Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Pa6Gu3j4DOBhmdMI4Z8W70FyD98.roa
File: Pa6Gu3j4DOBhmdMI4Z8W70FyD98.roa (raw, json)
Hash identifier: 4xbtIL7px5/TYDBO2iFOhgNG1apJ+tggGDnBK7wvK/M=
Subject key identifier: 3D:AE:86:BB:78:F8:0C:E0:61:99:D3:08:E1:9F:16:EF:41:72:0F:DF
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 01938C395DC40656FEE1D8AEA11A5AB7A069
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Pa6Gu3j4DOBhmdMI4Z8W70FyD98.roa
Signing time: Tue 03 Dec 2024 11:13:09 +0000
ROA not before: Tue 03 Dec 2024 11:13:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.23.85.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 16:44:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:39:5d:c4:06:56:fe:e1:d8:ae:a1:1a:5a:b7:a0:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Dec 3 11:13:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3dae86bb78f80ce06199d308e19f16ef41720fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:71:e0:a4:0a:57:f9:98:46:66:7e:3f:30:7c:
80:64:ed:de:42:65:06:c8:82:32:45:32:ad:b3:0d:
b0:e2:3a:85:9a:0b:5b:8f:8b:b2:76:56:ca:86:de:
2d:8c:c0:85:39:66:e7:b6:28:a6:7d:d9:e2:b5:28:
99:12:d1:e3:c9:ae:f0:e7:bd:34:aa:6f:96:2b:4d:
b4:fe:15:5f:f3:50:6a:4e:6c:31:bf:32:ba:d3:76:
a8:1e:b7:a7:7a:05:1a:9d:01:fb:1d:b2:fe:4b:08:
70:1e:5b:e7:4d:47:75:89:66:c0:1e:41:f4:04:be:
78:74:44:29:6f:26:89:57:7c:74:18:89:b9:74:57:
b7:46:a5:0e:71:09:f9:2f:48:bf:fb:b7:c8:9f:4e:
5d:0b:4a:c0:59:b0:cc:af:a5:a9:3f:62:06:b3:c8:
cc:e7:04:25:75:f4:e9:96:92:23:ee:6d:c1:0d:61:
2e:e9:85:9b:e3:b3:94:87:f8:bc:27:ca:13:5a:0e:
03:dc:bf:e6:2d:09:a2:02:ee:36:c8:de:44:36:cd:
3a:2c:6f:ad:58:a2:95:1b:18:82:17:29:1a:e7:aa:
f5:7b:ed:54:0d:43:d5:99:a3:6f:be:d2:7b:76:5d:
c0:3d:3f:01:09:ba:32:de:70:f8:5e:69:fc:16:56:
c2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:AE:86:BB:78:F8:0C:E0:61:99:D3:08:E1:9F:16:EF:41:72:0F:DF
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/Pa6Gu3j4DOBhmdMI4Z8W70FyD98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.85.0/24
Signature Algorithm: sha256WithRSAEncryption
0b:35:b4:5e:e1:c2:42:d1:0f:9a:98:a1:9d:08:f6:2b:b9:9b:
3b:bb:e6:46:0f:cb:0b:96:dd:45:2d:09:c2:fe:0e:13:ad:02:
61:1e:ab:d6:18:9c:fc:ab:27:41:ff:38:78:b3:4d:61:d8:53:
1e:74:0f:10:a5:13:db:13:24:16:c7:ce:b8:e4:5e:1e:60:f8:
c2:07:97:58:5d:b9:b0:dc:7b:ad:b6:f5:0e:3f:3d:27:67:be:
4d:d2:04:43:18:26:79:1e:92:68:28:2a:fc:d2:fc:4f:24:af:
4e:93:17:a3:4c:79:df:10:49:36:ee:93:5d:c6:9f:00:b9:cc:
13:db:fd:a9:7c:2f:98:ca:7c:7e:13:f0:66:f2:06:7b:3b:10:
7a:5b:2f:54:d5:d7:5c:b9:2c:8e:ab:d0:1d:17:1b:ac:f9:08:
b6:70:03:a7:b6:05:8e:e3:32:a5:f6:22:14:4f:9d:89:ff:81:
66:3d:04:b7:ed:bd:34:31:55:44:6b:1a:ff:45:39:f7:55:c3:
25:5b:00:39:d6:b0:b2:f8:7b:96:8f:8b:57:87:b1:4d:6b:88:
03:3b:67:d7:6f:9e:92:a9:94:78:37:25:96:9b:64:f4:9f:9c:
a7:a5:33:93:03:2a:6b:05:53:c8:7f:38:58:b0:e5:a3:fa:30:
04:8c:5b:b4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOMOV3EBlb+4diuoRpat6BpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjQxMjAzMTExMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZGFlODZiYjc4ZjgwY2UwNjE5OWQzMDhlMTlmMTZlZjQxNzIwZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3HgpApX+ZhGZn4/MHyAZO3eQmUG
yIIyRTKtsw2w4jqFmgtbj4uydlbKht4tjMCFOWbntiimfdnitSiZEtHjya7w5700
qm+WK020/hVf81BqTmwxvzK603aoHrenegUanQH7HbL+SwhwHlvnTUd1iWbAHkH0
BL54dEQpbyaJV3x0GIm5dFe3RqUOcQn5L0i/+7fIn05dC0rAWbDMr6WpP2IGs8jM
5wQldfTplpIj7m3BDWEu6YWb47OUh/i8J8oTWg4D3L/mLQmiAu42yN5ENs06LG+t
WKKVGxiCFyka56r1e+1UDUPVmaNvvtJ7dl3APT8BCboy3nD4Xmn8FlbCvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD2uhrt4+AzgYZnTCOGfFu9Bcg/fMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvUGE2R3UzajRET0JobWRNSTRaOFc3MEZ5RDk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdVMA0G
CSqGSIb3DQEBCwUAA4IBAQALNbRe4cJC0Q+amKGdCPYruZs7u+ZGD8sLlt1FLQnC
/g4TrQJhHqvWGJz8qydB/zh4s01h2FMedA8QpRPbEyQWx8645F4eYPjCB5dYXbmw
3HuttvUOPz0nZ75N0gRDGCZ5HpJoKCr80vxPJK9OkxejTHnfEEk27pNdxp8AucwT
2/2pfC+Yynx+E/Bm8gZ7OxB6Wy9U1ddcuSyOq9AdFxus+Qi2cAOntgWO4zKl9iIU
T52J/4FmPQS37b00MVVEaxr/RTn3VcMlWwA51rCy+HuWj4tXh7FNa4gDO2fXb56S
qZR4NyWWm2T0n5ynpTOTAyprBVPIfzhYsOWj+jAEjFu0
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:42:00 2025 by rpki-client