Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/XZ2DRzLesSnWlYca0q_BOJKIydM.roa
File: XZ2DRzLesSnWlYca0q_BOJKIydM.roa (raw, json)
Hash identifier: ga53tANT99yLGMEZVDyiENbfkoPq4b36vnAkfOie+FU=
Subject key identifier: 5D:9D:83:47:32:DE:B1:29:D6:95:87:1A:D2:AF:C1:38:92:88:C9:D3
Certificate issuer: /CN=e27e1dd07466278036ba5cd943d7b0e021cf8628
Certificate serial: 019522F16EADB34A6525D96FD29CBA42F8B0
Authority key identifier: E2:7E:1D:D0:74:66:27:80:36:BA:5C:D9:43:D7:B0:E0:21:CF:86:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/XZ2DRzLesSnWlYca0q_BOJKIydM.roa
Signing time: Thu 20 Feb 2025 10:40:02 +0000
ROA not before: Thu 20 Feb 2025 10:40:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213522
IP address blocks: 89.150.62.0/24 maxlen: 28
2a14:ec0::/29 maxlen: 29
Validation: Failed, certificate revoked on Tue 11 Mar 2025 19:46:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:f1:6e:ad:b3:4a:65:25:d9:6f:d2:9c:ba:42:f8:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e27e1dd07466278036ba5cd943d7b0e021cf8628
Validity
Not Before: Feb 20 10:40:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d9d834732deb129d695871ad2afc1389288c9d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:35:ca:dc:eb:d7:62:c9:92:63:b7:e2:17:08:
b3:13:c4:28:c0:ef:67:8e:1b:f7:83:f5:f2:96:0d:
da:20:70:6d:c8:e4:7a:41:63:4a:2f:5b:23:7c:d6:
0b:8a:5e:06:29:9d:b8:f3:ec:51:de:e6:44:4d:3e:
06:14:4f:e8:bb:9c:df:49:e8:3c:9d:44:19:e3:2c:
00:d9:fd:88:db:1f:79:c9:d0:51:fb:c8:8c:1d:6f:
4b:3e:c1:7e:03:50:29:4e:6d:0c:c5:20:53:c6:51:
b6:2e:8e:8b:88:fd:96:4e:e3:8f:43:9c:30:79:41:
22:57:cc:41:7c:f8:3a:18:d8:e0:f6:76:50:c6:9e:
ce:d5:26:62:6d:a7:ab:59:e7:2f:f7:9d:af:86:0c:
be:3a:0f:c1:e0:aa:2c:d0:61:65:de:20:8b:ab:d5:
92:39:eb:28:bb:1a:8e:59:d5:43:c9:fe:9e:c8:a0:
b0:d0:ac:6a:46:c0:4b:71:a9:63:a7:bf:3d:a0:15:
5f:b6:94:08:e6:b6:c0:ac:81:82:69:a7:01:74:75:
bd:13:93:e8:14:01:a5:59:9f:14:aa:23:5b:fb:cd:
e0:13:6f:3d:a6:9f:79:69:4e:5d:10:26:da:96:b4:
73:ac:85:40:e0:a8:9c:12:4f:f0:9e:7d:2a:ee:51:
2d:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:9D:83:47:32:DE:B1:29:D6:95:87:1A:D2:AF:C1:38:92:88:C9:D3
X509v3 Authority Key Identifier:
keyid:E2:7E:1D:D0:74:66:27:80:36:BA:5C:D9:43:D7:B0:E0:21:CF:86:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/XZ2DRzLesSnWlYca0q_BOJKIydM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ae0d8b-4857-4ba7-b342-5ec336bf743b/1/4n4d0HRmJ4A2ulzZQ9ew4CHPhig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.62.0/24
IPv6:
2a14:ec0::/29
Signature Algorithm: sha256WithRSAEncryption
2a:43:65:b9:8c:69:d2:c5:1a:08:68:7d:fa:a5:37:88:d9:b6:
c0:6f:c3:8c:f1:65:40:e5:5f:f2:0c:4d:db:f3:cd:5e:fe:42:
45:21:e2:07:26:d9:48:9f:ed:d4:54:aa:71:2d:be:0c:0d:a0:
93:67:e3:e5:ef:b5:e3:18:2a:54:f4:d3:4d:31:b5:6e:0e:5d:
81:20:82:27:a9:26:9d:7f:06:cd:4e:ae:85:0a:a6:3e:69:df:
28:48:8d:97:b3:3e:f9:12:1c:a2:63:ca:b5:78:c2:3a:76:f1:
15:b2:01:27:f8:41:5f:8b:fb:2c:9f:4e:f4:34:23:a3:54:34:
04:b8:14:d3:09:79:43:6b:54:35:26:f4:0e:a7:76:cb:c3:65:
5b:aa:a8:6f:e0:ce:39:b3:54:f5:07:20:f6:f4:dc:80:1f:61:
7f:d6:4d:9d:65:8b:99:21:f9:a5:63:ab:07:fd:96:b7:6e:56:
68:33:1e:36:b0:49:5b:24:4b:cf:f3:14:d6:89:7f:e5:dc:2e:
e4:3f:b8:70:fa:a1:75:c0:1b:d2:6e:94:54:7c:a5:2a:50:94:
17:21:2d:42:62:be:34:fe:2b:20:46:81:0c:a5:f5:38:11:0c:
2b:ab:b6:4a:34:1f:96:68:02:c8:5a:c8:2e:df:9f:c0:1c:13:
87:1c:18:e8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZUi8W6ts0plJdlv0py6QviwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyN2UxZGQwNzQ2NjI3ODAzNmJhNWNkOTQzZDdiMGUwMjFj
Zjg2MjgwHhcNMjUwMjIwMTA0MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDlkODM0NzMyZGViMTI5ZDY5NTg3MWFkMmFmYzEzODkyODhjOWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDXK3OvXYsmSY7fiFwizE8QowO9n
jhv3g/Xylg3aIHBtyOR6QWNKL1sjfNYLil4GKZ248+xR3uZETT4GFE/ou5zfSeg8
nUQZ4ywA2f2I2x95ydBR+8iMHW9LPsF+A1ApTm0MxSBTxlG2Lo6LiP2WTuOPQ5ww
eUEiV8xBfPg6GNjg9nZQxp7O1SZibaerWecv952vhgy+Og/B4Kos0GFl3iCLq9WS
OesouxqOWdVDyf6eyKCw0KxqRsBLcaljp789oBVftpQI5rbArIGCaacBdHW9E5Po
FAGlWZ8UqiNb+83gE289pp95aU5dECbalrRzrIVA4KicEk/wnn0q7lEt/QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFF2dg0cy3rEp1pWHGtKvwTiSiMnTMB8GA1UdIwQY
MBaAFOJ+HdB0ZieANrpc2UPXsOAhz4YoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNG40ZDBIUm1KNEEydWx6WlE5ZXc0Q0hQaGlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9hZTBkOGItNDg1Ny00YmE3LWIzNDIt
NWVjMzM2YmY3NDNiLzEvWFoyRFJ6TGVzU25XbFljYTBxX0JPSktJeWRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9hZTBkOGItNDg1Ny00YmE3LWIzNDItNWVjMzM2YmY3NDNi
LzEvNG40ZDBIUm1KNEEydWx6WlE5ZXc0Q0hQaGlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWZY+MA0E
AgACMAcDBQMqFA7AMA0GCSqGSIb3DQEBCwUAA4IBAQAqQ2W5jGnSxRoIaH36pTeI
2bbAb8OM8WVA5V/yDE3b881e/kJFIeIHJtlIn+3UVKpxLb4MDaCTZ+Pl77XjGCpU
9NNNMbVuDl2BIIInqSadfwbNTq6FCqY+ad8oSI2Xsz75EhyiY8q1eMI6dvEVsgEn
+EFfi/ssn070NCOjVDQEuBTTCXlDa1Q1JvQOp3bLw2Vbqqhv4M45s1T1ByD29NyA
H2F/1k2dZYuZIfmlY6sH/Za3blZoMx42sElbJEvP8xTWiX/l3C7kP7hw+qF1wBvS
bpRUfKUqUJQXIS1CYr40/isgRoEMpfU4EQwrq7ZKNB+WaALIWsgu35/AHBOHHBjo
-----END CERTIFICATE-----
Generated at Mon Apr 21 03:52:16 2025 by rpki-client