Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9_b_r8yUwYd4GGeZKd-c_UaSh-w.roa
File: 9_b_r8yUwYd4GGeZKd-c_UaSh-w.roa (raw, json)
Hash identifier: njPD/RrpUIDyoyt9tCP3WKv97I0fs0muUSblPZ88qqQ=
Subject key identifier: F7:F6:FF:AF:CC:94:C1:87:78:18:67:99:29:DF:9C:FD:46:92:87:EC
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94DFD13BC56E01B362CDFC7E387DB43
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9_b_r8yUwYd4GGeZKd-c_UaSh-w.roa
Signing time: Tue 02 Jan 2024 08:33:00 +0000
ROA not before: Tue 02 Jan 2024 08:33:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31017
IP address blocks: 86.104.128.0/22 maxlen: 22
89.43.136.0/22 maxlen: 22
2a05:b680:6::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:fd:13:bc:56:e0:1b:36:2c:df:c7:e3:87:db:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7f6ffafcc94c1877818679929df9cfd469287ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:2a:64:ee:d2:64:46:39:0b:76:7d:77:79:55:
8d:16:49:0f:ad:e2:14:1f:41:9b:50:5f:ee:bd:4e:
31:d4:65:6a:33:b4:c8:eb:b5:f6:c7:7c:bc:4f:06:
17:0c:1e:58:5b:6f:47:f2:fa:89:ca:80:cb:c8:95:
5d:9f:e0:da:64:7f:a2:4b:dc:4e:e6:a0:25:2d:1e:
a6:0c:e8:a3:e0:6d:05:89:66:1d:a9:f5:25:cb:c6:
ae:4d:db:d1:06:1f:23:80:8b:63:1d:44:e8:fd:b4:
62:8e:21:8f:84:dc:fe:2f:0f:79:ad:ba:f1:21:39:
cf:ed:1c:72:a9:b1:e7:3b:3e:10:20:48:77:b3:53:
ca:58:51:ff:1f:10:f4:bd:14:b2:2e:44:b7:9a:da:
0e:9e:ad:1f:59:72:fc:d9:8c:7c:d2:1f:b5:ae:96:
5c:63:ac:cd:55:41:74:77:fc:47:92:40:2d:69:e6:
57:d9:bd:0a:f9:fb:61:c4:78:5d:07:53:a4:d1:76:
ab:8d:c9:6e:20:1d:b5:5e:c5:a1:bf:59:55:28:8f:
3a:fb:5c:72:f3:21:4c:9e:62:5f:6c:5e:50:67:22:
ba:23:d4:98:d1:79:6f:90:31:e4:a6:83:97:13:4e:
f0:fb:76:ca:95:d2:65:3d:cd:e0:33:e7:6c:af:a1:
ad:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:F6:FF:AF:CC:94:C1:87:78:18:67:99:29:DF:9C:FD:46:92:87:EC
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/9_b_r8yUwYd4GGeZKd-c_UaSh-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.128.0/22
89.43.136.0/22
IPv6:
2a05:b680:6::/48
Signature Algorithm: sha256WithRSAEncryption
70:c0:79:5b:82:36:85:94:a9:91:d8:f8:1e:a6:0e:18:9d:2a:
0c:91:2d:2d:61:ad:9b:78:82:23:6b:c2:ad:65:8c:46:3a:e0:
f7:f6:13:f9:a7:14:4d:05:5a:31:3c:5b:4a:0d:da:99:1c:4d:
65:d1:3b:ab:65:6f:d6:fe:80:f5:75:1e:46:86:c2:74:c6:fe:
f7:77:72:61:cc:5c:ba:16:74:72:1e:5e:75:3d:bf:d9:d3:39:
7f:a8:55:cf:6e:fe:35:2d:d3:6c:69:58:a2:7c:45:ff:43:d7:
70:e8:f8:41:f7:9d:bd:2b:9f:ac:3a:be:c4:fa:3a:fa:2c:a6:
97:be:f2:88:a1:e4:a7:07:35:5b:ba:d5:51:74:ca:d1:c5:4f:
8c:e5:c4:63:2e:94:da:73:6e:11:0d:02:20:9d:02:2d:ad:6e:
c5:a2:f0:f0:a4:e7:25:7d:ae:29:20:ab:a1:b4:f0:11:72:64:
96:52:5f:01:b6:84:2c:12:f9:48:07:6b:dd:13:9f:de:f8:65:
a3:ac:93:22:25:2d:09:5c:2e:8c:75:7e:15:68:84:02:57:3d:
5b:d6:8d:73:40:46:89:30:4c:e0:ba:fc:15:a1:d4:24:3f:35:
f5:81:06:e7:f0:b6:22:73:40:bc:76:0f:16:d7:3b:9c:57:72:
ac:86:85:fd
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJTf0TvFbgGzYs38fjh9tDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2Y2ZmZhZmNjOTRjMTg3NzgxODY3OTkyOWRmOWNmZDQ2OTI4N2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjSpk7tJkRjkLdn13eVWNFkkPreIU
H0GbUF/uvU4x1GVqM7TI67X2x3y8TwYXDB5YW29H8vqJyoDLyJVdn+DaZH+iS9xO
5qAlLR6mDOij4G0FiWYdqfUly8auTdvRBh8jgItjHUTo/bRijiGPhNz+Lw95rbrx
ITnP7RxyqbHnOz4QIEh3s1PKWFH/HxD0vRSyLkS3mtoOnq0fWXL82Yx80h+1rpZc
Y6zNVUF0d/xHkkAtaeZX2b0K+fthxHhdB1Ok0XarjcluIB21XsWhv1lVKI86+1xy
8yFMnmJfbF5QZyK6I9SY0XlvkDHkpoOXE07w+3bKldJlPc3gM+dsr6GtjQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFPf2/6/MlMGHeBhnmSnfnP1GkofsMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvOV9iX3I4eVV3WWQ0R0dlWktkLWNfVWFTaC13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCVmiAAwQC
WSuIMA8EAgACMAkDBwAqBbaAAAYwDQYJKoZIhvcNAQELBQADggEBAHDAeVuCNoWU
qZHY+B6mDhidKgyRLS1hrZt4giNrwq1ljEY64Pf2E/mnFE0FWjE8W0oN2pkcTWXR
O6tlb9b+gPV1HkaGwnTG/vd3cmHMXLoWdHIeXnU9v9nTOX+oVc9u/jUt02xpWKJ8
Rf9D13Do+EH3nb0rn6w6vsT6Ovosppe+8oih5KcHNVu61VF0ytHFT4zlxGMulNpz
bhENAiCdAi2tbsWi8PCk5yV9rikgq6G08BFyZJZSXwG2hCwS+UgHa90Tn974ZaOs
kyIlLQlcLox1fhVohAJXPVvWjXNARokwTOC6/BWh1CQ/NfWBBufwtiJzQLx2DxbX
O5xXcqyGhf0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:05:36 2025 by rpki-client