Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/1BkEx8ttpFh1faEf4JkHM_hbcgo.roa
File: 1BkEx8ttpFh1faEf4JkHM_hbcgo.roa (raw, json)
Hash identifier: 7qJUqah62FYyZY+tz86GyZUvZGjQcxGImXNai9f2ua8=
Subject key identifier: D4:19:04:C7:CB:6D:A4:58:75:7D:A1:1F:E0:99:07:33:F8:5B:72:0A
Certificate issuer: /CN=2eebb691b24f2879253e3a6a45e0b5c52673b09d
Certificate serial: 019427485E12FD18290F971B83B7C67088D5
Authority key identifier: 2E:EB:B6:91:B2:4F:28:79:25:3E:3A:6A:45:E0:B5:C5:26:73:B0:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Luu2kbJPKHklPjpqReC1xSZzsJ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/1BkEx8ttpFh1faEf4JkHM_hbcgo.roa
Signing time: Thu 02 Jan 2025 13:50:41 +0000
ROA not before: Thu 02 Jan 2025 13:50:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43260
IP address blocks: 89.19.220.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 06 Jan 2025 08:42:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:5e:12:fd:18:29:0f:97:1b:83:b7:c6:70:88:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2eebb691b24f2879253e3a6a45e0b5c52673b09d
Validity
Not Before: Jan 2 13:50:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d41904c7cb6da458757da11fe0990733f85b720a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:91:71:57:c4:ec:9c:f5:4e:db:1c:56:dd:da:
35:2d:97:58:80:81:75:b0:fa:87:ed:92:62:86:33:
06:c9:50:53:3f:5c:73:ea:1b:7a:a3:93:39:01:fb:
da:42:15:28:24:b7:43:a5:a3:f8:d4:40:b1:ba:9e:
c8:eb:bf:18:35:89:42:63:7c:2b:51:ff:19:86:02:
a8:f2:c7:9b:02:25:30:f7:78:c6:72:f1:19:63:9b:
2a:cf:34:a5:c3:70:7f:3e:2e:2b:b9:d7:35:29:21:
31:c7:a2:1e:e8:f0:03:ab:03:9a:a7:68:76:f5:e3:
64:36:98:b0:c0:38:d2:92:2b:b1:34:14:d3:3d:5b:
28:4b:d5:97:b3:f2:7e:6c:2f:e0:f0:5e:ae:08:03:
28:b9:5e:8d:49:62:95:d0:9b:10:0d:f7:70:83:34:
04:13:df:e6:4f:ce:d9:c9:40:af:4c:ce:c7:a7:8d:
df:85:5d:4c:7a:7c:fd:67:58:f3:81:e8:e8:07:52:
86:e7:93:24:62:4d:a7:46:fa:88:03:ad:c1:3f:ca:
41:bd:0e:ed:2d:18:55:ef:da:70:db:fa:4c:2b:81:
ed:08:64:bd:33:c8:78:64:3c:58:02:56:4a:90:42:
f8:66:23:b6:0f:c1:cd:e6:fd:ba:ef:c8:3d:e3:13:
ab:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:19:04:C7:CB:6D:A4:58:75:7D:A1:1F:E0:99:07:33:F8:5B:72:0A
X509v3 Authority Key Identifier:
keyid:2E:EB:B6:91:B2:4F:28:79:25:3E:3A:6A:45:E0:B5:C5:26:73:B0:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Luu2kbJPKHklPjpqReC1xSZzsJ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/1BkEx8ttpFh1faEf4JkHM_hbcgo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/130d95-5641-4ada-80c0-da3e1192cdf6/1/Luu2kbJPKHklPjpqReC1xSZzsJ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.19.220.0/22
Signature Algorithm: sha256WithRSAEncryption
60:34:bd:8c:a5:73:b5:e9:dd:c5:27:f3:05:90:b9:b4:2f:97:
cf:04:f6:83:1a:03:d0:d6:bb:3b:10:3f:37:ce:bb:0e:9f:68:
5f:77:fd:a3:12:57:31:c4:1a:f6:bc:ba:ad:a4:79:32:14:81:
59:dd:0b:5b:76:5b:58:76:da:98:6a:43:5a:9e:6d:c9:77:5b:
ea:2d:ee:b5:57:0c:c0:d9:fc:7b:d5:25:c7:2e:e2:35:c6:5f:
95:e3:13:20:f4:a2:46:dc:d5:56:1e:4e:ee:04:ef:13:b1:92:
6c:b5:83:d8:87:3f:93:d3:13:da:b0:04:e1:71:f3:76:cd:29:
42:25:28:74:6e:db:da:24:bf:e5:cc:91:d6:d0:b7:dc:bc:cb:
4d:4b:9e:c4:d6:fb:e5:7e:2e:ce:43:90:33:54:b7:07:a3:2e:
6c:86:73:1d:18:02:96:17:cb:09:0a:68:bf:25:65:b2:49:6c:
7d:74:4a:64:c7:d2:68:aa:bb:31:ae:9b:06:cd:cc:14:48:1c:
3f:56:64:83:f1:4c:8d:c2:b9:ad:18:95:28:ad:c3:ca:67:eb:
56:2e:11:4a:1d:42:8c:c5:1a:66:38:cb:a7:b2:74:58:a1:d3:
b7:56:09:65:b9:49:6f:ae:b3:f8:4c:ae:56:c8:36:ac:41:85:
59:6e:d4:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSF4S/RgpD5cbg7fGcIjVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlZWJiNjkxYjI0ZjI4NzkyNTNlM2E2YTQ1ZTBiNWM1MjY3
M2IwOWQwHhcNMjUwMTAyMTM1MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDE5MDRjN2NiNmRhNDU4NzU3ZGExMWZlMDk5MDczM2Y4NWI3MjBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu5FxV8TsnPVO2xxW3do1LZdYgIF1
sPqH7ZJihjMGyVBTP1xz6ht6o5M5AfvaQhUoJLdDpaP41ECxup7I678YNYlCY3wr
Uf8ZhgKo8sebAiUw93jGcvEZY5sqzzSlw3B/Pi4rudc1KSExx6Ie6PADqwOap2h2
9eNkNpiwwDjSkiuxNBTTPVsoS9WXs/J+bC/g8F6uCAMouV6NSWKV0JsQDfdwgzQE
E9/mT87ZyUCvTM7Hp43fhV1Menz9Z1jzgejoB1KG55MkYk2nRvqIA63BP8pBvQ7t
LRhV79pw2/pMK4HtCGS9M8h4ZDxYAlZKkEL4ZiO2D8HN5v2678g94xOr1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNQZBMfLbaRYdX2hH+CZBzP4W3IKMB8GA1UdIwQY
MBaAFC7rtpGyTyh5JT46akXgtcUmc7CdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHV1MmtiSlBLSGtsUGpwcVJlQzF4U1p6c0owLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8xMzBkOTUtNTY0MS00YWRhLTgwYzAt
ZGEzZTExOTJjZGY2LzEvMUJrRXg4dHRwRmgxZmFFZjRKa0hNX2hiY2dvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8xMzBkOTUtNTY0MS00YWRhLTgwYzAtZGEzZTExOTJjZGY2
LzEvTHV1MmtiSlBLSGtsUGpwcVJlQzF4U1p6c0owLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRPcMA0G
CSqGSIb3DQEBCwUAA4IBAQBgNL2MpXO16d3FJ/MFkLm0L5fPBPaDGgPQ1rs7ED83
zrsOn2hfd/2jElcxxBr2vLqtpHkyFIFZ3QtbdltYdtqYakNanm3Jd1vqLe61VwzA
2fx71SXHLuI1xl+V4xMg9KJG3NVWHk7uBO8TsZJstYPYhz+T0xPasAThcfN2zSlC
JSh0btvaJL/lzJHW0LfcvMtNS57E1vvlfi7OQ5AzVLcHoy5shnMdGAKWF8sJCmi/
JWWySWx9dEpkx9JoqrsxrpsGzcwUSBw/VmSD8UyNwrmtGJUorcPKZ+tWLhFKHUKM
xRpmOMunsnRYodO3VglluUlvrrP4TK5WyDasQYVZbtRE
-----END CERTIFICATE-----
Generated at Fri Apr 11 14:37:36 2025 by rpki-client