Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Hc2JXlu_-tA5p-ImkeLPBP77u1I.roa
File: Hc2JXlu_-tA5p-ImkeLPBP77u1I.roa (raw, json)
Hash identifier: iJnNcLG+UsucKeYTqIJJlXdmpkBm+dz2aj+5d15V320=
Subject key identifier: 1D:CD:89:5E:5B:BF:FA:D0:39:A7:E2:26:91:E2:CF:04:FE:FB:BB:52
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CEA43306777A6A44D88754A2C5A48BBE1
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Hc2JXlu_-tA5p-ImkeLPBP77u1I.roa
Signing time: Mon 08 Jan 2024 18:08:40 +0000
ROA not before: Mon 08 Jan 2024 18:08:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58022
IP address blocks: 89.40.22.0/23 maxlen: 23
89.40.25.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 07:48:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ea:43:30:67:77:a6:a4:4d:88:75:4a:2c:5a:48:bb:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 8 18:08:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dcd895e5bbffad039a7e22691e2cf04fefbbb52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:20:ec:1c:39:24:d2:80:58:cf:c9:88:06:9a:
ee:46:f6:41:4f:19:5a:87:67:e0:67:e1:3a:ba:e0:
21:b2:6a:dd:89:70:7f:5a:c5:52:9f:5b:89:25:26:
da:3f:ce:3e:31:3b:29:c3:61:07:8c:de:4a:97:52:
b8:20:41:b9:44:f6:b4:ee:46:14:ab:45:2b:d4:48:
5d:a0:4a:fe:53:76:d2:2c:60:4d:18:b7:31:85:da:
cd:65:49:fd:03:71:68:60:a6:77:84:bf:ed:a9:59:
d7:3e:8f:b3:52:df:89:5d:a9:96:80:e9:f6:dd:2e:
4c:09:ca:df:a6:74:a1:72:1d:15:9d:51:dd:6a:b6:
bf:1e:39:66:f0:32:1b:df:13:91:24:d5:35:91:27:
b5:4a:90:94:68:10:96:d1:28:4f:fe:cc:aa:2f:38:
d8:9a:a6:7a:f9:06:60:97:92:c9:7b:4a:c7:f6:07:
26:c7:13:b7:29:ce:55:fa:03:15:69:24:c8:ed:63:
5e:19:72:34:d8:21:46:e6:51:d5:2e:5c:a0:a0:64:
4d:51:37:5e:9c:c3:c8:e1:5e:1c:a8:ac:78:e4:22:
a6:21:d7:60:8e:8f:77:82:b4:6f:8e:b8:ce:7f:e6:
79:b9:7d:4b:38:ff:1d:cd:25:cf:a0:92:59:2e:6c:
22:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:CD:89:5E:5B:BF:FA:D0:39:A7:E2:26:91:E2:CF:04:FE:FB:BB:52
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/Hc2JXlu_-tA5p-ImkeLPBP77u1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.22.0/23
89.40.25.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:6b:7f:5a:17:1c:5d:3b:1a:33:10:e6:83:9d:0d:de:ed:bf:
44:4b:ae:3d:c4:88:24:bb:bb:dd:df:9d:aa:a8:40:c1:cf:d0:
ed:f3:e0:bf:d3:2e:63:be:9a:fe:64:4b:01:08:f1:f6:82:be:
ad:30:a9:58:cb:0c:e8:1c:ca:13:41:ca:0f:4f:1c:fe:d0:77:
30:59:ae:13:55:93:19:fc:57:88:f8:4f:b4:04:75:ab:91:e8:
38:75:be:16:df:89:f9:a2:fa:83:24:8a:01:8d:f8:8d:2d:97:
09:e0:b7:f2:1a:24:3c:33:e2:f6:06:59:10:40:8c:4b:e3:81:
32:38:f7:ec:c3:4f:eb:de:58:c0:89:3a:c1:e4:2a:df:e8:5b:
56:5d:01:7c:a2:6d:86:b3:c2:46:c3:79:be:ad:84:9d:ac:71:
b0:b6:48:0a:1b:96:92:b6:d4:8c:22:84:7a:01:6c:32:bb:cc:
d1:08:e6:22:98:33:8c:90:f4:37:c7:cb:75:f5:38:3c:f4:4f:
d4:03:f6:c5:e6:76:03:11:f6:96:76:ae:47:ef:b4:e5:8b:a5:
85:f5:1e:00:10:6d:ad:cd:c2:44:2c:a1:76:3d:a8:92:ee:c3:
57:88:25:f7:a7:e5:50:6a:cc:b1:56:ba:00:b8:d7:21:23:4d:
42:4c:f9:a3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzqQzBnd6akTYh1SixaSLvhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTA4MTgwODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGNkODk1ZTViYmZmYWQwMzlhN2UyMjY5MWUyY2YwNGZlZmJiYjUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyDsHDkk0oBYz8mIBpruRvZBTxla
h2fgZ+E6uuAhsmrdiXB/WsVSn1uJJSbaP84+MTspw2EHjN5Kl1K4IEG5RPa07kYU
q0Ur1EhdoEr+U3bSLGBNGLcxhdrNZUn9A3FoYKZ3hL/tqVnXPo+zUt+JXamWgOn2
3S5MCcrfpnShch0VnVHdara/Hjlm8DIb3xORJNU1kSe1SpCUaBCW0ShP/syqLzjY
mqZ6+QZgl5LJe0rH9gcmxxO3Kc5V+gMVaSTI7WNeGXI02CFG5lHVLlygoGRNUTde
nMPI4V4cqKx45CKmIddgjo93grRvjrjOf+Z5uX1LOP8dzSXPoJJZLmwiIQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3NiV5bv/rQOafiJpHizwT++7tSMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvSGMySlhsdV8tdEE1cC1JbWtlTFBCUDc3dTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWSgWAwQA
WSgZMA0GCSqGSIb3DQEBCwUAA4IBAQC4a39aFxxdOxozEOaDnQ3e7b9ES649xIgk
u7vd352qqEDBz9Dt8+C/0y5jvpr+ZEsBCPH2gr6tMKlYywzoHMoTQcoPTxz+0Hcw
Wa4TVZMZ/FeI+E+0BHWrkeg4db4W34n5ovqDJIoBjfiNLZcJ4LfyGiQ8M+L2BlkQ
QIxL44EyOPfsw0/r3ljAiTrB5Crf6FtWXQF8om2Gs8JGw3m+rYSdrHGwtkgKG5aS
ttSMIoR6AWwyu8zRCOYimDOMkPQ3x8t19Tg89E/UA/bF5nYDEfaWdq5H77Tli6WF
9R4AEG2tzcJELKF2PaiS7sNXiCX3p+VQasyxVroAuNchI01CTPmj
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:20:45 2025 by rpki-client