Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/rYFL_p4yDkcqiSfAnDeGzKaCqQ8.roa
File: rYFL_p4yDkcqiSfAnDeGzKaCqQ8.roa (raw, json)
Hash identifier: jT6da3psj4zOLcBy69IGN6FaAZulVMyHDlJ1ErBnWUE=
Subject key identifier: AD:81:4B:FE:9E:32:0E:47:2A:89:27:C0:9C:37:86:CC:A6:82:A9:0F
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0191FAA73900CE55D75EDE8B2EDD8164CC07
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/rYFL_p4yDkcqiSfAnDeGzKaCqQ8.roa
Signing time: Mon 16 Sep 2024 11:45:48 +0000
ROA not before: Mon 16 Sep 2024 11:45:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61102
IP address blocks: 89.46.239.0/24 maxlen: 24
2a03:f80:972::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:50:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:fa:a7:39:00:ce:55:d7:5e:de:8b:2e:dd:81:64:cc:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 16 11:45:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad814bfe9e320e472a8927c09c3786cca682a90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6a:d9:d3:aa:10:95:f0:a4:5f:99:d5:2b:31:
0e:21:8a:a2:ad:b8:14:45:9b:6d:e9:6c:7f:50:28:
05:bc:91:9b:b7:42:1b:54:62:17:ad:f2:b4:f6:ce:
50:87:27:1f:3b:fe:d6:3c:62:7b:24:68:4c:a5:bf:
a2:8a:53:50:30:e6:09:a0:ad:c8:34:70:f4:61:8c:
fc:ca:89:65:ff:4f:e2:d6:5b:d0:07:84:e6:6d:71:
4e:77:bf:87:7c:62:68:16:4d:9c:39:43:62:a6:8d:
a4:a3:ae:88:52:80:00:24:9e:f9:ca:99:bd:28:9c:
dc:48:0d:5c:0a:e7:9f:85:c2:20:c7:5d:2a:1b:91:
df:5d:ab:d7:b9:0e:55:b1:86:3e:e0:07:47:2e:3e:
68:38:2a:a7:bf:0c:b8:f1:7a:ec:10:19:fe:3d:b9:
fe:1a:6a:ac:42:89:47:1d:0b:ea:cf:1b:ef:91:ee:
48:c2:f5:81:64:98:ad:7e:8f:59:cd:73:31:63:8d:
74:73:1b:66:fb:16:dd:e0:13:1f:48:9c:0c:94:cb:
10:ca:d3:1f:7d:3c:d3:1d:e8:5f:ca:3e:9e:a2:f8:
df:a2:69:fb:59:9a:4f:f4:e7:f7:a4:fd:ed:36:81:
5d:73:9c:31:3f:47:52:0d:e1:d6:96:7e:f3:49:1c:
64:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:81:4B:FE:9E:32:0E:47:2A:89:27:C0:9C:37:86:CC:A6:82:A9:0F
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/rYFL_p4yDkcqiSfAnDeGzKaCqQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.239.0/24
IPv6:
2a03:f80:972::/48
Signature Algorithm: sha256WithRSAEncryption
95:8d:59:67:e5:41:d0:93:d5:39:5f:aa:41:1e:c5:df:62:3f:
b8:38:83:d3:2e:78:7d:09:66:ea:71:08:13:3d:7a:d9:7a:c2:
be:ff:b6:19:79:76:b3:c2:39:7a:31:8b:e5:75:77:67:8a:62:
82:90:91:d1:56:13:b2:64:15:55:e6:fb:29:fe:b0:3e:17:11:
c2:c4:47:9e:60:da:85:f1:8f:7e:5d:a8:63:5a:0b:d0:01:a3:
0b:c7:df:c4:82:ad:90:fc:20:35:a9:b3:33:a5:28:69:e1:60:
13:f0:22:13:9e:40:b3:a0:20:2a:48:f7:ff:cf:70:24:46:91:
61:91:17:53:1c:10:3e:70:9b:7e:55:e1:54:27:4e:43:85:db:
d2:f6:79:48:c9:7d:d5:de:10:cc:c5:53:cb:ab:3d:9f:04:99:
d4:eb:6f:f9:0b:5d:39:2e:1d:1f:d6:35:34:58:29:92:ae:42:
af:13:6c:e2:c8:9e:4a:d3:98:77:cf:b2:ae:2b:36:31:3d:b3:
d9:9c:6d:b5:ac:24:72:0d:4c:c8:61:e3:8c:44:8b:04:8f:ad:
19:0e:1b:ec:4f:76:f0:bb:1f:4d:f1:4a:af:24:a3:c1:31:57:
21:29:a6:80:0d:ab:19:e1:11:f7:1a:2b:8f:81:51:d5:b2:cb:
f9:52:ce:f0
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZH6pzkAzlXXXt6LLt2BZMwHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwOTE2MTE0NTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDgxNGJmZTllMzIwZTQ3MmE4OTI3YzA5YzM3ODZjY2E2ODJhOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumrZ06oQlfCkX5nVKzEOIYqirbgU
RZtt6Wx/UCgFvJGbt0IbVGIXrfK09s5QhycfO/7WPGJ7JGhMpb+iilNQMOYJoK3I
NHD0YYz8yoll/0/i1lvQB4TmbXFOd7+HfGJoFk2cOUNipo2ko66IUoAAJJ75ypm9
KJzcSA1cCuefhcIgx10qG5HfXavXuQ5VsYY+4AdHLj5oOCqnvwy48XrsEBn+Pbn+
GmqsQolHHQvqzxvvke5IwvWBZJitfo9ZzXMxY410cxtm+xbd4BMfSJwMlMsQytMf
fTzTHehfyj6eovjfomn7WZpP9Of3pP3tNoFdc5wxP0dSDeHWln7zSRxkFQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFK2BS/6eMg5HKoknwJw3hsymgqkPMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvcllGTF9wNHlEa2NxaVNmQW5EZUd6S2FDcVE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWS7vMA8E
AgACMAkDBwAqAw+ACXIwDQYJKoZIhvcNAQELBQADggEBAJWNWWflQdCT1TlfqkEe
xd9iP7g4g9MueH0JZupxCBM9etl6wr7/thl5drPCOXoxi+V1d2eKYoKQkdFWE7Jk
FVXm+yn+sD4XEcLER55g2oXxj35dqGNaC9ABowvH38SCrZD8IDWpszOlKGnhYBPw
IhOeQLOgICpI9//PcCRGkWGRF1McED5wm35V4VQnTkOF29L2eUjJfdXeEMzFU8ur
PZ8EmdTrb/kLXTkuHR/WNTRYKZKuQq8TbOLInkrTmHfPsq4rNjE9s9mcbbWsJHIN
TMhh44xEiwSPrRkOG+xPdvC7H03xSq8ko8ExVyEppoANqxnhEfcaK4+BUdWyy/lS
zvA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:55:48 2025 by rpki-client