Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/cnRgUtmOR8EVsuuuM6YRYbygeq4.roa
File: cnRgUtmOR8EVsuuuM6YRYbygeq4.roa (raw, json)
Hash identifier: cfTe3t+xWTH/dn4tFzYaEhdVH/On5a4ntrY+vytUoL8=
Subject key identifier: 72:74:60:52:D9:8E:47:C1:15:B2:EB:AE:33:A6:11:61:BC:A0:7A:AE
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0194A6EEAAC7A7C41D31966E9F1EAF789DCB
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/cnRgUtmOR8EVsuuuM6YRYbygeq4.roa
Signing time: Mon 27 Jan 2025 08:44:06 +0000
ROA not before: Mon 27 Jan 2025 08:44:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.23.79.0/24 maxlen: 24
178.254.168.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 18:49:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:a6:ee:aa:c7:a7:c4:1d:31:96:6e:9f:1e:af:78:9d:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 27 08:44:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=72746052d98e47c115b2ebae33a61161bca07aae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:5d:cf:c8:91:09:76:cb:48:30:8c:7c:e3:1f:
60:a6:c5:4a:73:8d:01:0b:be:58:01:35:09:72:75:
e2:27:06:68:07:18:67:3f:fd:c9:98:0f:df:3f:bb:
47:f7:bb:55:a3:cc:0f:0d:ab:c9:41:0d:4f:6d:55:
e6:1c:c6:45:0e:80:03:04:05:3f:05:a6:b4:2b:ca:
d5:3f:cc:39:f5:06:36:50:6b:37:d7:4f:d0:76:9f:
e5:83:81:ca:d6:a1:f0:ca:83:57:60:23:6a:3a:0e:
6b:89:05:91:3b:6f:29:84:80:ee:6a:d3:80:27:94:
41:d1:47:62:32:23:f3:48:58:c2:d5:5a:df:d8:00:
31:11:81:5e:f9:dd:cf:17:dd:8a:4d:10:8b:32:00:
88:32:a6:d6:64:88:33:48:32:4b:7e:62:a7:e7:d3:
b1:37:5c:5e:72:eb:39:cc:c0:a6:07:2c:4a:be:98:
7d:b6:dd:ce:e7:b7:ed:53:bb:50:4e:59:74:eb:ab:
6a:10:3a:85:54:cc:43:30:7c:e1:fd:04:8c:c1:54:
6d:1a:ff:12:ad:b3:04:2c:19:41:d0:86:b9:eb:42:
06:dc:0a:87:19:f6:4b:c9:7c:c7:28:b6:64:38:8c:
e2:ad:cd:29:17:b7:63:1a:ac:83:0a:f6:2a:24:ae:
bd:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:74:60:52:D9:8E:47:C1:15:B2:EB:AE:33:A6:11:61:BC:A0:7A:AE
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/cnRgUtmOR8EVsuuuM6YRYbygeq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.79.0/24
178.254.168.0/24
Signature Algorithm: sha256WithRSAEncryption
73:39:48:b5:33:4c:6d:de:d9:4c:ac:50:07:57:40:60:68:3e:
dd:c4:ec:78:b4:9d:cb:3d:7c:95:75:9e:23:2c:d8:52:a7:60:
3f:06:86:fc:ca:d1:cb:2b:c3:a3:ed:9e:7a:9f:40:47:12:c0:
5e:62:f6:9d:b5:4a:08:69:31:44:b7:b5:6d:68:0a:3e:bc:cc:
1c:de:e6:8e:db:a5:51:b5:2d:84:71:39:28:2c:8c:9e:ee:e6:
b9:d7:30:8b:93:4e:e6:5e:0e:4c:30:3b:5f:12:99:d8:9e:11:
3a:4f:95:74:6a:58:f8:91:96:89:ed:ac:29:21:93:d4:28:6d:
53:a0:32:1e:a8:27:8e:0c:91:85:b5:cb:ce:ba:3a:bb:c7:be:
67:70:05:ad:ec:ab:33:47:23:ce:a7:3c:a5:79:b4:a2:13:8c:
62:ac:8e:bc:3c:50:44:3d:50:7f:a9:55:d6:13:bc:19:94:9c:
83:9b:15:f2:59:d7:bd:09:19:11:11:c4:40:0c:20:48:13:af:
2d:52:60:c0:df:dc:2c:ca:0e:4d:e5:d2:f7:6b:33:c8:0d:02:
0d:91:79:7b:ae:71:0d:32:ab:34:70:6e:55:7f:26:51:d2:40:
f9:df:e7:b2:4b:78:4b:a7:4b:a0:e1:69:f5:20:de:85:e1:51:
42:d0:44:df
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSm7qrHp8QdMZZunx6veJ3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTI3MDg0NDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mjc0NjA1MmQ5OGU0N2MxMTViMmViYWUzM2E2MTE2MWJjYTA3YWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwF3PyJEJdstIMIx84x9gpsVKc40B
C75YATUJcnXiJwZoBxhnP/3JmA/fP7tH97tVo8wPDavJQQ1PbVXmHMZFDoADBAU/
Baa0K8rVP8w59QY2UGs310/Qdp/lg4HK1qHwyoNXYCNqOg5riQWRO28phIDuatOA
J5RB0UdiMiPzSFjC1Vrf2AAxEYFe+d3PF92KTRCLMgCIMqbWZIgzSDJLfmKn59Ox
N1xecus5zMCmByxKvph9tt3O57ftU7tQTll066tqEDqFVMxDMHzh/QSMwVRtGv8S
rbMELBlB0Ia560IG3AqHGfZLyXzHKLZkOIzirc0pF7djGqyDCvYqJK69EwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHJ0YFLZjkfBFbLrrjOmEWG8oHquMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvY25SZ1V0bU9SOEVWc3V1dU02WVJZYnlnZXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRdPAwQA
sv6oMA0GCSqGSIb3DQEBCwUAA4IBAQBzOUi1M0xt3tlMrFAHV0BgaD7dxOx4tJ3L
PXyVdZ4jLNhSp2A/Bob8ytHLK8Oj7Z56n0BHEsBeYvadtUoIaTFEt7VtaAo+vMwc
3uaO26VRtS2EcTkoLIye7ua51zCLk07mXg5MMDtfEpnYnhE6T5V0alj4kZaJ7awp
IZPUKG1ToDIeqCeODJGFtcvOujq7x75ncAWt7KszRyPOpzylebSiE4xirI68PFBE
PVB/qVXWE7wZlJyDmxXyWde9CRkREcRADCBIE68tUmDA39wsyg5N5dL3azPIDQIN
kXl7rnENMqs0cG5VfyZR0kD53+eyS3hLp0ug4Wn1IN6F4VFC0ETf
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:50:16 2025 by rpki-client