Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/yRJSiIAu0_kyN8eYlvp9bz5xMq4.roa
File: yRJSiIAu0_kyN8eYlvp9bz5xMq4.roa (raw, json)
Hash identifier: LvSzSuNksE1iISpdwqwuOTON8870d8QtCzXeuu3Jy6U=
Subject key identifier: C9:12:52:88:80:2E:D3:F9:32:37:C7:98:96:FA:7D:6F:3E:71:32:AE
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018CC8DE3335F602DF7DB685013AA5940C23
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/yRJSiIAu0_kyN8eYlvp9bz5xMq4.roa
Signing time: Tue 02 Jan 2024 06:30:54 +0000
ROA not before: Tue 02 Jan 2024 06:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
Validation: Failed, certificate revoked on Fri 05 Jan 2024 12:06:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:33:35:f6:02:df:7d:b6:85:01:3a:a5:94:0c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 06:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9125288802ed3f93237c79896fa7d6f3e7132ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0f:a4:75:0c:66:a7:64:8d:5f:c3:3b:14:79:
8f:88:d7:c3:9c:a4:40:9c:c3:de:58:96:24:c0:dc:
b8:30:63:99:f9:9b:58:ec:9d:75:b9:bd:a4:1b:f3:
53:1a:a0:5e:c6:63:1e:07:da:e4:46:e8:b5:30:9a:
14:98:56:f9:7e:be:7c:32:91:2b:f2:52:21:70:1e:
80:56:00:ac:83:1d:39:c4:ce:22:b9:06:a8:0e:b5:
0e:22:a0:b7:77:7e:a1:aa:f4:15:9c:d1:8b:bd:66:
d6:6c:fd:94:94:3e:ff:cb:aa:91:26:6c:32:56:da:
8a:df:8a:7d:a0:aa:ef:46:a1:19:a5:a9:5a:af:cc:
0a:32:d1:e6:d1:36:58:fc:cf:aa:15:47:58:17:ba:
1a:e4:64:5c:1b:65:6a:44:c2:20:5a:f8:40:7b:e0:
43:77:cd:8b:93:93:ef:1f:a1:0b:ed:3e:81:9a:40:
b6:8a:ed:be:93:93:e5:d1:37:41:bd:0a:d3:71:fd:
c5:5c:63:9c:b0:3e:7c:5d:7a:7c:7b:d6:2f:b5:a5:
75:ad:3f:ab:7d:25:7c:2d:c1:f9:20:96:28:9c:0f:
05:52:d0:ec:42:bd:10:ed:3b:bc:ff:bb:9b:5b:34:
15:d8:1a:49:11:c5:c3:1b:38:8d:50:7d:6c:36:f1:
d1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:12:52:88:80:2E:D3:F9:32:37:C7:98:96:FA:7D:6F:3E:71:32:AE
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/yRJSiIAu0_kyN8eYlvp9bz5xMq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
Signature Algorithm: sha256WithRSAEncryption
a6:74:63:18:35:26:ae:85:8e:93:f5:cc:35:37:fa:9e:48:66:
eb:1b:c3:83:31:93:e8:21:f7:50:2b:75:4e:02:c6:29:a6:56:
f1:92:1e:16:d0:9a:47:c3:5d:63:49:db:3d:33:3d:6c:11:3c:
fc:71:e4:fd:9c:35:ac:10:c3:bb:5e:03:8a:82:0e:b8:3f:02:
da:da:bb:28:3f:10:df:24:db:2f:71:4e:81:e8:b0:e3:d3:81:
34:7f:d7:05:f8:fd:8b:7e:b4:17:58:08:90:9a:31:9a:84:db:
f1:6a:10:5b:3c:44:04:fc:2a:27:e7:cf:4a:04:67:bd:3b:63:
12:f6:3d:10:b2:a1:1f:08:04:34:b3:c2:4e:65:6b:7b:62:e4:
b0:a2:80:df:0e:30:6e:61:78:60:2d:37:6b:c4:f1:2e:03:6c:
e3:54:db:ac:27:3f:8f:61:28:09:82:d0:24:ca:89:1e:57:ce:
1a:d3:71:22:af:19:af:f0:22:78:88:ce:ca:3d:8a:7b:18:c3:
a7:54:0d:b0:7a:64:a8:8d:4f:7b:47:4a:29:f5:20:80:67:37:
93:53:50:c3:cc:98:26:87:6e:e0:94:f6:aa:3d:e9:36:9e:77:
eb:49:b6:28:c4:83:0b:1d:61:05:6e:a2:38:84:65:8f:b2:91:
82:cc:22:e8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3jM19gLffbaFATqllAwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMTAyMDYzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTEyNTI4ODgwMmVkM2Y5MzIzN2M3OTg5NmZhN2Q2ZjNlNzEzMmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQ+kdQxmp2SNX8M7FHmPiNfDnKRA
nMPeWJYkwNy4MGOZ+ZtY7J11ub2kG/NTGqBexmMeB9rkRui1MJoUmFb5fr58MpEr
8lIhcB6AVgCsgx05xM4iuQaoDrUOIqC3d36hqvQVnNGLvWbWbP2UlD7/y6qRJmwy
VtqK34p9oKrvRqEZpalar8wKMtHm0TZY/M+qFUdYF7oa5GRcG2VqRMIgWvhAe+BD
d82Lk5PvH6EL7T6BmkC2iu2+k5Pl0TdBvQrTcf3FXGOcsD58XXp8e9YvtaV1rT+r
fSV8LcH5IJYonA8FUtDsQr0Q7Tu8/7ubWzQV2BpJEcXDGziNUH1sNvHRCwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMkSUoiALtP5MjfHmJb6fW8+cTKuMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEveVJKU2lJQXUwX2t5TjhlWWx2cDliejV4TXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWfnAMA0G
CSqGSIb3DQEBCwUAA4IBAQCmdGMYNSauhY6T9cw1N/qeSGbrG8ODMZPoIfdQK3VO
AsYpplbxkh4W0JpHw11jSds9Mz1sETz8ceT9nDWsEMO7XgOKgg64PwLa2rsoPxDf
JNsvcU6B6LDj04E0f9cF+P2LfrQXWAiQmjGahNvxahBbPEQE/Con589KBGe9O2MS
9j0QsqEfCAQ0s8JOZWt7YuSwooDfDjBuYXhgLTdrxPEuA2zjVNusJz+PYSgJgtAk
yokeV84a03Eirxmv8CJ4iM7KPYp7GMOnVA2wemSojU97R0op9SCAZzeTU1DDzJgm
h27glPaqPek2nnfrSbYoxIMLHWEFbqI4hGWPspGCzCLo
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:50 2025 by rpki-client