Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/rutisCns8fT8ioXWlnzUzRpeGjs.roa
File: rutisCns8fT8ioXWlnzUzRpeGjs.roa (raw, json)
Hash identifier: IWu29/q65/QFvDvTcPtpnBZf5uGNsYCF3aW8I3sMwJ0=
Subject key identifier: AE:EB:62:B0:29:EC:F1:F4:FC:8A:85:D6:96:7C:D4:CD:1A:5E:1A:3B
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018FAC3EB86FCB68A42AEC06C25E50C48842
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/rutisCns8fT8ioXWlnzUzRpeGjs.roa
Signing time: Fri 24 May 2024 20:15:42 +0000
ROA not before: Fri 24 May 2024 20:15:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 16:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ac:3e:b8:6f:cb:68:a4:2a:ec:06:c2:5e:50:c4:88:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: May 24 20:15:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aeeb62b029ecf1f4fc8a85d6967cd4cd1a5e1a3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f1:43:ed:e2:29:1b:59:7a:11:07:47:db:df:
bc:cf:1f:7d:b0:11:5d:b5:35:e6:08:e2:00:d9:1c:
d0:ba:15:7e:ef:32:bf:02:35:57:fe:d1:45:ae:4e:
8f:63:9c:06:6b:7f:de:f3:2f:11:a6:37:16:b6:78:
78:13:1d:f0:69:0c:57:88:84:98:4d:7b:5d:02:f0:
20:28:88:6a:cb:be:d8:27:b4:a0:c4:ab:9d:35:3c:
c8:ef:1b:f3:90:03:9d:29:e0:01:3e:b5:51:43:cc:
ff:09:b7:03:47:fb:1c:63:32:cf:91:0b:96:bf:9f:
78:ba:a7:4d:4d:d7:0f:3a:dd:0a:fc:a3:6b:c4:75:
cc:ee:37:ef:9b:37:08:3e:06:15:41:f6:f3:bc:08:
d4:2c:28:08:b5:2c:f1:d2:c4:29:e6:bb:07:47:c8:
37:bd:d9:42:c1:f1:fc:ce:de:89:96:71:0e:00:28:
25:62:1b:ff:d3:d0:fd:c6:eb:6b:7c:70:9d:07:3c:
e1:09:24:4c:59:e0:07:d7:82:21:27:35:8d:46:d0:
fb:cf:9a:6c:12:b9:35:3d:77:07:0b:a8:df:9f:12:
cd:29:e9:6b:9d:4c:90:6a:5c:4b:a6:24:70:85:76:
20:7d:85:fa:06:90:bf:3f:7c:6c:41:c9:c6:a6:88:
4e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:EB:62:B0:29:EC:F1:F4:FC:8A:85:D6:96:7C:D4:CD:1A:5E:1A:3B
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/rutisCns8fT8ioXWlnzUzRpeGjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
55:11:79:e5:1a:b9:d2:1e:59:db:e0:bb:e7:8f:76:fe:45:41:
90:d5:cd:e7:c1:32:29:3b:2a:70:22:f8:63:e2:c3:6d:89:dc:
99:d0:63:9a:b9:2a:04:5c:5e:58:27:df:97:e7:d3:e1:2f:2c:
6d:bf:9d:67:c2:61:44:e0:49:32:f1:8a:ad:77:08:9b:72:f1:
14:cb:81:59:b0:12:9e:f5:5a:79:5f:c8:6c:d2:f3:87:e7:f6:
40:51:9f:3a:f0:c5:eb:fb:46:e0:59:41:94:cf:27:5c:1f:3e:
a2:dd:40:58:49:94:b5:df:fd:8a:dc:b0:9a:8b:5d:c2:dc:aa:
d2:2c:de:3e:28:23:0c:16:69:25:ba:6e:ec:8d:85:a6:50:59:
81:37:43:ae:90:ff:a9:58:40:92:a3:eb:06:d1:1e:29:c0:75:
dc:49:f9:c5:2a:83:30:c0:99:2b:1f:49:a1:e7:6d:a4:28:e1:
8c:8f:ef:60:09:17:73:aa:13:d5:33:e0:73:38:eb:f7:cf:bd:
d9:f3:31:12:c8:e8:6a:0b:db:93:ca:7b:fa:a6:d0:50:6d:bf:
93:9a:ef:09:88:88:30:86:4b:04:ea:8b:d0:fc:e0:1f:00:bc:
8b:8e:48:6a:ff:dd:07:d6:bb:ef:ff:da:40:64:9e:5a:b0:ba:
fc:ad:c6:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+sPrhvy2ikKuwGwl5QxIhCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNTI0MjAxNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWViNjJiMDI5ZWNmMWY0ZmM4YTg1ZDY5NjdjZDRjZDFhNWUxYTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3vFD7eIpG1l6EQdH29+8zx99sBFd
tTXmCOIA2RzQuhV+7zK/AjVX/tFFrk6PY5wGa3/e8y8RpjcWtnh4Ex3waQxXiISY
TXtdAvAgKIhqy77YJ7SgxKudNTzI7xvzkAOdKeABPrVRQ8z/CbcDR/scYzLPkQuW
v594uqdNTdcPOt0K/KNrxHXM7jfvmzcIPgYVQfbzvAjULCgItSzx0sQp5rsHR8g3
vdlCwfH8zt6JlnEOACglYhv/09D9xutrfHCdBzzhCSRMWeAH14IhJzWNRtD7z5ps
Erk1PXcHC6jfnxLNKelrnUyQalxLpiRwhXYgfYX6BpC/P3xsQcnGpohOMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK7rYrAp7PH0/IqF1pZ81M0aXho7MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvcnV0aXNDbnM4ZlQ4aW9YV2xuelV6UnBlR2pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfnOAwQE
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQBVEXnlGrnSHlnb4Lvnj3b+RUGQ1c3nwTIp
OypwIvhj4sNtidyZ0GOauSoEXF5YJ9+X59PhLyxtv51nwmFE4Eky8YqtdwibcvEU
y4FZsBKe9Vp5X8hs0vOH5/ZAUZ868MXr+0bgWUGUzydcHz6i3UBYSZS13/2K3LCa
i13C3KrSLN4+KCMMFmklum7sjYWmUFmBN0OukP+pWECSo+sG0R4pwHXcSfnFKoMw
wJkrH0mh522kKOGMj+9gCRdzqhPVM+BzOOv3z73Z8zESyOhqC9uTynv6ptBQbb+T
mu8JiIgwhksE6ovQ/OAfALyLjkhq/90H1rvv/9pAZJ5asLr8rcap
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:19 2025 by rpki-client