Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ksDqoVkOnu4XAKdQVUGZtOT84Gk.roa
File: ksDqoVkOnu4XAKdQVUGZtOT84Gk.roa (raw, json)
Hash identifier: aq8447OoWaD8LRjbGlJ8IN+1AoruE+41dkf6CJ909/4=
Subject key identifier: 92:C0:EA:A1:59:0E:9E:EE:17:00:A7:50:55:41:99:B4:E4:FC:E0:69
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018DE8B9D0F0E21DBFEB4F881054DA87C193
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ksDqoVkOnu4XAKdQVUGZtOT84Gk.roa
Signing time: Tue 27 Feb 2024 04:01:48 +0000
ROA not before: Tue 27 Feb 2024 04:01:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 21
212.42.192.0/20 maxlen: 24
212.42.208.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Feb 2024 04:31:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e8:b9:d0:f0:e2:1d:bf:eb:4f:88:10:54:da:87:c1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 27 04:01:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=92c0eaa1590e9eee1700a750554199b4e4fce069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ad:56:e0:eb:b2:79:da:58:43:17:fc:3d:3b:
fc:94:e9:ce:e4:e0:fe:5a:bf:66:c0:a9:b8:bf:ba:
af:38:5e:cc:bc:09:18:0b:56:ea:d8:2b:8b:24:c6:
04:98:f7:34:96:75:54:d2:81:7d:a4:41:b3:7c:65:
33:2a:76:7a:d7:bb:30:e9:b2:82:cb:05:b1:d8:0e:
20:fe:51:13:3c:fb:d5:e7:b7:ea:27:b9:28:1d:bd:
6a:be:9d:a9:e0:d6:60:02:a9:45:de:ae:7d:04:c2:
04:90:30:b5:55:61:10:4c:e6:48:0c:a9:02:53:1f:
18:3f:c5:52:bd:2e:7f:2b:57:69:d2:e5:36:35:65:
4f:b2:93:89:e5:ca:4c:40:18:9c:e9:54:d0:4d:99:
6a:b0:73:28:a9:ae:a1:c7:d6:81:41:73:ea:0c:6a:
5c:3c:ce:ac:40:f2:3f:5e:3d:cd:65:8b:d0:a1:d1:
37:07:9e:35:0f:2b:4e:9f:88:42:cb:a5:4d:bf:4d:
6c:c5:db:f0:33:9c:95:2b:5d:07:b0:9c:45:7b:37:
3f:a1:4d:e4:92:4a:64:9e:f5:a1:8e:71:ba:73:15:
e0:6f:cf:90:d3:e1:b5:8f:4d:be:3a:05:59:7f:ce:
9d:84:f1:4d:7f:60:05:e9:ac:ed:4e:98:14:08:d7:
f0:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:C0:EA:A1:59:0E:9E:EE:17:00:A7:50:55:41:99:B4:E4:FC:E0:69
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ksDqoVkOnu4XAKdQVUGZtOT84Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
212.42.192.0/19
Signature Algorithm: sha256WithRSAEncryption
b8:17:1e:7e:56:df:15:8a:28:07:eb:03:6b:e2:0e:3a:ef:4c:
4b:8f:5a:47:59:b3:79:1f:41:f4:73:be:3d:4c:70:84:2b:3d:
96:9c:03:7b:5f:2b:72:c6:3d:f9:4f:b3:5d:74:dd:82:6b:c1:
de:fd:e1:a8:0b:7a:c7:ed:40:84:bf:5d:e6:2e:4f:01:0e:f4:
9d:8c:3b:ce:c5:eb:d9:1c:91:d4:45:f6:a7:fb:8f:56:0f:03:
1c:96:24:1a:64:55:5d:8a:b8:6c:e8:d4:92:52:29:b9:dc:27:
f3:4e:ff:df:45:42:c8:1e:03:02:c9:6d:ce:27:27:1a:04:42:
8a:ae:f8:87:c4:e1:04:18:80:17:d4:78:fe:8e:01:51:4d:d2:
1c:32:96:f6:a3:46:da:69:10:b6:a9:05:55:1d:34:62:de:e7:
18:6d:ae:c8:5b:90:52:e9:3b:41:3b:42:4b:83:44:28:75:c9:
fd:f4:23:5b:ec:3e:3f:2c:21:25:bd:5a:e1:63:fe:57:56:c5:
0c:f6:33:b0:0d:c5:b5:9e:25:b1:af:c7:9b:ed:9a:73:34:35:
ca:33:22:1f:40:8d:07:a4:0e:08:7d:0a:aa:c9:7d:bb:b6:a0:
65:07:2c:33:98:8d:8f:0d:bb:00:f0:ff:f9:78:b2:1c:3d:1b:
23:05:fe:76
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY3oudDw4h2/60+IEFTah8GTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjI3MDQwMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmMwZWFhMTU5MGU5ZWVlMTcwMGE3NTA1NTQxOTliNGU0ZmNlMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlK1W4OuyedpYQxf8PTv8lOnO5OD+
Wr9mwKm4v7qvOF7MvAkYC1bq2CuLJMYEmPc0lnVU0oF9pEGzfGUzKnZ617sw6bKC
ywWx2A4g/lETPPvV57fqJ7koHb1qvp2p4NZgAqlF3q59BMIEkDC1VWEQTOZIDKkC
Ux8YP8VSvS5/K1dp0uU2NWVPspOJ5cpMQBic6VTQTZlqsHMoqa6hx9aBQXPqDGpc
PM6sQPI/Xj3NZYvQodE3B541DytOn4hCy6VNv01sxdvwM5yVK10HsJxFezc/oU3k
kkpknvWhjnG6cxXgb8+Q0+G1j02+OgVZf86dhPFNf2AF6aztTpgUCNfw3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJLA6qFZDp7uFwCnUFVBmbTk/OBpMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEva3NEcW9Wa09udTRYQUtkUVZVR1p0T1Q4NEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWfnAAwQF
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQC4Fx5+Vt8ViigH6wNr4g4670xLj1pHWbN5
H0H0c749THCEKz2WnAN7Xytyxj35T7NddN2Ca8He/eGoC3rH7UCEv13mLk8BDvSd
jDvOxevZHJHURfan+49WDwMcliQaZFVdirhs6NSSUim53CfzTv/fRULIHgMCyW3O
JycaBEKKrviHxOEEGIAX1Hj+jgFRTdIcMpb2o0baaRC2qQVVHTRi3ucYba7IW5BS
6TtBO0JLg0Qodcn99CNb7D4/LCElvVrhY/5XVsUM9jOwDcW1niWxr8eb7ZpzNDXK
MyIfQI0HpA4IfQqqyX27tqBlBywzmI2PDbsA8P/5eLIcPRsjBf52
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:58:19 2025 by rpki-client