Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IFZfMutJXaUH01Jg6XYISidfz2I.roa
File: IFZfMutJXaUH01Jg6XYISidfz2I.roa (raw, json)
Hash identifier: azYJhLJf2wdhPjZ5DVuYcZQAAok6CUBDcnPLNas2maw=
Subject key identifier: 20:56:5F:32:EB:49:5D:A5:07:D3:52:60:E9:76:08:4A:27:5F:CF:62
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0194282675A33C496D6C902DB9FCCAE0394A
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IFZfMutJXaUH01Jg6XYISidfz2I.roa
Signing time: Thu 02 Jan 2025 17:53:16 +0000
ROA not before: Thu 02 Jan 2025 17:53:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 89.249.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 05:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:75:a3:3c:49:6d:6c:90:2d:b9:fc:ca:e0:39:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Jan 2 17:53:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20565f32eb495da507d35260e976084a275fcf62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b4:2b:fb:fc:9c:fb:69:1f:aa:fa:3a:fe:18:
09:bb:13:57:0a:8b:86:c9:11:b0:f4:d7:f5:6e:2b:
f4:93:9a:c7:ad:d6:da:40:23:8e:55:e5:85:58:2f:
fb:be:24:e7:95:56:43:99:fe:a7:b3:c0:3c:a3:54:
5b:f2:0d:da:12:83:9e:d0:95:cc:02:c8:3b:dd:9e:
a7:02:47:d6:d6:fb:41:91:09:eb:ae:9f:ee:ff:98:
2f:86:c7:3c:c9:44:e5:bc:1e:2b:08:83:f4:8d:63:
89:5e:8e:d5:11:66:e8:60:e5:77:ed:7c:f8:a4:d6:
17:1a:23:7a:5e:3c:51:a6:71:68:26:2d:05:9f:41:
c3:ce:99:79:93:53:bc:b1:c3:f5:ce:0e:49:e9:6b:
db:cb:0b:38:86:5d:5b:9f:78:51:b9:70:df:93:f8:
e5:11:17:a0:5a:f4:15:86:b2:e2:97:3a:c4:73:fe:
c0:5c:92:28:bc:c4:cd:bc:03:1e:e0:e9:43:ca:c5:
de:72:d5:80:67:be:95:d0:1a:04:3b:27:ea:04:91:
fb:15:65:5b:8e:ef:90:9f:ac:f5:93:1b:c7:bf:d3:
41:82:c3:cf:30:a7:cc:08:2e:e0:5b:d1:d1:77:6a:
7a:ad:6e:71:03:6a:48:9f:9a:d9:0f:a9:96:f7:74:
9f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:56:5F:32:EB:49:5D:A5:07:D3:52:60:E9:76:08:4A:27:5F:CF:62
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/IFZfMutJXaUH01Jg6XYISidfz2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.201.0/24
Signature Algorithm: sha256WithRSAEncryption
31:33:ed:15:00:3e:12:0e:40:c7:2c:0a:c3:ac:2d:0e:28:1e:
53:f3:e9:b0:30:02:f7:51:8b:fb:62:a2:3c:38:3d:72:d3:0d:
66:1d:09:02:e7:08:a7:c1:5c:08:59:f8:76:b3:88:a7:81:fd:
bc:29:7a:20:ae:65:a0:0d:0f:5f:1e:4b:41:d2:5e:ba:2f:18:
8a:60:46:ab:f6:80:11:56:86:bb:a0:8d:9b:c5:7a:2a:fc:8d:
3c:4c:18:8c:83:73:68:64:07:cc:d8:bb:3a:5a:ec:39:c3:62:
d2:9d:30:af:c1:8c:4f:7c:48:13:ef:12:96:69:cc:8e:35:e4:
77:2f:92:94:07:e7:b9:33:f8:59:d1:09:56:53:28:0a:93:1e:
9e:f4:1e:e7:6b:c3:53:18:24:b5:6b:46:f2:4f:14:cc:14:95:
1a:6a:9f:7a:73:c1:db:9e:d9:02:b0:42:89:7f:5a:89:0c:f9:
d2:50:cc:25:8b:11:ea:fb:2d:3f:1e:45:ad:1e:56:47:67:c9:
87:c8:36:e4:d6:e6:11:d1:83:9b:62:c7:26:76:7d:61:95:f2:
6e:72:c6:ef:2a:f3:48:c5:c1:4f:a6:7d:bb:6b:ff:38:6f:30:
71:b3:78:3d:07:c1:53:e4:6d:21:23:b8:39:67:81:5d:13:4d:
4e:79:3c:05
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJnWjPEltbJAtufzK4DlKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjUwMTAyMTc1MzE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDU2NWYzMmViNDk1ZGE1MDdkMzUyNjBlOTc2MDg0YTI3NWZjZjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbQr+/yc+2kfqvo6/hgJuxNXCouG
yRGw9Nf1biv0k5rHrdbaQCOOVeWFWC/7viTnlVZDmf6ns8A8o1Rb8g3aEoOe0JXM
Asg73Z6nAkfW1vtBkQnrrp/u/5gvhsc8yUTlvB4rCIP0jWOJXo7VEWboYOV37Xz4
pNYXGiN6XjxRpnFoJi0Fn0HDzpl5k1O8scP1zg5J6Wvbyws4hl1bn3hRuXDfk/jl
ERegWvQVhrLilzrEc/7AXJIovMTNvAMe4OlDysXectWAZ76V0BoEOyfqBJH7FWVb
ju+Qn6z1kxvHv9NBgsPPMKfMCC7gW9HRd2p6rW5xA2pIn5rZD6mW93SfpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCBWXzLrSV2lB9NSYOl2CEonX89iMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvSUZaZk11dEpYYVVIMDFKZzZYWUlTaWRmejJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfnJMA0G
CSqGSIb3DQEBCwUAA4IBAQAxM+0VAD4SDkDHLArDrC0OKB5T8+mwMAL3UYv7YqI8
OD1y0w1mHQkC5winwVwIWfh2s4ingf28KXogrmWgDQ9fHktB0l66LxiKYEar9oAR
Voa7oI2bxXoq/I08TBiMg3NoZAfM2Ls6Wuw5w2LSnTCvwYxPfEgT7xKWacyONeR3
L5KUB+e5M/hZ0QlWUygKkx6e9B7na8NTGCS1a0byTxTMFJUaap96c8HbntkCsEKJ
f1qJDPnSUMwlixHq+y0/HkWtHlZHZ8mHyDbk1uYR0YObYscmdn1hlfJucsbvKvNI
xcFPpn27a/84bzBxs3g9B8FT5G0hI7g5Z4FdE01OeTwF
-----END CERTIFICATE-----
Generated at Wed Feb 5 19:05:44 2025 by rpki-client