Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/PLrMCn3H4DZ_KgYtJbzLwi7qFg0.roa
File: PLrMCn3H4DZ_KgYtJbzLwi7qFg0.roa (raw, json)
Hash identifier: Pm2sAJpZ4v4xApXj/Fx6uLsUAaLxNMVdjBlNkWfMfGg=
Subject key identifier: 3C:BA:CC:0A:7D:C7:E0:36:7F:2A:06:2D:25:BC:CB:C2:2E:EA:16:0D
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 018CC6B8EB26C8A41DC005EF94AC7B9DB3DA
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/PLrMCn3H4DZ_KgYtJbzLwi7qFg0.roa
Signing time: Mon 01 Jan 2024 20:30:56 +0000
ROA not before: Mon 01 Jan 2024 20:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29657
IP address blocks: 89.107.254.0/24 maxlen: 24
109.232.206.0/24 maxlen: 24
109.232.207.0/24 maxlen: 24
89.107.252.0/24 maxlen: 24
89.107.250.0/24 maxlen: 24
89.107.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:48:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:eb:26:c8:a4:1d:c0:05:ef:94:ac:7b:9d:b3:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 20:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3cbacc0a7dc7e0367f2a062d25bccbc22eea160d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ce:87:27:49:19:27:22:a2:eb:5f:8d:cd:2f:
41:fa:81:f3:3d:7e:36:12:8f:30:29:9e:de:c8:ae:
e2:89:2d:10:28:a1:6f:67:0e:53:49:84:db:4d:07:
e5:41:60:cf:29:64:55:a8:8d:a0:bc:f5:b1:cc:9c:
4e:e3:a3:63:b6:09:25:c1:97:0e:ff:cd:eb:2d:b7:
0e:5d:5f:7a:0d:0f:9a:77:e1:0c:3c:b4:ca:8f:f8:
6a:b0:72:4a:ff:ec:a4:41:b5:fc:ab:4e:c7:34:cd:
93:2d:51:e0:08:79:f7:c0:d4:c5:09:fb:79:29:86:
59:56:f5:fb:16:de:96:29:98:1f:8f:b2:a2:24:e9:
0a:7d:5f:d1:6f:fc:65:1c:54:79:8d:2b:46:47:b4:
62:92:94:c2:38:3f:08:7c:54:31:d2:c2:9d:fd:2c:
ee:8b:20:6e:3c:36:ca:3d:e9:a8:d6:40:96:cc:a5:
97:f8:ad:70:2f:fa:7d:71:0b:f6:48:72:df:7a:54:
2d:13:05:29:d5:81:52:33:89:dd:92:7f:4c:6c:6d:
dd:98:8d:a8:85:14:3e:1c:6b:f7:55:e2:bc:f9:45:
b3:b5:bb:9a:f0:0f:1e:59:30:fe:b5:ce:3f:49:a5:
8d:ce:59:09:31:d9:ec:0e:6b:1d:02:d3:78:f4:18:
bd:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:BA:CC:0A:7D:C7:E0:36:7F:2A:06:2D:25:BC:CB:C2:2E:EA:16:0D
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/PLrMCn3H4DZ_KgYtJbzLwi7qFg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.250.0-89.107.252.255
89.107.254.0/24
109.232.206.0/23
Signature Algorithm: sha256WithRSAEncryption
b1:cb:9e:3e:38:f8:b4:bf:17:a6:60:ef:c9:f4:1e:f6:94:d2:
b5:db:ae:ce:55:94:43:17:ea:95:f3:fc:05:a1:f4:ec:29:2c:
22:b7:65:67:f0:ae:f9:22:dd:fc:5e:fb:b8:e0:52:2e:22:d5:
13:b7:90:bd:b0:80:39:af:bc:1e:61:4d:7c:b0:d1:07:fc:6f:
87:6d:b2:e0:2a:07:bd:d6:43:7b:c1:5f:1d:76:76:12:a0:e2:
c1:52:a8:ea:de:1b:fc:35:89:98:ef:cc:65:d7:26:32:3e:f7:
2a:ee:8b:58:e7:46:29:8f:42:98:60:52:ba:c9:cd:a8:55:d1:
d7:12:e0:ab:fb:29:9c:62:72:b0:a3:51:56:a2:f8:50:5b:0b:
b1:d5:4b:d7:d4:7f:44:84:ef:6a:6f:69:e8:5f:40:e0:5c:9b:
da:77:8a:f8:58:15:42:9a:40:83:df:ad:7a:97:8e:b1:bd:57:
cc:58:88:05:02:f9:e6:51:09:e5:3a:bd:de:5f:66:cc:ad:f9:
2b:64:a2:31:04:e2:ee:be:36:46:84:0e:cf:ad:4f:79:fb:9f:
44:e4:ae:4e:48:9c:74:09:d7:3f:d2:4a:54:84:46:b3:b0:56:
d4:20:f7:d0:3a:35:3f:c5:d6:01:4e:5f:52:53:57:31:ac:7b:
68:19:20:58
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGuOsmyKQdwAXvlKx7nbPaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjQwMTAxMjAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2JhY2MwYTdkYzdlMDM2N2YyYTA2MmQyNWJjY2JjMjJlZWExNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzM6HJ0kZJyKi61+NzS9B+oHzPX42
Eo8wKZ7eyK7iiS0QKKFvZw5TSYTbTQflQWDPKWRVqI2gvPWxzJxO46NjtgklwZcO
/83rLbcOXV96DQ+ad+EMPLTKj/hqsHJK/+ykQbX8q07HNM2TLVHgCHn3wNTFCft5
KYZZVvX7Ft6WKZgfj7KiJOkKfV/Rb/xlHFR5jStGR7RikpTCOD8IfFQx0sKd/Szu
iyBuPDbKPemo1kCWzKWX+K1wL/p9cQv2SHLfelQtEwUp1YFSM4ndkn9MbG3dmI2o
hRQ+HGv3VeK8+UWztbua8A8eWTD+tc4/SaWNzlkJMdnsDmsdAtN49Bi9zQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDy6zAp9x+A2fyoGLSW8y8Iu6hYNMB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvUExyTUNuM0g0RFpfS2dZdEpiekx3aTdxRmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2EtZWY3M2I3YjRjYTNj
LzEvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFZa/oD
BABZa/wDBABZa/4DBAFt6M4wDQYJKoZIhvcNAQELBQADggEBALHLnj44+LS/F6Zg
78n0HvaU0rXbrs5VlEMX6pXz/AWh9OwpLCK3ZWfwrvki3fxe+7jgUi4i1RO3kL2w
gDmvvB5hTXyw0Qf8b4dtsuAqB73WQ3vBXx12dhKg4sFSqOreG/w1iZjvzGXXJjI+
9yrui1jnRimPQphgUrrJzahV0dcS4Kv7KZxicrCjUVai+FBbC7HVS9fUf0SE72pv
aehfQOBcm9p3ivhYFUKaQIPfrXqXjrG9V8xYiAUC+eZRCeU6vd5fZsyt+StkojEE
4u6+NkaEDs+tT3n7n0Tkrk5InHQJ1z/SSlSERrOwVtQg99A6NT/F1gFOX1JTVzGs
e2gZIFg=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:20:36 2025 by rpki-client