Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0gEndhm5oU4fYAwXMijr0EJ5qpw.roa
File: 0gEndhm5oU4fYAwXMijr0EJ5qpw.roa (raw, json)
Hash identifier: zs+iKFGKXERJkVqBe23UJDaA/NGzeDmArqOWFGlFRyg=
Subject key identifier: D2:01:27:76:19:B9:A1:4E:1F:60:0C:17:32:28:EB:D0:42:79:AA:9C
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0195845557603E9B96E5D2197EE67A8174E4
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0gEndhm5oU4fYAwXMijr0EJ5qpw.roa
Signing time: Tue 11 Mar 2025 08:32:20 +0000
ROA not before: Tue 11 Mar 2025 08:32:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 89.144.11.0/24 maxlen: 24
89.144.14.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
89.144.39.0/24 maxlen: 24
94.249.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 19 Mar 2025 05:06:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:84:55:57:60:3e:9b:96:e5:d2:19:7e:e6:7a:81:74:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Mar 11 08:32:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d201277619b9a14e1f600c173228ebd04279aa9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:06:64:be:69:f1:ab:31:47:a4:4a:23:a5:ed:
5e:db:c9:8b:68:5d:ed:47:89:c0:24:22:c4:05:ff:
50:7d:13:10:8c:8f:09:e7:11:61:e6:d3:56:af:fb:
de:28:c0:75:9f:ce:70:37:50:c9:cb:74:e3:f3:7d:
f3:b0:11:74:be:41:42:35:28:22:33:99:c5:9e:66:
f6:7c:f8:17:0e:f4:7b:01:ef:5c:d3:ea:7a:46:f3:
5d:7b:4f:0b:dc:a3:14:1b:e0:6c:4e:36:e9:10:9b:
fa:ee:bd:03:8c:09:db:3a:9f:25:1a:43:f0:33:e6:
db:af:62:ad:24:65:6e:af:bb:bb:a9:02:b3:1f:60:
6f:88:d4:1d:c5:f5:2f:e3:4c:44:14:67:83:8c:fb:
41:71:81:bd:09:85:30:94:d2:a0:ed:9b:2f:36:99:
22:c4:ef:1e:8f:b6:8d:66:25:8c:17:aa:4a:e2:ad:
75:69:d7:32:41:5a:19:dd:a2:cd:c3:73:b8:9d:72:
2e:d4:44:74:67:41:4c:86:c7:60:9b:72:04:d5:a2:
8b:e0:af:26:e1:f7:5f:3e:1c:92:8c:3f:68:b1:2b:
b3:55:8d:88:fa:a7:55:e0:fa:a3:2b:8c:ed:eb:5d:
bd:65:f1:de:ba:ef:93:4e:7e:df:fc:c8:37:64:e5:
7f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:01:27:76:19:B9:A1:4E:1F:60:0C:17:32:28:EB:D0:42:79:AA:9C
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/0gEndhm5oU4fYAwXMijr0EJ5qpw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.144.11.0/24
89.144.14.0/24
89.144.17.0-89.144.18.255
89.144.39.0/24
94.249.214.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:27:d7:8f:b5:48:51:a8:5d:bc:f5:e9:57:95:f7:a7:f7:ec:
ce:8e:02:35:eb:22:c8:38:37:7b:f1:4a:ab:1b:3b:1e:49:0c:
4d:df:83:48:31:a6:12:e8:35:38:48:7c:d9:cd:33:92:b0:8c:
fd:3b:dd:31:3c:cc:d9:d5:f5:bf:f0:1f:51:d5:32:12:f2:8b:
ee:3c:48:3d:56:e8:25:0b:54:d9:4a:1b:25:4f:61:d9:b3:2f:
d1:0b:21:ad:a1:43:42:e2:df:c6:aa:21:c1:50:c6:29:da:b3:
ec:a9:94:e6:b8:53:b3:e8:26:fa:bf:7d:12:7c:91:52:4f:23:
bb:3b:e4:51:46:89:0a:e6:b7:36:3c:16:fe:4b:e2:23:ea:f8:
45:59:04:b3:66:7a:bf:a1:c7:1c:33:10:3e:6f:3d:ed:68:9d:
f7:51:b6:f8:c4:b9:dd:0a:d8:61:ff:ec:65:0b:b6:1b:20:30:
a5:b8:04:66:11:69:f4:cd:f4:6b:a9:c9:27:27:ca:8b:57:81:
e1:f6:70:85:74:26:5a:ac:5e:8b:30:1d:c0:aa:67:33:03:fa:
a3:b6:e6:1e:86:e5:0c:6e:69:cc:b4:ec:52:fb:ed:7e:11:b9:
33:f2:87:10:b5:84:77:ec:1d:a6:04:86:22:be:8f:01:b7:9c:
1b:64:9e:58
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZWEVVdgPpuW5dIZfuZ6gXTkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwMzExMDgzMjIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjAxMjc3NjE5YjlhMTRlMWY2MDBjMTczMjI4ZWJkMDQyNzlhYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQZkvmnxqzFHpEojpe1e28mLaF3t
R4nAJCLEBf9QfRMQjI8J5xFh5tNWr/veKMB1n85wN1DJy3Tj833zsBF0vkFCNSgi
M5nFnmb2fPgXDvR7Ae9c0+p6RvNde08L3KMUG+BsTjbpEJv67r0DjAnbOp8lGkPw
M+bbr2KtJGVur7u7qQKzH2BviNQdxfUv40xEFGeDjPtBcYG9CYUwlNKg7ZsvNpki
xO8ej7aNZiWMF6pK4q11adcyQVoZ3aLNw3O4nXIu1ER0Z0FMhsdgm3IE1aKL4K8m
4fdfPhySjD9osSuzVY2I+qdV4PqjK4zt6129ZfHeuu+TTn7f/Mg3ZOV/uQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNIBJ3YZuaFOH2AMFzIo69BCeaqcMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMGdFbmRobTVvVTRmWUF3WE1panIwRUo1cXB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWZALAwQA
WZAOMAwDBABZkBEDBABZkBIDBABZkCcDBABe+dYwDQYJKoZIhvcNAQELBQADggEB
AA8n14+1SFGoXbz16VeV96f37M6OAjXrIsg4N3vxSqsbOx5JDE3fg0gxphLoNThI
fNnNM5KwjP073TE8zNnV9b/wH1HVMhLyi+48SD1W6CULVNlKGyVPYdmzL9ELIa2h
Q0Li38aqIcFQxinas+yplOa4U7PoJvq/fRJ8kVJPI7s75FFGiQrmtzY8Fv5L4iPq
+EVZBLNmer+hxxwzED5vPe1onfdRtvjEud0K2GH/7GULthsgMKW4BGYRafTN9Gup
yScnyotXgeH2cIV0JlqsXoswHcCqZzMD+qO25h6G5Qxuacy07FL77X4RuTPyhxC1
hHfsHaYEhiK+jwG3nBtknlg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:12:53 2025 by rpki-client