Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-SuCdrSYVaSGRDl6MjmQoNYKCRc.roa
File: 1-SuCdrSYVaSGRDl6MjmQoNYKCRc.roa (raw, json)
Hash identifier: PIhrxODAFtgG3dfsYaLperI2OIRUWbYJVbFGMFnLxuI=
Subject key identifier: F9:2B:82:76:B4:98:55:A4:86:44:39:7A:32:39:90:A0:D6:0A:09:17
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 01944C0ABBCD348C9332EA285FED0049910B
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-SuCdrSYVaSGRDl6MjmQoNYKCRc.roa
Signing time: Thu 09 Jan 2025 17:09:19 +0000
ROA not before: Thu 09 Jan 2025 17:09:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 89.249.192.0/21 maxlen: 24
89.249.206.0/23 maxlen: 24
212.42.192.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 05:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:4c:0a:bb:cd:34:8c:93:32:ea:28:5f:ed:00:49:91:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 9 17:09:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f92b8276b49855a48644397a323990a0d60a0917
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:4c:ec:51:25:01:d6:7a:96:e2:12:99:bb:8a:
0b:06:53:92:96:87:e9:ed:7d:d7:4d:9e:e3:e9:9c:
d1:38:0e:f9:c3:77:4d:a4:48:46:36:77:5d:dc:71:
23:e6:36:14:95:47:a3:10:d9:b7:98:19:f7:22:fd:
90:89:04:cc:0a:0c:f2:59:02:e8:24:d5:fb:56:14:
aa:04:39:fc:b3:98:a1:6e:a0:0f:a0:c3:5a:64:41:
b3:92:82:b0:35:c4:4a:95:57:c3:db:84:e2:02:fb:
c0:d9:c6:b6:a6:2c:14:f5:28:67:1e:73:3a:d6:3b:
d5:7d:49:f9:57:5d:73:be:83:a6:31:51:76:56:a6:
dd:af:a8:50:c6:65:35:16:ae:22:e7:85:61:13:a7:
0b:79:ff:51:ef:a9:42:f3:57:a1:e7:98:3f:b2:ef:
5f:b0:03:75:7e:18:ba:03:51:3f:21:2b:d4:b2:14:
9f:c2:88:ab:7a:56:e2:99:ea:b0:c0:c7:0b:37:a0:
d9:d1:be:64:39:52:f5:53:98:0d:e8:54:21:41:be:
45:b4:53:f7:90:9d:50:f9:c2:5d:40:76:1b:95:1e:
5c:5a:0c:79:35:c2:9d:23:de:4a:8a:34:f2:c8:ae:
75:2f:53:56:41:df:8c:5f:1f:d7:bf:83:1e:75:de:
5b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:2B:82:76:B4:98:55:A4:86:44:39:7A:32:39:90:A0:D6:0A:09:17
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/1-SuCdrSYVaSGRDl6MjmQoNYKCRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/21
89.249.206.0/23
212.42.192.0/20
Signature Algorithm: sha256WithRSAEncryption
48:cb:61:38:4a:ef:80:2f:24:9e:2b:b0:99:2d:29:66:5e:d8:
9d:a4:4b:0d:11:d6:da:14:82:da:60:0f:d1:f8:1c:34:5c:4b:
84:10:cf:da:18:03:b3:7b:75:4a:1e:82:ac:98:07:a3:f2:c9:
ce:eb:3f:4a:af:c8:a2:49:0a:7e:6b:9d:c0:b1:46:bc:20:1e:
b0:bf:6e:e3:b2:24:ea:a6:dd:2c:39:44:c4:b2:46:64:70:64:
ca:85:67:c4:af:76:26:57:12:52:9c:4b:8f:0c:62:3b:a1:32:
81:56:5e:41:cd:cd:f1:76:ed:41:f0:0b:19:94:89:89:9b:0d:
b3:ca:83:ce:e7:12:ab:98:e9:75:e2:79:83:4a:c0:4b:bf:08:
d0:62:34:9c:e1:88:da:7e:60:48:af:32:59:c3:37:0b:2c:e9:
90:61:b4:98:0c:69:0f:df:73:e3:fe:71:bf:62:e5:e5:b7:01:
0d:5b:be:f4:1c:d6:c7:29:54:15:06:c8:f6:1c:52:a6:28:09:
1e:ec:5c:fd:f0:1f:15:ea:c2:9b:29:95:40:fc:86:60:29:2d:
c9:19:7f:25:fa:cb:25:de:8a:f3:e8:58:40:9c:73:2f:9a:dd:
df:4a:00:f4:62:db:dd:3f:b7:e4:d0:25:1a:ba:54:1c:80:e6:
5b:d3:1b:a5
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZRMCrvNNIyTMuooX+0ASZELMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwMTA5MTcwOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTJiODI3NmI0OTg1NWE0ODY0NDM5N2EzMjM5OTBhMGQ2MGEwOTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0kzsUSUB1nqW4hKZu4oLBlOSlofp
7X3XTZ7j6ZzROA75w3dNpEhGNndd3HEj5jYUlUejENm3mBn3Iv2QiQTMCgzyWQLo
JNX7VhSqBDn8s5ihbqAPoMNaZEGzkoKwNcRKlVfD24TiAvvA2ca2piwU9ShnHnM6
1jvVfUn5V11zvoOmMVF2Vqbdr6hQxmU1Fq4i54VhE6cLef9R76lC81eh55g/su9f
sAN1fhi6A1E/ISvUshSfwoirelbimeqwwMcLN6DZ0b5kOVL1U5gN6FQhQb5FtFP3
kJ1Q+cJdQHYblR5cWgx5NcKdI95KijTyyK51L1NWQd+MXx/Xv4Medd5bMQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPkrgna0mFWkhkQ5ejI5kKDWCgkXMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvMS1TdUNkclNZVmFTR1JEbDZNam1Rb05ZS0NSYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvMWMwODRjLTk4MmQtNDA5OC1hZjQyLTM0MjViMTI1ZWFh
Ny8xL0RYSXVSUk9qbG5qWXF5T3kxa2wzVTBCUmpMay5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEA1n5wAME
AVn5zgMEBNQqwDANBgkqhkiG9w0BAQsFAAOCAQEASMthOErvgC8kniuwmS0pZl7Y
naRLDRHW2hSC2mAP0fgcNFxLhBDP2hgDs3t1Sh6CrJgHo/LJzus/Sq/IokkKfmud
wLFGvCAesL9u47Ik6qbdLDlExLJGZHBkyoVnxK92JlcSUpxLjwxiO6EygVZeQc3N
8XbtQfALGZSJiZsNs8qDzucSq5jpdeJ5g0rAS78I0GI0nOGI2n5gSK8yWcM3Cyzp
kGG0mAxpD99z4/5xv2Ll5bcBDVu+9BzWxylUFQbI9hxSpigJHuxc/fAfFerCmymV
QPyGYCktyRl/JfrLJd6K8+hYQJxzL5rd30oA9GLb3T+35NAlGrpUHIDmW9MbpQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:03:21 2025 by rpki-client