Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/xsO8b_wapkeY3pLFIjuO1mLq8vI.roa
File: xsO8b_wapkeY3pLFIjuO1mLq8vI.roa (raw, json)
Hash identifier: d+qRYNgm4zc7UbyX13eTAq+kATom+Ep7UuZcEjyLSmM=
Subject key identifier: C6:C3:BC:6F:FC:1A:A6:47:98:DE:92:C5:22:3B:8E:D6:62:EA:F2:F2
Certificate issuer: /CN=1994bf84de36ffb9d94b257f3278134194133498
Certificate serial: 019423D708B5D3722AD57F8AFFA0AE56DB7E
Authority key identifier: 19:94:BF:84:DE:36:FF:B9:D9:4B:25:7F:32:78:13:41:94:13:34:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GZS_hN42_7nZSyV_MngTQZQTNJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/xsO8b_wapkeY3pLFIjuO1mLq8vI.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197991
IP address blocks: 89.150.60.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 07 Jan 2025 10:59:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:08:b5:d3:72:2a:d5:7f:8a:ff:a0:ae:56:db:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1994bf84de36ffb9d94b257f3278134194133498
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6c3bc6ffc1aa64798de92c5223b8ed662eaf2f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e9:c9:54:1d:61:70:88:d4:f1:96:19:09:bc:
04:5d:a7:c9:76:67:6b:77:33:19:d1:a6:9a:59:f8:
d7:d8:24:00:27:e1:2c:3a:70:d0:c7:62:66:69:90:
d1:ef:c8:fc:60:1a:e7:66:73:8b:5d:10:05:ad:27:
21:5f:13:9b:88:7d:36:7b:51:be:f1:85:d3:4a:c9:
ff:3c:65:77:20:c5:5e:9e:fe:b7:bf:68:e8:74:da:
b3:ba:db:74:9f:f8:cc:a7:fa:75:b5:09:29:45:8e:
67:1a:b3:9e:f4:fa:cd:be:1f:53:be:83:33:65:df:
81:31:d9:8d:2a:c4:32:01:55:06:14:80:58:2f:2a:
eb:47:75:53:c2:5b:94:2b:4e:d6:f9:a3:26:48:45:
36:42:1f:dc:3d:4d:ea:82:37:a1:0e:43:39:ef:f9:
46:af:f1:58:06:52:c7:3a:e7:41:d8:ce:e8:38:9f:
e9:ae:c4:6c:a6:52:f1:a7:2a:d8:d9:21:73:ba:e4:
3d:3d:17:19:13:5f:10:fc:73:4f:b3:a6:5f:ed:30:
45:5c:c3:52:8d:b3:67:12:93:13:2f:44:85:dc:3b:
d5:13:cb:53:1e:93:c1:a9:51:d5:c3:3c:33:26:fc:
e1:79:09:3a:e5:53:09:6c:31:97:b1:ec:66:fe:f4:
23:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C3:BC:6F:FC:1A:A6:47:98:DE:92:C5:22:3B:8E:D6:62:EA:F2:F2
X509v3 Authority Key Identifier:
keyid:19:94:BF:84:DE:36:FF:B9:D9:4B:25:7F:32:78:13:41:94:13:34:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GZS_hN42_7nZSyV_MngTQZQTNJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/xsO8b_wapkeY3pLFIjuO1mLq8vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/04d4bb-ed46-42e1-b045-46af3e50c052/1/GZS_hN42_7nZSyV_MngTQZQTNJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.60.0/23
Signature Algorithm: sha256WithRSAEncryption
13:bc:de:44:24:4d:d6:44:88:7f:f4:2a:a4:ac:80:6c:b6:ac:
fe:fb:10:0b:74:02:5f:a6:67:3b:e9:a2:3b:b9:ac:48:c5:8e:
bd:f8:3f:46:a1:1e:ec:52:75:cd:d9:1e:06:96:7f:12:b3:1a:
73:ec:bb:ad:b9:f5:cd:73:8a:d4:a2:10:fe:f1:1b:e6:d1:58:
9b:b4:a2:55:c3:a0:dc:8b:0a:75:52:eb:38:a9:82:2d:bc:20:
59:9a:b9:0f:d3:07:0d:5e:22:15:d4:b4:76:4f:d1:88:2c:ea:
37:2c:fb:dd:15:c5:61:87:d7:52:60:53:f0:19:f7:7d:ef:21:
81:c9:6d:a6:aa:1d:c6:af:96:47:c8:a3:a1:08:79:a9:9b:93:
05:7c:cb:ce:f0:25:95:11:a5:43:c9:71:76:0b:fc:5f:cb:f5:
47:a4:7c:ec:ca:7e:35:26:c2:67:95:20:b6:1c:bc:9d:f7:48:
e8:a0:60:ed:09:12:b0:1f:01:e4:10:1b:fa:3b:44:ae:c7:c0:
c3:20:29:c3:35:b0:9c:4b:88:2d:42:ef:69:0d:7f:3c:55:ab:
a7:60:43:6d:5b:36:86:07:a9:ea:57:8a:f2:f2:9d:6d:1c:61:
08:fc:5b:db:d6:fe:ed:a9:00:de:d8:83:c5:10:7f:02:82:dd:
23:23:c2:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1wi103Iq1X+K/6CuVtt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5OTRiZjg0ZGUzNmZmYjlkOTRiMjU3ZjMyNzgxMzQxOTQx
MzM0OTgwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmMzYmM2ZmZjMWFhNjQ3OThkZTkyYzUyMjNiOGVkNjYyZWFmMmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoenJVB1hcIjU8ZYZCbwEXafJdmdr
dzMZ0aaaWfjX2CQAJ+EsOnDQx2JmaZDR78j8YBrnZnOLXRAFrSchXxObiH02e1G+
8YXTSsn/PGV3IMVenv63v2jodNqzutt0n/jMp/p1tQkpRY5nGrOe9PrNvh9TvoMz
Zd+BMdmNKsQyAVUGFIBYLyrrR3VTwluUK07W+aMmSEU2Qh/cPU3qgjehDkM57/lG
r/FYBlLHOudB2M7oOJ/prsRsplLxpyrY2SFzuuQ9PRcZE18Q/HNPs6Zf7TBFXMNS
jbNnEpMTL0SF3DvVE8tTHpPBqVHVwzwzJvzheQk65VMJbDGXsexm/vQjVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMbDvG/8GqZHmN6SxSI7jtZi6vLyMB8GA1UdIwQY
MBaAFBmUv4TeNv+52UslfzJ4E0GUEzSYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1pTX2hONDJfN25aU3lWX01uZ1RRWlFUTkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi8wNGQ0YmItZWQ0Ni00MmUxLWIwNDUt
NDZhZjNlNTBjMDUyLzEveHNPOGJfd2Fwa2VZM3BMRklqdU8xbUxxOHZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi8wNGQ0YmItZWQ0Ni00MmUxLWIwNDUtNDZhZjNlNTBjMDUy
LzEvR1pTX2hONDJfN25aU3lWX01uZ1RRWlFUTkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWZY8MA0G
CSqGSIb3DQEBCwUAA4IBAQATvN5EJE3WRIh/9CqkrIBstqz++xALdAJfpmc76aI7
uaxIxY69+D9GoR7sUnXN2R4Gln8Ssxpz7LutufXNc4rUohD+8Rvm0VibtKJVw6Dc
iwp1Uus4qYItvCBZmrkP0wcNXiIV1LR2T9GILOo3LPvdFcVhh9dSYFPwGfd97yGB
yW2mqh3Gr5ZHyKOhCHmpm5MFfMvO8CWVEaVDyXF2C/xfy/VHpHzsyn41JsJnlSC2
HLyd90jooGDtCRKwHwHkEBv6O0Sux8DDICnDNbCcS4gtQu9pDX88VaunYENtWzaG
B6nqV4ry8p1tHGEI/Fvb1v7tqQDe2IPFEH8Cgt0jI8KN
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:25:31 2025 by rpki-client