Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/Iy90fXL0C4rET-gimO1JzINdUqA.roa
File: Iy90fXL0C4rET-gimO1JzINdUqA.roa (raw, json)
Hash identifier: gt++OgixR/7DFzdp1InJp6D6wngq46arOodrx6fwSHQ=
Subject key identifier: 23:2F:74:7D:72:F4:0B:8A:C4:4F:E8:22:98:ED:49:CC:83:5D:52:A0
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 0193BAC266B4F9812D2A3FC2D41D2F9A662F
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/Iy90fXL0C4rET-gimO1JzINdUqA.roa
Signing time: Thu 12 Dec 2024 12:05:22 +0000
ROA not before: Thu 12 Dec 2024 12:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48955
IP address blocks: 89.45.66.0/24 maxlen: 24
188.212.5.0/24 maxlen: 24
188.213.1.0/24 maxlen: 24
188.214.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ba:c2:66:b4:f9:81:2d:2a:3f:c2:d4:1d:2f:9a:66:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Dec 12 12:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=232f747d72f40b8ac44fe82298ed49cc835d52a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f1:e7:58:69:47:2d:d4:8d:ff:c4:7a:d7:47:
42:06:f0:87:6a:ec:37:9e:58:ba:be:54:4e:92:01:
a4:7e:20:e6:3c:83:4c:9a:bd:6f:98:dc:4b:45:52:
ae:22:0f:7a:74:5a:34:14:3c:42:32:61:36:4f:9c:
94:e6:bd:e2:1d:42:3d:ca:31:b7:5f:93:7f:d8:87:
fe:20:2a:88:16:04:6e:7c:17:d6:73:bc:d1:64:10:
99:c5:15:74:f3:f0:55:80:74:5c:75:e9:a0:8d:26:
81:c1:e0:f6:ff:2d:9a:9d:00:ce:7d:94:69:23:0c:
9c:4f:cc:2d:77:da:4e:2b:ad:e2:7d:ed:2a:96:7a:
38:64:90:f8:3b:b5:0b:5a:b3:03:02:db:b9:66:1c:
8f:a2:0b:90:87:1d:75:6d:f2:ca:bb:47:ed:5a:19:
10:40:8f:c5:25:ca:c1:e6:ab:a9:4e:f6:3f:64:7d:
3d:53:d2:b2:4c:ca:e7:83:06:79:49:c1:f6:5f:2b:
35:2d:41:58:c6:03:98:3e:2f:ba:69:0b:f9:b1:15:
e4:4a:e1:7a:1a:ad:ef:b7:d1:52:d1:28:7b:6b:3d:
fd:b7:54:ae:78:9b:a9:ec:78:ad:b0:97:97:f0:1e:
f3:a5:2f:83:d1:ac:2f:d8:c1:a3:03:ae:2a:c7:76:
6b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:2F:74:7D:72:F4:0B:8A:C4:4F:E8:22:98:ED:49:CC:83:5D:52:A0
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/Iy90fXL0C4rET-gimO1JzINdUqA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.66.0/24
188.212.5.0/24
188.213.1.0/24
188.214.227.0/24
Signature Algorithm: sha256WithRSAEncryption
44:e2:92:3c:91:c7:8d:e7:86:fb:c6:71:0c:54:7b:21:91:9c:
bb:6c:24:ca:84:6c:f2:eb:d3:84:e9:30:84:19:7e:1a:6e:fe:
3e:3f:86:b9:48:46:ee:46:31:8b:c9:46:b9:e4:fd:1f:39:2f:
72:e5:52:89:1d:d2:46:00:5c:25:6a:21:30:e0:97:5f:cb:a4:
d1:a8:68:bd:26:76:6e:c8:0a:17:42:21:22:ed:30:90:0e:79:
3b:23:12:9a:ca:2b:c1:dd:1b:8c:66:59:fb:37:34:a8:23:80:
15:64:49:94:89:0e:4f:d7:bf:7d:a8:78:07:ee:bd:c4:65:a2:
a8:30:7a:a1:db:4f:44:c5:32:43:5a:92:e7:6d:58:af:19:70:
2c:45:f2:59:13:70:9a:99:bf:c8:bc:51:24:68:79:3e:39:aa:
b0:98:e1:c2:0c:db:61:8a:a4:eb:4a:8c:9c:4a:d8:73:ec:94:
f2:1b:47:9e:c3:ae:22:11:1a:75:4a:b0:58:bf:3f:c0:31:66:
55:93:f9:01:05:0a:ad:86:2f:cb:e2:b9:19:5c:51:ba:a3:ac:
74:f3:31:cd:4d:d2:32:51:90:53:ba:15:c3:a4:b3:10:06:0e:
20:27:cf:a3:3a:f2:1d:89:3d:cf:95:cf:d1:64:31:98:e9:23:
13:af:d1:ec
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZO6wma0+YEtKj/C1B0vmmYvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjQxMjEyMTIwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzJmNzQ3ZDcyZjQwYjhhYzQ0ZmU4MjI5OGVkNDljYzgzNWQ1MmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPHnWGlHLdSN/8R610dCBvCHauw3
nli6vlROkgGkfiDmPINMmr1vmNxLRVKuIg96dFo0FDxCMmE2T5yU5r3iHUI9yjG3
X5N/2If+ICqIFgRufBfWc7zRZBCZxRV08/BVgHRcdemgjSaBweD2/y2anQDOfZRp
IwycT8wtd9pOK63ife0qlno4ZJD4O7ULWrMDAtu5ZhyPoguQhx11bfLKu0ftWhkQ
QI/FJcrB5qupTvY/ZH09U9KyTMrngwZ5ScH2Xys1LUFYxgOYPi+6aQv5sRXkSuF6
Gq3vt9FS0Sh7az39t1SueJup7HitsJeX8B7zpS+D0awv2MGjA64qx3Zr1QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCMvdH1y9AuKxE/oIpjtScyDXVKgMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvSXk5MGZYTDBDNHJFVC1naW1PMUp6SU5kVXFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWS1CAwQA
vNQFAwQAvNUBAwQAvNbjMA0GCSqGSIb3DQEBCwUAA4IBAQBE4pI8kceN54b7xnEM
VHshkZy7bCTKhGzy69OE6TCEGX4abv4+P4a5SEbuRjGLyUa55P0fOS9y5VKJHdJG
AFwlaiEw4Jdfy6TRqGi9JnZuyAoXQiEi7TCQDnk7IxKayivB3RuMZln7NzSoI4AV
ZEmUiQ5P1799qHgH7r3EZaKoMHqh209ExTJDWpLnbVivGXAsRfJZE3Camb/IvFEk
aHk+OaqwmOHCDNthiqTrSoycSthz7JTyG0eew64iERp1SrBYvz/AMWZVk/kBBQqt
hi/L4rkZXFG6o6x08zHNTdIyUZBTuhXDpLMQBg4gJ8+jOvIdiT3Plc/RZDGY6SMT
r9Hs
-----END CERTIFICATE-----
Generated at Tue Apr 22 06:13:19 2025 by rpki-client