Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/zdOwDhAN_MqyNL7UCy5a5Ry3rKg.roa
File: zdOwDhAN_MqyNL7UCy5a5Ry3rKg.roa (raw, json)
Hash identifier: pyhcmP6k12WpTP2k1ycc75U2KcXDucoloVoWiPAxrmM=
Subject key identifier: CD:D3:B0:0E:10:0D:FC:CA:B2:34:BE:D4:0B:2E:5A:E5:1C:B7:AC:A8
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 018D696B4D49113D303DE0E1B98C7B8D63DB
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/zdOwDhAN_MqyNL7UCy5a5Ry3rKg.roa
Signing time: Fri 02 Feb 2024 10:44:16 +0000
ROA not before: Fri 02 Feb 2024 10:44:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.249.201.0/24 maxlen: 24
89.249.203.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Feb 2024 10:26:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:69:6b:4d:49:11:3d:30:3d:e0:e1:b9:8c:7b:8d:63:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Feb 2 10:44:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdd3b00e100dfccab234bed40b2e5ae51cb7aca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:2b:19:e8:f0:80:9b:e0:a0:93:32:ad:cf:7d:
6e:95:a1:bd:20:dc:f2:35:a5:fa:39:dd:4d:ac:e5:
0c:d9:ee:34:73:55:93:28:81:1c:ef:7d:e2:59:71:
ad:75:01:86:b3:64:f2:bf:94:5e:ca:b7:49:58:c3:
79:73:bc:ca:f0:c4:bf:56:fb:03:d8:e9:e8:15:f2:
cb:f5:27:dc:f8:06:5b:02:ca:c9:94:7c:38:f9:58:
88:3e:58:53:92:45:f2:58:b9:77:b2:5c:72:21:95:
bb:b5:35:b4:dc:3d:fb:f2:3c:e9:47:c0:b3:f3:22:
a3:a5:6f:7b:9b:bf:8a:1e:ca:9c:00:80:e1:84:9a:
fa:71:0e:c0:37:f7:d6:4e:73:e6:86:15:bc:32:6c:
52:8c:45:15:fc:a7:f7:bc:3c:83:69:54:3a:09:f7:
9c:ae:b1:28:fe:5d:d1:c3:63:c7:c9:33:17:54:40:
fc:0e:c8:2e:37:23:ee:0a:af:70:fb:d4:37:4b:1e:
7c:fd:87:23:3a:63:8a:df:2a:9c:b3:f3:3a:06:b1:
c2:4c:e1:11:70:08:e2:f8:e4:d5:86:83:2e:4f:61:
1f:cd:93:8b:6d:7d:4f:30:af:1b:a1:a1:be:aa:be:
f6:cb:22:6a:bf:62:02:8c:86:d1:fc:ed:13:51:c8:
58:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D3:B0:0E:10:0D:FC:CA:B2:34:BE:D4:0B:2E:5A:E5:1C:B7:AC:A8
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/zdOwDhAN_MqyNL7UCy5a5Ry3rKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
89.249.203.0/24
Signature Algorithm: sha256WithRSAEncryption
38:9e:78:b2:2b:fe:a6:7b:0f:62:10:cf:84:ae:b5:30:4f:fc:
1a:0a:4b:c4:45:2f:86:cf:64:8f:8f:0b:a3:49:bd:e1:39:ec:
8f:70:89:e2:8f:6b:13:5d:94:ed:8b:c1:3c:5f:06:77:69:a1:
1c:64:a5:4c:d8:3e:ba:a9:38:b8:ef:9b:d3:25:e3:33:99:7d:
f4:6b:1c:f3:1e:4e:f5:7b:80:7c:e8:e4:67:f1:53:d9:cb:6b:
e9:77:b8:57:02:1c:43:11:55:f4:b9:aa:d8:b5:03:5c:9e:7f:
08:e4:6a:4e:84:fa:9d:01:34:7f:82:46:fe:4a:8e:47:51:dd:
9e:65:c2:3e:7b:87:ac:a4:f0:0e:17:d9:a6:31:ad:09:99:dc:
eb:5f:e8:e1:14:ff:bd:65:20:b4:e4:f7:59:be:7c:e1:9c:48:
19:fd:26:56:c5:00:9b:bb:f3:7f:10:a7:5b:a9:0d:b3:36:25:
54:14:06:e6:5c:5d:4f:28:0a:12:a4:5b:7b:52:19:23:0c:2c:
eb:36:5e:13:fd:3b:26:47:a6:a0:d1:9a:f2:dd:40:4d:1f:0f:
f7:a7:ce:d9:1d:18:64:cd:61:d5:f5:cd:78:23:b0:49:b6:a0:
e2:ff:fe:ac:78:6d:01:50:a7:24:f9:5d:c3:09:d6:59:cc:e5:
42:53:97:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY1pa01JET0wPeDhuYx7jWPbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQwMjAyMTA0NDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQzYjAwZTEwMGRmY2NhYjIzNGJlZDQwYjJlNWFlNTFjYjdhY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArysZ6PCAm+CgkzKtz31ulaG9INzy
NaX6Od1NrOUM2e40c1WTKIEc733iWXGtdQGGs2Tyv5ReyrdJWMN5c7zK8MS/VvsD
2OnoFfLL9Sfc+AZbAsrJlHw4+ViIPlhTkkXyWLl3slxyIZW7tTW03D378jzpR8Cz
8yKjpW97m7+KHsqcAIDhhJr6cQ7AN/fWTnPmhhW8MmxSjEUV/Kf3vDyDaVQ6Cfec
rrEo/l3Rw2PHyTMXVED8DsguNyPuCq9w+9Q3Sx58/YcjOmOK3yqcs/M6BrHCTOER
cAji+OTVhoMuT2EfzZOLbX1PMK8boaG+qr72yyJqv2ICjIbR/O0TUchYTQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM3TsA4QDfzKsjS+1AsuWuUct6yoMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvemRPd0RoQU5fTXF5Tkw3VUN5NWE1UnkzcktnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWfnJAwQA
WfnLMA0GCSqGSIb3DQEBCwUAA4IBAQA4nniyK/6mew9iEM+ErrUwT/waCkvERS+G
z2SPjwujSb3hOeyPcInij2sTXZTti8E8XwZ3aaEcZKVM2D66qTi475vTJeMzmX30
axzzHk71e4B86ORn8VPZy2vpd7hXAhxDEVX0uarYtQNcnn8I5GpOhPqdATR/gkb+
So5HUd2eZcI+e4espPAOF9mmMa0JmdzrX+jhFP+9ZSC05PdZvnzhnEgZ/SZWxQCb
u/N/EKdbqQ2zNiVUFAbmXF1PKAoSpFt7UhkjDCzrNl4T/TsmR6ag0Zry3UBNHw/3
p87ZHRhkzWHV9c14I7BJtqDi//6seG0BUKck+V3DCdZZzOVCU5eB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:02:51 2025 by rpki-client