Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/9CqJmDGM0ON2EG9K3C5jiTuYoCs.roa
File: 9CqJmDGM0ON2EG9K3C5jiTuYoCs.roa (raw, json)
Hash identifier: jKdBoO/Z7q/KWRF8UnN0dQbKE9YI4ZLc0qXlfTsu1w4=
Subject key identifier: F4:2A:89:98:31:8C:D0:E3:76:10:6F:4A:DC:2E:63:89:3B:98:A0:2B
Certificate issuer: /CN=512b7ba91dc30ebb413cd055bd43292e2d14018f
Certificate serial: 018DA993F258EC916328255DBB5E4A8A405C
Authority key identifier: 51:2B:7B:A9:1D:C3:0E:BB:41:3C:D0:55:BD:43:29:2E:2D:14:01:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/9CqJmDGM0ON2EG9K3C5jiTuYoCs.roa
Signing time: Wed 14 Feb 2024 21:44:21 +0000
ROA not before: Wed 14 Feb 2024 21:44:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30803
IP address blocks: 89.20.192.0/19 maxlen: 24
2a00:1bf0::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a9:93:f2:58:ec:91:63:28:25:5d:bb:5e:4a:8a:40:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=512b7ba91dc30ebb413cd055bd43292e2d14018f
Validity
Not Before: Feb 14 21:44:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f42a8998318cd0e376106f4adc2e63893b98a02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:05:f5:42:04:ce:ff:8b:e4:8e:f3:c6:7f:48:
63:2f:ae:6e:24:a3:90:7c:c2:91:49:72:51:e6:5e:
8a:12:d3:26:a5:d3:0a:2a:af:5b:f7:99:3c:00:9e:
1e:df:b1:05:50:b8:9a:28:2e:00:1e:8f:e5:8e:7d:
69:4e:a1:a0:17:62:e4:ff:1b:f2:b9:de:d4:22:d9:
a9:c4:48:41:c9:23:f4:ff:55:7a:4b:2c:a2:f3:12:
9a:a8:a2:3d:a2:a6:40:8f:d3:09:df:3b:99:e7:ed:
24:6a:e2:47:a9:6b:70:cf:25:c9:24:6b:ad:7a:ff:
95:46:b1:11:2c:5f:54:d7:c0:54:2a:fd:6d:81:10:
fc:76:d0:bd:88:e3:c8:fa:b8:5c:17:c3:ea:8e:0c:
bd:e1:2f:f5:42:35:a5:d5:f0:45:28:64:c4:4d:9f:
a3:d4:80:53:34:02:08:ae:55:81:d7:75:10:f8:de:
6c:3d:fb:15:1f:76:21:d3:3d:3b:61:a9:ab:1a:cf:
c1:38:2c:0d:ca:67:ce:0a:57:bb:ca:fb:8a:7d:89:
f8:34:c5:cc:0e:c4:08:7c:e3:7d:bf:3a:46:2c:fa:
b6:9a:0b:7a:f9:b6:6f:6b:bf:1f:d9:81:76:03:f5:
0d:63:f4:92:c2:e1:59:54:ad:bf:c4:24:18:05:5b:
fa:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:2A:89:98:31:8C:D0:E3:76:10:6F:4A:DC:2E:63:89:3B:98:A0:2B
X509v3 Authority Key Identifier:
keyid:51:2B:7B:A9:1D:C3:0E:BB:41:3C:D0:55:BD:43:29:2E:2D:14:01:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/USt7qR3DDrtBPNBVvUMpLi0UAY8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/9CqJmDGM0ON2EG9K3C5jiTuYoCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/63fe9e-60a0-4f80-8c01-1673749bceec/1/USt7qR3DDrtBPNBVvUMpLi0UAY8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.20.192.0/19
IPv6:
2a00:1bf0::/32
Signature Algorithm: sha256WithRSAEncryption
44:f1:fd:91:85:94:a1:d5:cb:9e:4c:9c:c8:98:f9:26:64:11:
83:17:6a:e9:e8:00:09:e2:b9:c6:1d:65:c6:8b:d4:01:0b:bf:
f5:66:a8:fb:a6:a3:3e:f2:e0:ef:a9:8b:6b:01:ee:3b:cb:1a:
c9:ec:f0:ae:ca:e3:e2:76:6d:81:8b:d1:40:49:78:62:74:f5:
3a:02:81:38:61:52:eb:c6:c7:98:aa:0f:a2:8a:d5:a6:1d:6d:
3b:18:08:00:ed:5d:5d:43:5b:83:2f:3c:67:ad:56:37:a2:06:
26:fa:d8:11:fa:95:0c:26:06:e8:6e:27:12:b2:52:63:33:92:
52:12:6e:0a:35:44:9d:9f:58:3a:f4:56:db:df:68:b4:3c:62:
f2:a9:56:55:2b:86:a4:f9:0d:82:16:a0:88:2c:38:7b:0d:d0:
d6:c8:3d:0f:21:e4:53:1a:27:91:13:0d:68:cb:e7:c5:20:82:
3f:0f:6e:ce:17:b2:d3:b9:da:78:98:54:02:07:ac:10:f9:6d:
da:be:8e:50:b8:dd:a3:bf:17:a2:04:de:c5:c7:79:a0:3f:c0:
f6:07:6c:a5:92:ec:b9:00:46:09:e0:7c:2d:83:0f:a1:b3:79:
f5:31:b9:6b:35:ee:87:fc:a8:03:a4:8a:db:bc:49:4d:c4:43:
38:57:bd:9e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2pk/JY7JFjKCVdu15KikBcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMmI3YmE5MWRjMzBlYmI0MTNjZDA1NWJkNDMyOTJlMmQx
NDAxOGYwHhcNMjQwMjE0MjE0NDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDJhODk5ODMxOGNkMGUzNzYxMDZmNGFkYzJlNjM4OTNiOThhMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtgX1QgTO/4vkjvPGf0hjL65uJKOQ
fMKRSXJR5l6KEtMmpdMKKq9b95k8AJ4e37EFULiaKC4AHo/ljn1pTqGgF2Lk/xvy
ud7UItmpxEhBySP0/1V6Syyi8xKaqKI9oqZAj9MJ3zuZ5+0kauJHqWtwzyXJJGut
ev+VRrERLF9U18BUKv1tgRD8dtC9iOPI+rhcF8Pqjgy94S/1QjWl1fBFKGTETZ+j
1IBTNAIIrlWB13UQ+N5sPfsVH3Yh0z07YamrGs/BOCwNymfOCle7yvuKfYn4NMXM
DsQIfON9vzpGLPq2mgt6+bZva78f2YF2A/UNY/SSwuFZVK2/xCQYBVv6xQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPQqiZgxjNDjdhBvStwuY4k7mKArMB8GA1UdIwQY
MBaAFFEre6kdww67QTzQVb1DKS4tFAGPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVN0N3FSM0REcnRCUE5CVnZVTXBMaTBVQVk4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi82M2ZlOWUtNjBhMC00ZjgwLThjMDEt
MTY3Mzc0OWJjZWVjLzEvOUNxSm1ER00wT04yRUc5SzNDNWppVHVZb0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi82M2ZlOWUtNjBhMC00ZjgwLThjMDEtMTY3Mzc0OWJjZWVj
LzEvVVN0N3FSM0REcnRCUE5CVnZVTXBMaTBVQVk4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFWRTAMA0E
AgACMAcDBQAqABvwMA0GCSqGSIb3DQEBCwUAA4IBAQBE8f2RhZSh1cueTJzImPkm
ZBGDF2rp6AAJ4rnGHWXGi9QBC7/1Zqj7pqM+8uDvqYtrAe47yxrJ7PCuyuPidm2B
i9FASXhidPU6AoE4YVLrxseYqg+iitWmHW07GAgA7V1dQ1uDLzxnrVY3ogYm+tgR
+pUMJgbobicSslJjM5JSEm4KNUSdn1g69Fbb32i0PGLyqVZVK4ak+Q2CFqCILDh7
DdDWyD0PIeRTGieREw1oy+fFIII/D27OF7LTudp4mFQCB6wQ+W3avo5QuN2jvxei
BN7Fx3mgP8D2B2ylkuy5AEYJ4Hwtgw+hs3n1MblrNe6H/KgDpIrbvElNxEM4V72e
-----END CERTIFICATE-----
Generated at Thu Apr 17 09:26:29 2025 by rpki-client