Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/CjfXFriC-BvOc7SM_73L_nbZcSg.roa
File: CjfXFriC-BvOc7SM_73L_nbZcSg.roa (raw, json)
Hash identifier: SHBFgT3UX+nU5P8bzBAtYy8I+Lo1eXn69MJIB8vUZS8=
Subject key identifier: 0A:37:D7:16:B8:82:F8:1B:CE:73:B4:8C:FF:BD:CB:FE:76:D9:71:28
Certificate issuer: /CN=17c203e3f365923a843d3220317a1c68cf74de0f
Certificate serial: 018CC64B5F66ABB0F148958844A409583C58
Authority key identifier: 17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/CjfXFriC-BvOc7SM_73L_nbZcSg.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50409
IP address blocks: 89.111.19.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 04 Jan 2024 12:16:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5f:66:ab:b0:f1:48:95:88:44:a4:09:58:3c:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17c203e3f365923a843d3220317a1c68cf74de0f
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a37d716b882f81bce73b48cffbdcbfe76d97128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:68:48:a3:25:1f:77:7f:1b:11:a3:35:bd:2e:
d6:34:6f:9a:93:e2:be:46:3b:d9:52:d5:3b:86:db:
86:11:11:9c:3d:92:eb:c8:cd:11:69:19:ad:6e:25:
46:4e:27:7d:15:e4:ab:f5:cf:59:10:6e:3d:d4:3c:
66:50:23:54:ea:f0:9e:10:69:d1:c4:77:a9:56:b3:
6a:62:58:c7:18:43:7d:07:15:bd:67:e5:48:96:a6:
42:1b:2a:1a:3d:f8:32:5b:7f:04:ab:18:47:a3:71:
9b:fd:0f:18:29:c9:9b:da:03:e6:a8:d0:87:7d:ea:
4e:8c:ec:a3:6b:c1:35:33:a8:41:99:23:65:28:38:
c8:cb:23:b5:10:27:0e:38:c3:0d:0c:6e:2e:af:44:
ea:4c:e7:e7:36:9b:cd:73:d9:7b:48:f1:f7:46:6b:
c3:04:fa:e1:4d:d8:44:09:5f:e4:3f:5b:0d:39:3c:
4d:fd:9e:47:f9:fe:d3:86:44:59:97:d4:ea:a5:e0:
21:62:38:c5:87:d3:a1:cd:cc:3b:f5:c4:24:c6:ad:
5d:83:43:88:b4:22:ac:d1:2b:79:30:3d:69:84:d5:
2b:03:6b:8b:6a:dc:ef:f8:4d:a3:3e:5d:43:c6:38:
de:da:6e:f5:88:02:21:3f:06:7e:d2:c2:df:36:66:
1f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:37:D7:16:B8:82:F8:1B:CE:73:B4:8C:FF:BD:CB:FE:76:D9:71:28
X509v3 Authority Key Identifier:
keyid:17:C2:03:E3:F3:65:92:3A:84:3D:32:20:31:7A:1C:68:CF:74:DE:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F8ID4_NlkjqEPTIgMXocaM903g8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/CjfXFriC-BvOc7SM_73L_nbZcSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/89ae8e-4674-455d-9f23-ac67a36e4aab/1/F8ID4_NlkjqEPTIgMXocaM903g8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.111.19.0/24
Signature Algorithm: sha256WithRSAEncryption
74:fe:2b:81:e0:ec:39:4e:6e:8a:e4:0d:81:7e:62:2f:f2:76:
c2:8c:0a:4e:ba:8b:42:b9:67:f4:87:98:3a:d7:54:b1:a1:62:
57:a7:23:83:c9:d8:54:b0:3b:e1:f7:c0:4c:b4:0d:67:96:f9:
9b:11:9b:dc:88:36:5a:b6:b9:92:50:a9:86:7d:7d:df:f9:9a:
db:27:70:6a:2e:97:68:71:2b:31:03:94:2a:81:86:1b:e9:ab:
cf:b1:c8:d4:e4:b1:93:f3:c9:3d:7e:a5:79:e2:28:09:f4:d4:
1b:cd:a6:a3:55:bb:09:58:68:ac:c9:be:65:37:36:1b:e2:9e:
85:a7:5a:f8:ab:49:06:6f:1b:f4:40:0b:42:b3:47:4b:13:61:
45:58:2c:5a:03:57:12:98:7e:d6:3c:04:9f:10:ad:16:bb:c0:
f4:86:d2:5c:f0:f8:b8:5a:d7:6b:02:00:a5:31:92:b2:2f:db:
13:24:6a:29:73:f4:d1:93:3b:7f:41:9a:20:c8:a4:32:17:a9:
bb:b0:49:f6:8c:62:82:55:59:4e:c8:7c:57:8d:2d:e1:81:c4:
d1:86:6c:b4:ae:e9:5d:6c:9d:b9:8b:b3:3d:18:e1:d0:4e:fb:
cd:cd:b6:5c:33:52:a1:f0:4f:da:3f:c6:53:a6:bf:3d:ab:ba:
e7:8e:6a:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGS19mq7DxSJWIRKQJWDxYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3YzIwM2UzZjM2NTkyM2E4NDNkMzIyMDMxN2ExYzY4Y2Y3
NGRlMGYwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTM3ZDcxNmI4ODJmODFiY2U3M2I0OGNmZmJkY2JmZTc2ZDk3MTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnmhIoyUfd38bEaM1vS7WNG+ak+K+
RjvZUtU7htuGERGcPZLryM0RaRmtbiVGTid9FeSr9c9ZEG491DxmUCNU6vCeEGnR
xHepVrNqYljHGEN9BxW9Z+VIlqZCGyoaPfgyW38EqxhHo3Gb/Q8YKcmb2gPmqNCH
fepOjOyja8E1M6hBmSNlKDjIyyO1ECcOOMMNDG4ur0TqTOfnNpvNc9l7SPH3RmvD
BPrhTdhECV/kP1sNOTxN/Z5H+f7ThkRZl9TqpeAhYjjFh9Ohzcw79cQkxq1dg0OI
tCKs0St5MD1phNUrA2uLatzv+E2jPl1Dxjje2m71iAIhPwZ+0sLfNmYfIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAo31xa4gvgbznO0jP+9y/522XEoMB8GA1UdIwQY
MBaAFBfCA+PzZZI6hD0yIDF6HGjPdN4PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMt
YWM2N2EzNmU0YWFiLzEvQ2pmWEZyaUMtQnZPYzdTTV83M0xfbmJaY1NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy84OWFlOGUtNDY3NC00NTVkLTlmMjMtYWM2N2EzNmU0YWFi
LzEvRjhJRDRfTmxranFFUFRJZ01Yb2NhTTkwM2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWW8TMA0G
CSqGSIb3DQEBCwUAA4IBAQB0/iuB4Ow5Tm6K5A2BfmIv8nbCjApOuotCuWf0h5g6
11SxoWJXpyODydhUsDvh98BMtA1nlvmbEZvciDZatrmSUKmGfX3f+ZrbJ3BqLpdo
cSsxA5QqgYYb6avPscjU5LGT88k9fqV54igJ9NQbzaajVbsJWGisyb5lNzYb4p6F
p1r4q0kGbxv0QAtCs0dLE2FFWCxaA1cSmH7WPASfEK0Wu8D0htJc8Pi4WtdrAgCl
MZKyL9sTJGopc/TRkzt/QZogyKQyF6m7sEn2jGKCVVlOyHxXjS3hgcTRhmy0ruld
bJ25i7M9GOHQTvvNzbZcM1Kh8E/aP8ZTpr89q7rnjmrt
-----END CERTIFICATE-----
Generated at Sat Apr 19 18:36:29 2025 by rpki-client