Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/tqMlCmSYSwt3-b0BLnXtLNN3srg.roa
File: tqMlCmSYSwt3-b0BLnXtLNN3srg.roa (raw, json)
Hash identifier: pWH/Cz1zIFPQ3mVAzQ+i6GlUFIryl9C/7f2cpSX3ShM=
Subject key identifier: B6:A3:25:0A:64:98:4B:0B:77:F9:BD:01:2E:75:ED:2C:D3:77:B2:B8
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0190EA846AA4BCDCF571D72B091A7EFF567E
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/tqMlCmSYSwt3-b0BLnXtLNN3srg.roa
Signing time: Thu 25 Jul 2024 15:31:04 +0000
ROA not before: Thu 25 Jul 2024 15:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 00:04:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ea:84:6a:a4:bc:dc:f5:71:d7:2b:09:1a:7e:ff:56:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jul 25 15:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6a3250a64984b0b77f9bd012e75ed2cd377b2b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:21:e8:96:77:4f:f3:32:3e:fb:d1:8f:47:e2:
37:26:50:f2:4d:24:25:80:95:f5:b6:9e:e3:1f:dd:
63:fc:75:2f:1e:48:15:bd:87:ee:93:56:09:59:e2:
2d:f4:7b:21:63:c1:4c:5e:87:e5:09:90:51:3a:87:
88:b9:4d:c4:68:d4:69:89:e6:20:4d:a0:30:52:e1:
94:c3:38:5d:f8:37:2c:1a:5c:f5:0c:9b:6e:4a:c1:
0a:2a:0c:03:0b:50:b3:da:0e:3e:2c:fc:5a:ce:72:
c7:aa:a0:46:56:37:70:d9:9c:ce:4f:07:f9:aa:44:
d9:2f:a6:7b:7e:4e:78:b9:96:ed:e8:8c:7f:e1:eb:
5d:3d:35:cd:31:27:cc:b4:79:d1:e3:2a:be:09:97:
73:7e:b2:36:30:d2:42:13:28:e8:b8:2f:45:95:8c:
58:64:98:65:fa:79:30:d8:aa:12:57:5d:49:8c:6b:
91:77:9e:a2:be:78:08:4c:99:50:d7:5f:0d:0f:70:
24:d1:3b:1e:30:3d:32:f1:22:b4:10:92:9b:4b:db:
ba:a0:76:6d:4e:74:56:9d:d0:f8:00:0e:f5:9f:85:
30:68:ed:73:81:98:1e:5e:97:7d:be:df:bb:ea:a9:
22:4d:37:06:48:4c:95:bb:ab:e7:77:26:62:2a:0a:
3d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:A3:25:0A:64:98:4B:0B:77:F9:BD:01:2E:75:ED:2C:D3:77:B2:B8
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/tqMlCmSYSwt3-b0BLnXtLNN3srg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
da:d1:5e:fe:61:8f:db:36:0a:ea:f9:99:18:6e:3b:dc:2d:37:
0b:ce:8d:1f:8a:32:64:8c:56:d0:ca:8a:09:86:54:77:aa:67:
f8:b5:c1:1a:db:4f:fa:3b:e0:7d:8b:f1:7a:0b:65:8c:01:dc:
9c:cc:2f:59:e5:08:6b:9f:90:89:eb:79:d5:9b:2b:8f:cd:d7:
b6:70:00:a9:22:27:ff:c0:c5:24:51:f0:8e:f7:31:7e:15:f6:
66:bf:12:1d:6b:82:8e:49:2d:0a:79:34:54:51:eb:fb:0c:4e:
d5:d2:48:23:ae:d3:04:36:36:87:b9:7a:12:c2:cd:3c:c3:e0:
54:d9:db:20:8a:22:dc:3e:6b:0e:67:e8:70:83:c7:f0:f2:36:
f1:fd:11:a8:4d:65:2f:e4:d8:3c:58:bf:e2:6d:40:f7:90:d3:
56:6e:69:43:d0:68:5e:79:05:39:2f:f5:1f:43:ad:16:88:93:
d4:6c:00:37:7e:93:19:c0:bd:01:ad:02:51:9c:e0:a1:ad:62:
8b:80:24:01:91:86:71:1e:8e:b4:d1:a4:38:69:b6:e3:f9:fb:
f5:00:4d:4b:b0:36:63:c2:f3:09:3e:c4:b3:08:1e:8f:d0:8f:
49:c2:8b:42:bc:1f:ed:77:e1:9f:75:5e:cb:c7:ac:1b:76:33:
b8:0a:e9:1d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDqhGqkvNz1cdcrCRp+/1Z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwNzI1MTUzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmEzMjUwYTY0OTg0YjBiNzdmOWJkMDEyZTc1ZWQyY2QzNzdiMmI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCHolndP8zI++9GPR+I3JlDyTSQl
gJX1tp7jH91j/HUvHkgVvYfuk1YJWeIt9HshY8FMXoflCZBROoeIuU3EaNRpieYg
TaAwUuGUwzhd+DcsGlz1DJtuSsEKKgwDC1Cz2g4+LPxaznLHqqBGVjdw2ZzOTwf5
qkTZL6Z7fk54uZbt6Ix/4etdPTXNMSfMtHnR4yq+CZdzfrI2MNJCEyjouC9FlYxY
ZJhl+nkw2KoSV11JjGuRd56ivngITJlQ118ND3Ak0TseMD0y8SK0EJKbS9u6oHZt
TnRWndD4AA71n4UwaO1zgZgeXpd9vt+76qkiTTcGSEyVu6vndyZiKgo9CQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLajJQpkmEsLd/m9AS517SzTd7K4MB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvdHFNbENtU1lTd3QzLWIwQkxuWHRMTk4zc3JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWfnOAwQE
1CrAMA0GCSqGSIb3DQEBCwUAA4IBAQDa0V7+YY/bNgrq+ZkYbjvcLTcLzo0fijJk
jFbQyooJhlR3qmf4tcEa20/6O+B9i/F6C2WMAdyczC9Z5Qhrn5CJ63nVmyuPzde2
cACpIif/wMUkUfCO9zF+FfZmvxIda4KOSS0KeTRUUev7DE7V0kgjrtMENjaHuXoS
ws08w+BU2dsgiiLcPmsOZ+hwg8fw8jbx/RGoTWUv5Ng8WL/ibUD3kNNWbmlD0Ghe
eQU5L/UfQ60WiJPUbAA3fpMZwL0BrQJRnOChrWKLgCQBkYZxHo600aQ4abbj+fv1
AE1LsDZjwvMJPsSzCB6P0I9JwotCvB/td+GfdV7Lx6wbdjO4Cukd
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:19 2025 by rpki-client