Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/dBb2XyKhZMaOmh3RoStWDNJYDaA.roa
File: dBb2XyKhZMaOmh3RoStWDNJYDaA.roa (raw, json)
Hash identifier: 9zcVGwyvvbfGt0TrfMCT2TWC6TzW3Vsr63n1RR+3Llw=
Subject key identifier: 74:16:F6:5F:22:A1:64:C6:8E:9A:1D:D1:A1:2B:56:0C:D2:58:0D:A0
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 019548E8DC04E3D1870B3832C818C5A6AE2D
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/dBb2XyKhZMaOmh3RoStWDNJYDaA.roa
Signing time: Thu 27 Feb 2025 19:36:15 +0000
ROA not before: Thu 27 Feb 2025 19:36:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.251.24.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 01 Mar 2025 18:40:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:48:e8:dc:04:e3:d1:87:0b:38:32:c8:18:c5:a6:ae:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Feb 27 19:36:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7416f65f22a164c68e9a1dd1a12b560cd2580da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:0e:ef:9e:c4:dc:c3:9f:af:af:25:2f:36:c3:
2e:8f:93:fe:a0:4d:40:4e:62:bc:33:00:dc:2c:1d:
4f:c6:b4:2c:48:d7:76:1c:ba:8d:f8:87:81:68:9f:
28:3e:c4:79:59:55:a1:33:76:2f:67:6f:bf:17:c2:
5e:ad:58:62:02:08:2a:3a:4a:19:e8:5f:ab:5f:cb:
2c:b4:41:5a:ea:e9:f4:58:12:19:69:2b:23:bf:9d:
f4:92:88:85:c3:bf:93:2d:9e:81:9e:9a:fd:ac:58:
51:0a:ca:0a:69:cb:96:7f:88:7a:b9:68:48:53:df:
dc:4e:34:82:33:ec:13:3d:0e:8f:b6:f3:14:16:7a:
1a:0f:16:7e:96:64:a4:e2:59:fa:85:62:b8:4a:84:
9c:31:c7:d3:eb:99:b5:02:51:7e:10:e1:36:31:59:
fb:3c:b9:82:bb:05:5a:2f:25:6a:c4:be:ad:98:ff:
b5:87:3b:96:77:13:25:2c:1f:77:d7:ab:c9:af:ed:
6d:9a:cc:68:97:a3:3d:76:0b:44:26:65:42:2d:18:
a9:6f:69:26:a4:e2:c7:7c:0a:15:3f:f8:7b:36:5e:
e6:fa:5f:bd:2c:40:b5:90:f9:57:4e:e3:2d:12:ae:
b1:8e:ac:75:d0:86:ae:78:2f:c6:19:fb:7f:06:b2:
2e:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:16:F6:5F:22:A1:64:C6:8E:9A:1D:D1:A1:2B:56:0C:D2:58:0D:A0
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/dBb2XyKhZMaOmh3RoStWDNJYDaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.24.0/24
Signature Algorithm: sha256WithRSAEncryption
25:2a:c8:b9:83:9b:6b:9a:cb:1b:6c:57:f4:13:ae:29:dc:6c:
9f:3f:6a:e7:30:40:36:b7:fa:af:70:7d:f7:23:35:19:7c:02:
58:0b:47:48:f6:06:26:c2:a5:bc:0c:0a:c1:00:e8:8c:f5:cd:
41:c1:fe:44:85:4b:8e:44:61:01:c5:5f:f3:ef:6c:1e:33:89:
04:ec:5c:9a:7f:15:0c:fe:32:59:99:34:7e:98:57:a9:cd:51:
53:67:a7:b1:92:95:5f:d1:69:2a:cb:48:94:5a:30:08:2e:6e:
78:0c:ee:54:96:6c:86:1f:ae:3b:a8:5e:eb:37:d6:dc:5d:f8:
80:a1:1a:80:c3:df:3d:9f:82:46:59:40:95:b9:53:a3:24:ae:
2c:62:9d:5d:a8:4b:b0:76:ae:91:36:d8:e4:38:97:7b:47:cc:
22:75:75:9f:6d:93:46:81:a2:d6:d1:cd:ac:c2:c7:9d:b5:3d:
2c:85:87:ec:17:70:6e:ad:ff:c5:eb:63:22:04:df:d0:7f:c7:
83:f3:52:0c:3f:91:4b:2e:b9:de:33:7d:20:a4:0d:9d:b0:e7:
c6:31:02:3a:4a:f7:04:53:0c:52:e5:d8:3e:de:cf:c1:e2:03:
8b:db:64:f6:80:10:eb:d4:15:a7:be:93:68:af:ba:19:4f:3e:
09:96:75:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVI6NwE49GHCzgyyBjFpq4tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMjI3MTkzNjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDE2ZjY1ZjIyYTE2NGM2OGU5YTFkZDFhMTJiNTYwY2QyNTgwZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0Q7vnsTcw5+vryUvNsMuj5P+oE1A
TmK8MwDcLB1PxrQsSNd2HLqN+IeBaJ8oPsR5WVWhM3YvZ2+/F8JerVhiAggqOkoZ
6F+rX8sstEFa6un0WBIZaSsjv530koiFw7+TLZ6Bnpr9rFhRCsoKacuWf4h6uWhI
U9/cTjSCM+wTPQ6PtvMUFnoaDxZ+lmSk4ln6hWK4SoScMcfT65m1AlF+EOE2MVn7
PLmCuwVaLyVqxL6tmP+1hzuWdxMlLB9316vJr+1tmsxol6M9dgtEJmVCLRipb2km
pOLHfAoVP/h7Nl7m+l+9LEC1kPlXTuMtEq6xjqx10IaueC/GGft/BrIu+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHQW9l8ioWTGjpod0aErVgzSWA2gMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvZEJiMlh5S2haTWFPbWgzUm9TdFdETkpZRGFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsYMA0G
CSqGSIb3DQEBCwUAA4IBAQAlKsi5g5trmssbbFf0E64p3GyfP2rnMEA2t/qvcH33
IzUZfAJYC0dI9gYmwqW8DArBAOiM9c1Bwf5EhUuORGEBxV/z72weM4kE7FyafxUM
/jJZmTR+mFepzVFTZ6exkpVf0Wkqy0iUWjAILm54DO5UlmyGH647qF7rN9bcXfiA
oRqAw989n4JGWUCVuVOjJK4sYp1dqEuwdq6RNtjkOJd7R8widXWfbZNGgaLW0c2s
wsedtT0shYfsF3Burf/F62MiBN/Qf8eD81IMP5FLLrneM30gpA2dsOfGMQI6SvcE
UwxS5dg+3s/B4gOL22T2gBDr1BWnvpNor7oZTz4JlnUl
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:50:17 2025 by rpki-client