Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/rwI3_S-Z_dvUhOu9g4bL-sKDoU0.roa
File: rwI3_S-Z_dvUhOu9g4bL-sKDoU0.roa (raw, json)
Hash identifier: 6ANx5SftsXPdsDl1+/vISE8FAlwLqxst4DqRuDFkROE=
Subject key identifier: AF:02:37:FD:2F:99:FD:DB:D4:84:EB:BD:83:86:CB:FA:C2:83:A1:4D
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0194206870F5930A34625AE8C2FA2F34EA0A
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/rwI3_S-Z_dvUhOu9g4bL-sKDoU0.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 89.23.79.0/24 maxlen: 24
89.23.80.0/24 maxlen: 24
89.23.81.0/24 maxlen: 24
89.23.87.0/24 maxlen: 24
89.23.92.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 Jan 2025 08:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:70:f5:93:0a:34:62:5a:e8:c2:fa:2f:34:ea:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af0237fd2f99fddbd484ebbd8386cbfac283a14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1c:07:5e:33:ce:bb:2f:4d:cc:7b:5a:b6:1c:
7e:a7:bd:e7:aa:12:5b:61:3c:ab:e5:51:62:d2:ec:
49:4b:3a:91:88:78:cb:53:ba:d6:29:f2:13:0e:78:
90:2d:47:24:58:bb:56:49:ab:d7:4e:91:9a:54:3b:
b7:32:29:30:2b:d6:32:58:8a:c5:0a:9c:9b:af:e1:
2e:57:ce:7a:d3:6f:6a:4a:ae:b8:53:e4:7c:70:80:
ff:96:95:9b:0f:41:8b:ee:fd:84:0e:e2:c8:1e:f9:
21:70:b1:58:5f:c2:7b:71:f4:5c:c6:19:c9:91:d3:
ee:0b:c9:1d:5e:91:50:3f:a8:a5:c8:a3:fb:95:07:
34:d7:fe:e6:7b:52:f0:a0:ce:40:c4:39:e6:71:91:
3d:24:3c:31:55:ef:e8:de:b1:6f:e5:da:ea:d8:be:
f8:24:b2:f1:a6:0e:bd:f2:b2:4d:30:de:63:b7:a1:
bd:0e:f0:60:1c:8b:4c:3d:83:6b:a6:53:f1:fd:a6:
80:2c:b1:bb:39:43:ea:bb:f8:aa:74:6d:96:19:11:
d1:96:3b:ac:89:31:60:5b:d1:86:ca:af:75:0a:27:
19:83:7c:24:8d:d3:77:31:8a:42:19:60:be:84:86:
04:73:24:0e:3a:08:ae:1a:81:f3:6e:e7:44:fb:5b:
4f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:02:37:FD:2F:99:FD:DB:D4:84:EB:BD:83:86:CB:FA:C2:83:A1:4D
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/rwI3_S-Z_dvUhOu9g4bL-sKDoU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.79.0-89.23.81.255
89.23.87.0/24
89.23.92.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:07:1d:3b:6a:0f:5e:58:46:50:45:cc:4a:aa:58:3f:86:22:
2d:f2:b0:0a:52:16:70:f0:d7:01:b2:6f:80:60:d1:58:62:ad:
41:2c:19:bf:3a:da:b2:d6:f9:ba:61:69:4a:7b:a4:32:0e:9e:
b7:21:80:bf:56:f0:7d:4a:f8:f6:e7:da:b5:12:83:2e:67:81:
3b:ea:c9:89:51:6a:d6:25:2a:5a:57:f1:97:46:97:03:64:0a:
72:3d:ec:c1:f2:df:0b:23:41:3c:8d:29:e9:dc:63:83:6f:0c:
7d:a2:17:04:59:ed:4d:c5:ec:58:9a:21:51:b4:02:c1:11:ef:
77:3a:e7:e1:65:d7:f4:a2:aa:7e:08:5e:c9:4d:3a:7a:08:ec:
93:79:54:96:fe:83:1d:c6:7d:41:0c:bc:d0:3d:42:94:82:a9:
d7:29:00:5c:7e:6e:d1:e3:5f:9f:c8:c3:e1:58:a1:b6:da:e6:
9c:b4:b2:cb:37:60:23:92:5a:41:d6:a4:15:6c:87:c6:51:0c:
a1:64:69:7f:bc:06:c9:72:55:79:b9:88:43:03:de:6e:60:c5:
ec:96:f1:d5:b4:76:6a:f2:bc:dc:48:3c:81:33:3c:6b:aa:64:
ea:63:c7:e5:35:88:6f:5b:aa:27:de:9b:43:93:38:7e:fd:d9:
0d:c7:b5:1a
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQgaHD1kwo0YlrowvovNOoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjAyMzdmZDJmOTlmZGRiZDQ4NGViYmQ4Mzg2Y2JmYWMyODNhMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhwHXjPOuy9NzHtathx+p73nqhJb
YTyr5VFi0uxJSzqRiHjLU7rWKfITDniQLUckWLtWSavXTpGaVDu3MikwK9YyWIrF
Cpybr+EuV856029qSq64U+R8cID/lpWbD0GL7v2EDuLIHvkhcLFYX8J7cfRcxhnJ
kdPuC8kdXpFQP6ilyKP7lQc01/7me1LwoM5AxDnmcZE9JDwxVe/o3rFv5drq2L74
JLLxpg698rJNMN5jt6G9DvBgHItMPYNrplPx/aaALLG7OUPqu/iqdG2WGRHRljus
iTFgW9GGyq91CicZg3wkjdN3MYpCGWC+hIYEcyQOOgiuGoHzbudE+1tPcwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFK8CN/0vmf3b1ITrvYOGy/rCg6FNMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvcndJM19TLVpfZHZVaE91OWc0Ykwtc0tEb1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZF08D
BAFZF1ADBABZF1cDBABZF1wwDQYJKoZIhvcNAQELBQADggEBADwHHTtqD15YRlBF
zEqqWD+GIi3ysApSFnDw1wGyb4Bg0VhirUEsGb862rLW+bphaUp7pDIOnrchgL9W
8H1K+Pbn2rUSgy5ngTvqyYlRatYlKlpX8ZdGlwNkCnI97MHy3wsjQTyNKencY4Nv
DH2iFwRZ7U3F7FiaIVG0AsER73c65+Fl1/Siqn4IXslNOnoI7JN5VJb+gx3GfUEM
vNA9QpSCqdcpAFx+btHjX5/Iw+FYobba5py0sss3YCOSWkHWpBVsh8ZRDKFkaX+8
BslyVXm5iEMD3m5gxeyW8dW0dmryvNxIPIEzPGuqZOpjx+U1iG9bqifem0OTOH79
2Q3HtRo=
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:50:14 2025 by rpki-client