Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/C0bBMwEpg28NOzWRb_owBLnhweU.roa
File: C0bBMwEpg28NOzWRb_owBLnhweU.roa (raw, json)
Hash identifier: uu7u02ZLN+lRP1LEr9V+8aF98beKFQAq8EoaqGouQ3E=
Subject key identifier: 0B:46:C1:33:01:29:83:6F:0D:3B:35:91:6F:FA:30:04:B9:E1:C1:E5
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0193C07EE821022678F6E77232C4685AAE35
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/C0bBMwEpg28NOzWRb_owBLnhweU.roa
Signing time: Fri 13 Dec 2024 14:49:22 +0000
ROA not before: Fri 13 Dec 2024 14:49:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 89.31.122.0/24 maxlen: 24
185.122.186.0/24 maxlen: 24
185.195.67.0/24 maxlen: 24
188.214.35.0/24 maxlen: 24
2a03:f80:420::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c0:7e:e8:21:02:26:78:f6:e7:72:32:c4:68:5a:ae:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Dec 13 14:49:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b46c1330129836f0d3b35916ffa3004b9e1c1e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6d:b6:27:36:61:9b:29:9c:77:50:d1:53:21:
fb:bb:50:ea:f1:c5:35:f1:d9:47:19:39:fb:23:d9:
28:24:54:02:7a:ba:42:9a:2c:e0:d6:04:46:aa:38:
da:74:53:28:4e:64:22:84:3f:4c:68:e2:11:cc:b1:
a8:98:4d:d9:ef:92:70:7d:2c:a2:81:df:aa:39:6e:
1e:12:a6:bc:15:ee:4d:e7:10:2f:69:09:e5:aa:1e:
b9:10:ae:b9:37:b0:bf:36:f2:06:59:6b:37:dd:c2:
1d:c4:ff:12:38:26:88:d2:9b:7d:13:4e:f7:0c:df:
20:ed:ff:9c:6a:4b:f9:2a:40:ee:22:4e:08:9f:3a:
e9:ef:32:2c:14:9c:30:47:9e:24:7c:3e:e8:d9:59:
78:21:07:04:38:a7:5a:6d:62:c0:e8:d8:77:8c:49:
0f:25:d4:35:9e:06:9f:b0:a4:79:8d:7d:ea:6c:5e:
76:3c:f4:eb:b5:cc:6e:56:38:a5:3d:b7:9a:73:03:
1d:2a:1f:86:e8:71:28:5c:f7:33:ee:6e:26:5d:bc:
d4:06:82:a8:00:21:1d:12:1f:8c:1f:cc:42:5b:90:
8e:42:b0:99:75:b4:1a:57:5d:21:62:8b:49:75:9b:
12:a7:7a:bb:2d:77:33:02:7a:3d:38:48:f7:ea:9b:
08:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:46:C1:33:01:29:83:6F:0D:3B:35:91:6F:FA:30:04:B9:E1:C1:E5
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/C0bBMwEpg28NOzWRb_owBLnhweU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.122.0/24
185.122.186.0/24
185.195.67.0/24
188.214.35.0/24
IPv6:
2a03:f80:420::/48
Signature Algorithm: sha256WithRSAEncryption
aa:2c:12:6e:76:8b:65:97:2f:bf:02:fc:da:8d:51:f6:4f:b4:
21:11:f1:26:28:4c:46:5b:fb:73:f6:1e:a4:20:b2:8d:75:12:
32:5c:c8:b1:42:b0:24:1e:e5:0b:46:44:2a:25:eb:2b:c8:06:
6f:b0:5f:99:a9:d4:2d:52:f1:3e:4f:49:68:c3:71:1a:18:26:
25:95:26:38:40:07:7b:d2:66:02:20:cd:82:cc:2b:0c:02:87:
cb:1e:91:aa:48:df:73:dd:57:bd:04:1f:56:b9:6e:82:e7:bf:
67:8f:b6:c5:84:4a:41:4a:cd:73:1e:31:8b:d4:ac:a8:d4:bc:
5d:c3:b1:67:8e:79:1b:dc:59:38:7e:a8:4e:ba:b8:10:e7:2e:
f3:30:78:30:56:47:bf:84:e6:9c:18:37:4e:82:11:3e:34:76:
9c:65:27:36:36:d4:37:cb:86:04:e2:69:ec:49:f5:88:b3:96:
4c:ef:b4:ff:d9:ca:37:24:3c:12:a8:fe:2a:7f:d2:b1:b4:3c:
35:13:d1:f4:5a:6e:28:8e:a1:75:85:8f:53:f7:f7:25:6e:78:
83:e3:30:3c:6f:77:b1:3f:37:8d:97:6c:24:a3:86:ec:67:61:
e5:a0:a6:bf:f2:26:4c:66:fa:ba:6d:d1:b0:81:5c:9d:ce:f7:
3f:e0:b1:ba
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZPAfughAiZ49udyMsRoWq41MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMjEzMTQ0OTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjQ2YzEzMzAxMjk4MzZmMGQzYjM1OTE2ZmZhMzAwNGI5ZTFjMWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn222JzZhmymcd1DRUyH7u1Dq8cU1
8dlHGTn7I9koJFQCerpCmizg1gRGqjjadFMoTmQihD9MaOIRzLGomE3Z75JwfSyi
gd+qOW4eEqa8Fe5N5xAvaQnlqh65EK65N7C/NvIGWWs33cIdxP8SOCaI0pt9E073
DN8g7f+cakv5KkDuIk4Inzrp7zIsFJwwR54kfD7o2Vl4IQcEOKdabWLA6Nh3jEkP
JdQ1ngafsKR5jX3qbF52PPTrtcxuVjilPbeacwMdKh+G6HEoXPcz7m4mXbzUBoKo
ACEdEh+MH8xCW5COQrCZdbQaV10hYotJdZsSp3q7LXczAno9OEj36psIuQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAtGwTMBKYNvDTs1kW/6MAS54cHlMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvQzBiQk13RXBnMjhOT3pXUmJfb3dCTG5od2VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQAWR96AwQA
uXq6AwQAucNDAwQAvNYjMA8EAgACMAkDBwAqAw+ABCAwDQYJKoZIhvcNAQELBQAD
ggEBAKosEm52i2WXL78C/NqNUfZPtCER8SYoTEZb+3P2HqQgso11EjJcyLFCsCQe
5QtGRCol6yvIBm+wX5mp1C1S8T5PSWjDcRoYJiWVJjhAB3vSZgIgzYLMKwwCh8se
kapI33PdV70EH1a5boLnv2ePtsWESkFKzXMeMYvUrKjUvF3DsWeOeRvcWTh+qE66
uBDnLvMweDBWR7+E5pwYN06CET40dpxlJzY21DfLhgTiaexJ9YizlkzvtP/Zyjck
PBKo/ip/0rG0PDUT0fRabiiOoXWFj1P39yVueIPjMDxvd7E/N42XbCSjhuxnYeWg
pr/yJkxm+rpt0bCBXJ3O9z/gsbo=
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:55:17 2025 by rpki-client