze66UYZWPknyPORKI.roa (raw, json)
Hash identifier: 4Ldcz6C6at0Qh58wVnbqY8MwtVZ9v8Yhzr9eLjV1oFA=
Subject key identifier: 7F:F1:00:67:88:E3:97:FC:DE:EB:A5:18:65:63:E4:9F:23:CE:44:A2
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FBC502ED6CB51A1B746BF9507BAD385C0
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/f_EAZ4jjl_ze66UYZWPknyPORKI.roa
Signing time: Mon 27 May 2024 23:08:42 +0000
ROA not before: Mon 27 May 2024 23:08:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 400866
IP address blocks: 89.249.207.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 Aug 2024 06:57:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bc:50:2e:d6:cb:51:a1:b7:46:bf:95:07:ba:d3:85:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: May 27 23:08:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ff1006788e397fcdeeba5186563e49f23ce44a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:dd:04:d0:13:8a:3d:c9:8a:6d:b8:fc:7f:af:
d7:fb:d9:55:de:4e:62:01:3e:9c:f4:49:db:b5:e4:
8a:8e:27:90:09:9f:03:55:e0:56:eb:32:aa:43:95:
da:4e:6f:24:c2:08:5b:75:8d:69:a9:f6:db:1d:07:
73:89:96:05:42:70:00:29:ff:d7:71:d2:01:97:98:
ee:c1:b8:ab:80:b9:bc:2c:70:b1:bd:8a:3e:6f:ee:
75:17:cf:74:dd:af:2a:70:89:11:06:4e:92:78:68:
5f:70:2d:dc:53:a4:b5:76:22:9e:c7:19:3e:69:57:
0e:a6:f3:c6:ac:d1:4f:21:60:31:6b:6f:02:cb:31:
09:22:e5:33:db:6a:d5:4e:dd:38:0e:62:8a:bb:8c:
5d:45:14:18:46:74:ab:55:5e:b4:6a:26:38:34:52:
39:14:79:13:99:72:c4:97:ea:76:74:58:81:cb:32:
f5:2a:37:6c:39:46:81:3b:d3:92:b4:14:96:20:ae:
2d:71:5a:37:99:ad:06:de:32:91:0a:4b:fe:5f:fe:
07:be:21:9d:52:ed:ab:34:8c:db:f1:4c:4c:b2:05:
41:62:45:2f:40:78:7f:d8:49:2d:c1:94:c1:f1:c4:
39:6d:75:1a:24:71:3d:67:5e:2f:44:49:06:b3:c4:
83:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:F1:00:67:88:E3:97:FC:DE:EB:A5:18:65:63:E4:9F:23:CE:44:A2
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/f_EAZ4jjl_ze66UYZWPknyPORKI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.207.0/24
Signature Algorithm: sha256WithRSAEncryption
97:51:35:7d:32:74:7c:f4:8b:ed:71:f1:e9:a7:14:48:21:7c:
0b:a0:11:6f:e0:88:26:8e:2d:20:00:ce:ad:df:1a:1f:ef:c7:
4c:db:46:47:d3:fe:0a:9f:c1:57:8b:f4:b2:92:0d:45:b8:4b:
62:3d:23:46:0a:7c:72:2b:0a:2d:a5:b5:94:e2:4d:2a:c0:49:
b1:ec:94:23:a8:63:97:82:b4:54:c0:93:b4:7c:b8:f5:85:e8:
51:cf:2b:82:79:72:51:fb:95:1b:17:27:33:40:89:78:3a:2c:
a0:db:58:36:05:7a:05:5e:ad:0d:cf:6a:20:03:d2:ce:38:80:
e3:e2:e0:3d:76:53:ac:7c:1e:13:82:ca:53:fc:36:9d:6f:fb:
78:57:1a:f1:17:22:9b:62:d8:ac:59:cf:a9:08:c4:e7:7c:bf:
32:c4:7b:c9:a7:00:e7:cd:1b:00:ab:36:f0:b8:d1:65:cb:6a:
1b:31:d1:c5:5c:f2:a3:1d:fe:e6:02:1b:c1:eb:4c:47:30:cc:
8c:cf:b7:71:3a:a7:be:50:91:eb:10:23:49:91:f2:69:7c:77:
e2:a4:57:57:25:b4:03:30:3c:6d:b5:e8:7f:c4:72:a2:5b:b8:
45:3e:6b:b3:11:6f:99:c8:7d:8e:24:71:6a:ee:ff:c2:6b:0e:
30:ac:26:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+8UC7Wy1Ght0a/lQe604XAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNTI3MjMwODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmYxMDA2Nzg4ZTM5N2ZjZGVlYmE1MTg2NTYzZTQ5ZjIzY2U0NGEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1N0E0BOKPcmKbbj8f6/X+9lV3k5i
AT6c9EnbteSKjieQCZ8DVeBW6zKqQ5XaTm8kwghbdY1pqfbbHQdziZYFQnAAKf/X
cdIBl5juwbirgLm8LHCxvYo+b+51F8903a8qcIkRBk6SeGhfcC3cU6S1diKexxk+
aVcOpvPGrNFPIWAxa28CyzEJIuUz22rVTt04DmKKu4xdRRQYRnSrVV60aiY4NFI5
FHkTmXLEl+p2dFiByzL1KjdsOUaBO9OStBSWIK4tcVo3ma0G3jKRCkv+X/4HviGd
Uu2rNIzb8UxMsgVBYkUvQHh/2EktwZTB8cQ5bXUaJHE9Z14vREkGs8SDvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFH/xAGeI45f83uulGGVj5J8jzkSiMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvZl9FQVo0ampsX3plNjZVWVpXUGtueVBPUktJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnPMA0G
CSqGSIb3DQEBCwUAA4IBAQCXUTV9MnR89IvtcfHppxRIIXwLoBFv4Igmji0gAM6t
3xof78dM20ZH0/4Kn8FXi/Sykg1FuEtiPSNGCnxyKwotpbWU4k0qwEmx7JQjqGOX
grRUwJO0fLj1hehRzyuCeXJR+5UbFyczQIl4Oiyg21g2BXoFXq0Nz2ogA9LOOIDj
4uA9dlOsfB4TgspT/Dadb/t4VxrxFyKbYtisWc+pCMTnfL8yxHvJpwDnzRsAqzbw
uNFly2obMdHFXPKjHf7mAhvB60xHMMyMz7dxOqe+UJHrECNJkfJpfHfipFdXJbQD
MDxtteh/xHKiW7hFPmuzEW+ZyH2OJHFq7v/Caw4wrCau
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:56:38 2025 by rpki-client