Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/qTgymklXo-YYnCUbvRaF85PhUuk.roa
File: qTgymklXo-YYnCUbvRaF85PhUuk.roa (raw, json)
Hash identifier: RKgjJqeUCKkznsvAtQJyDLq0PXwmDqrLo1FZ41HvlSA=
Subject key identifier: A9:38:32:9A:49:57:A3:E6:18:9C:25:1B:BD:16:85:F3:93:E1:52:E9
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01919A2D902923541B7AD0EA6C59404F861E
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/qTgymklXo-YYnCUbvRaF85PhUuk.roa
Signing time: Wed 28 Aug 2024 18:09:22 +0000
ROA not before: Wed 28 Aug 2024 18:09:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 89.42.40.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 13 Nov 2024 07:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9a:2d:90:29:23:54:1b:7a:d0:ea:6c:59:40:4f:86:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 28 18:09:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a938329a4957a3e6189c251bbd1685f393e152e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:63:9d:a7:be:18:6b:30:81:b3:7c:ae:0b:d8:
0a:93:2d:20:dd:25:14:92:2a:6a:2a:3b:09:8b:2c:
0a:3d:a7:a4:bf:c6:7e:43:bb:dd:98:66:be:5e:fe:
43:df:e8:59:cf:d1:6c:c1:27:ae:d4:ab:18:24:16:
2b:16:4e:f0:65:cf:c8:bb:7b:3e:23:d2:3a:3b:62:
41:45:4e:72:65:56:d0:f4:39:54:cc:ea:b8:77:9d:
3e:6a:f1:14:c6:b3:c1:7d:7f:cf:de:d5:38:dc:7a:
99:48:c4:a6:df:84:f8:b2:8b:8e:fd:15:da:6d:d8:
b2:70:bf:8d:88:e2:2f:2b:1a:f4:75:a5:76:09:f7:
c6:04:c3:64:f0:08:f8:62:3b:d9:e4:8e:9f:dd:fb:
7d:1d:e9:af:d7:9d:85:8c:77:4e:6e:5b:82:56:91:
5d:f5:3c:2f:f9:f0:fa:d9:a5:8c:a8:74:9f:7a:a3:
15:0c:3e:bb:c2:f5:61:c5:3a:03:62:15:5a:22:a3:
64:87:1d:95:01:96:d8:e9:62:35:c4:cc:f8:00:5c:
ee:45:2e:84:ad:3c:29:8a:51:9f:e9:07:a3:4d:f4:
d9:8b:ef:e6:93:48:c6:02:54:bb:07:87:b2:6d:5a:
c5:23:42:18:e2:20:c2:27:1c:7f:b5:ca:b5:50:9e:
e6:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:38:32:9A:49:57:A3:E6:18:9C:25:1B:BD:16:85:F3:93:E1:52:E9
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/qTgymklXo-YYnCUbvRaF85PhUuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.40.0/24
Signature Algorithm: sha256WithRSAEncryption
03:04:42:6e:b0:f0:51:6a:7c:32:fd:cf:a2:68:f9:a3:76:8f:
1c:f4:25:d0:c5:06:c0:fa:69:c8:8f:c2:91:31:2a:85:99:09:
cf:48:f8:78:5f:0a:6e:3f:a0:01:14:b5:66:bb:3c:55:2c:56:
59:24:81:51:b9:c0:4d:e2:3d:8d:68:44:5a:e2:66:e8:07:1f:
d8:9e:74:56:61:2f:3b:31:fe:e2:2e:87:06:81:ae:bc:37:bf:
a8:4e:a8:9d:c0:b4:35:cd:93:d8:51:8b:ef:b5:89:45:81:02:
0e:41:6b:df:de:5e:07:2e:47:72:f0:c8:94:99:bc:48:32:b1:
da:5e:93:00:c8:50:d9:a4:67:61:a5:81:4f:27:cc:ab:06:6c:
5d:49:8a:77:6b:ec:1f:66:7e:2d:2a:99:19:bf:fc:64:29:39:
d1:59:9f:dd:95:38:42:ad:ad:33:dd:7d:5b:3a:98:a7:08:cf:
a9:08:2c:7c:e3:93:f5:b0:2f:f0:aa:34:df:6c:ab:53:66:f1:
f0:34:e9:9b:ca:2e:bf:27:c4:70:72:e9:3a:29:be:63:a3:1a:
22:f5:31:e1:39:82:92:11:6f:e2:7b:df:ea:59:2e:0c:33:d1:
ae:b0:ce:4f:65:d3:8a:4d:1c:db:4d:64:48:53:72:a5:32:5b:
4b:49:ad:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGaLZApI1QbetDqbFlAT4YeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODI4MTgwOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTM4MzI5YTQ5NTdhM2U2MTg5YzI1MWJiZDE2ODVmMzkzZTE1MmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsGOdp74YazCBs3yuC9gKky0g3SUU
kipqKjsJiywKPaekv8Z+Q7vdmGa+Xv5D3+hZz9FswSeu1KsYJBYrFk7wZc/Iu3s+
I9I6O2JBRU5yZVbQ9DlUzOq4d50+avEUxrPBfX/P3tU43HqZSMSm34T4souO/RXa
bdiycL+NiOIvKxr0daV2CffGBMNk8Aj4YjvZ5I6f3ft9Hemv152FjHdObluCVpFd
9Twv+fD62aWMqHSfeqMVDD67wvVhxToDYhVaIqNkhx2VAZbY6WI1xMz4AFzuRS6E
rTwpilGf6QejTfTZi+/mk0jGAlS7B4eybVrFI0IY4iDCJxx/tcq1UJ7m1QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKk4MppJV6PmGJwlG70WhfOT4VLpMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvcVRneW1rbFhvLVlZbkNVYnZSYUY4NVBoVXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSooMA0G
CSqGSIb3DQEBCwUAA4IBAQADBEJusPBRanwy/c+iaPmjdo8c9CXQxQbA+mnIj8KR
MSqFmQnPSPh4XwpuP6ABFLVmuzxVLFZZJIFRucBN4j2NaERa4mboBx/YnnRWYS87
Mf7iLocGga68N7+oTqidwLQ1zZPYUYvvtYlFgQIOQWvf3l4HLkdy8MiUmbxIMrHa
XpMAyFDZpGdhpYFPJ8yrBmxdSYp3a+wfZn4tKpkZv/xkKTnRWZ/dlThCra0z3X1b
OpinCM+pCCx845P1sC/wqjTfbKtTZvHwNOmbyi6/J8Rwcuk6Kb5joxoi9THhOYKS
EW/ie9/qWS4MM9GusM5PZdOKTRzbTWRIU3KlMltLSa3f
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:08 2025 by rpki-client