Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/XYEm_mMgjLARhBw4dNUtcq2wESY.roa
File: XYEm_mMgjLARhBw4dNUtcq2wESY.roa (raw, json)
Hash identifier: 5pxadokOpK303XooYAkCzNDB4bS7OvenzgO/Q/OZPvk=
Subject key identifier: 5D:81:26:FE:63:20:8C:B0:11:84:1C:38:74:D5:2D:72:AD:B0:11:26
Certificate issuer: /CN=1994bf84de36ffb9d94b257f3278134194133498
Certificate serial: 019407AD82EADBED420FB5237E3D522672E3
Authority key identifier: 19:94:BF:84:DE:36:FF:B9:D9:4B:25:7F:32:78:13:41:94:13:34:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZS_hN42_7nZSyV_MngTQZQTNJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/XYEm_mMgjLARhBw4dNUtcq2wESY.roa
Signing time: Fri 27 Dec 2024 10:33:19 +0000
ROA not before: Fri 27 Dec 2024 10:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215984
IP address blocks: 89.150.43.0/24 maxlen: 24
89.150.56.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:07:ad:82:ea:db:ed:42:0f:b5:23:7e:3d:52:26:72:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1994bf84de36ffb9d94b257f3278134194133498
Validity
Not Before: Dec 27 10:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5d8126fe63208cb011841c3874d52d72adb01126
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:ea:bc:e0:5c:e5:97:42:f1:51:fa:e6:b9:c0:
1c:dc:ed:40:59:ea:d3:50:88:9a:54:72:21:17:d8:
c2:96:22:e3:f0:57:ae:7e:ba:4d:45:10:58:1b:6a:
89:4b:56:c5:1d:2a:38:f2:85:c9:b6:6d:7e:55:ff:
68:0b:f9:5a:52:06:14:b2:20:f1:c2:85:d0:49:7f:
74:98:6a:70:ef:3d:4b:27:fa:80:8b:65:9d:c4:cf:
14:a3:0a:2d:fe:83:3b:4b:55:dc:cc:1b:66:fd:8b:
ae:f0:53:27:70:43:2f:25:ca:aa:b6:e8:6c:b1:d5:
3c:29:59:23:16:e8:eb:ad:c5:6c:41:f2:e1:f1:8f:
52:23:58:9f:a8:c6:6c:d8:4c:c4:92:7b:a3:93:b5:
1e:2f:05:1b:0f:8b:e8:68:ff:c2:5d:4b:ca:4d:67:
01:0a:1d:4d:4a:a7:c6:b5:45:f2:01:f1:f4:83:62:
b1:3a:c3:56:87:6e:c9:93:ff:73:67:a3:d0:6f:a4:
66:77:c3:56:8f:30:7a:3b:8e:ce:3f:a8:00:7e:36:
37:d9:7a:08:a5:ee:f1:b4:fc:7f:e8:45:2f:e6:ad:
30:00:68:a5:77:3d:19:ef:54:41:82:42:e1:0c:30:
4f:d9:4d:bc:2c:51:f6:3d:9a:41:12:7f:4b:cf:64:
69:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:81:26:FE:63:20:8C:B0:11:84:1C:38:74:D5:2D:72:AD:B0:11:26
X509v3 Authority Key Identifier:
keyid:19:94:BF:84:DE:36:FF:B9:D9:4B:25:7F:32:78:13:41:94:13:34:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZS_hN42_7nZSyV_MngTQZQTNJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/XYEm_mMgjLARhBw4dNUtcq2wESY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/GZS_hN42_7nZSyV_MngTQZQTNJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.43.0/24
89.150.56.0/24
Signature Algorithm: sha256WithRSAEncryption
23:a8:f4:12:d1:95:ce:fe:97:88:a0:86:78:6a:13:be:b7:4a:
1a:8c:d1:89:41:5f:ef:61:5c:74:3a:19:71:81:08:09:d1:16:
8b:f9:b5:e3:75:ef:b3:a4:86:aa:fb:ce:a1:5c:74:78:10:27:
32:79:9d:23:05:db:d3:d1:91:1e:13:94:69:fe:74:ab:bf:b9:
19:56:37:34:75:6b:ac:39:d5:43:7f:6f:8d:7e:02:6a:87:c2:
47:7c:29:1a:86:e3:1b:9c:e8:20:ff:51:ae:cd:ec:0f:c9:57:
23:b6:e9:01:80:42:1e:bf:a7:ae:d1:92:a9:16:c8:43:fb:83:
e7:1f:23:bf:3d:bf:0e:10:08:b4:0e:58:85:12:e5:3b:7c:5c:
9f:25:67:3d:8b:a1:f8:1a:91:40:6c:02:80:9c:08:67:d0:b9:
ee:6e:e5:5b:45:3b:71:8c:1a:db:11:3d:a8:32:1b:28:e8:5a:
80:ea:cb:2c:92:a3:c9:33:f4:08:07:92:15:99:9b:86:fd:fe:
16:f7:bd:b7:c4:42:a8:c3:1a:49:fb:96:11:d5:67:91:09:04:
06:d2:00:bd:39:09:1b:eb:cd:f2:13:06:d9:2c:95:e0:3f:b7:
c7:1d:68:62:8d:47:61:5b:c4:33:95:42:20:b4:00:e3:07:dd:
73:c9:57:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQHrYLq2+1CD7Ujfj1SJnLjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OTRiZjg0ZGUzNmZmYjlkOTRiMjU3ZjMyNzgxMzQxOTQx
MzM0OTgwHhcNMjQxMjI3MTAzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDgxMjZmZTYzMjA4Y2IwMTE4NDFjMzg3NGQ1MmQ3MmFkYjAxMTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2uq84Fzll0LxUfrmucAc3O1AWerT
UIiaVHIhF9jCliLj8FeufrpNRRBYG2qJS1bFHSo48oXJtm1+Vf9oC/laUgYUsiDx
woXQSX90mGpw7z1LJ/qAi2WdxM8Uowot/oM7S1XczBtm/Yuu8FMncEMvJcqqtuhs
sdU8KVkjFujrrcVsQfLh8Y9SI1ifqMZs2EzEknujk7UeLwUbD4voaP/CXUvKTWcB
Ch1NSqfGtUXyAfH0g2KxOsNWh27Jk/9zZ6PQb6Rmd8NWjzB6O47OP6gAfjY32XoI
pe7xtPx/6EUv5q0wAGildz0Z71RBgkLhDDBP2U28LFH2PZpBEn9Lz2RpoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFF2BJv5jIIywEYQcOHTVLXKtsBEmMB8GA1UdIwQY
MBaAFBmUv4TeNv+52UslfzJ4E0GUEzSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1pTX2hONDJfN25aU3lWX01uZ1RRWlFUTkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wNGQ0YmItZWQ0Ni00MmUxLWIwNDUt
NDZhZjNlNTBjMDUyLzEvWFlFbV9tTWdqTEFSaEJ3NGROVXRjcTJ3RVNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wNGQ0YmItZWQ0Ni00MmUxLWIwNDUtNDZhZjNlNTBjMDUy
LzEvR1pTX2hONDJfN25aU3lWX01uZ1RRWlFUTkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWZYrAwQA
WZY4MA0GCSqGSIb3DQEBCwUAA4IBAQAjqPQS0ZXO/peIoIZ4ahO+t0oajNGJQV/v
YVx0OhlxgQgJ0RaL+bXjde+zpIaq+86hXHR4ECcyeZ0jBdvT0ZEeE5Rp/nSrv7kZ
Vjc0dWusOdVDf2+NfgJqh8JHfCkahuMbnOgg/1GuzewPyVcjtukBgEIev6eu0ZKp
FshD+4PnHyO/Pb8OEAi0DliFEuU7fFyfJWc9i6H4GpFAbAKAnAhn0LnubuVbRTtx
jBrbET2oMhso6FqA6ssskqPJM/QIB5IVmZuG/f4W9723xEKowxpJ+5YR1WeRCQQG
0gC9OQkb683yEwbZLJXgP7fHHWhijUdhW8QzlUIgtADjB91zyVcr
-----END CERTIFICATE-----
Generated at Tue Apr 22 15:48:49 2025 by rpki-client