Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/BC84Z362X32fz1P7cfRFyJvpl1Q.roa
File: BC84Z362X32fz1P7cfRFyJvpl1Q.roa (raw, json)
Hash identifier: rVwDqJ9Lz7NIcujtdscMhzJyUpVg0+eWxmcr0K0jFBw=
Subject key identifier: 04:2F:38:67:7E:B6:5F:7D:9F:CF:53:FB:71:F4:45:C8:9B:E9:97:54
Certificate issuer: /CN=862ba21fcfcc34c9d9b5a7c6081585e0a0ee70ae
Certificate serial: 0192B8FDD983A3F6B9C8EF23D996D3A94B7B
Authority key identifier: 86:2B:A2:1F:CF:CC:34:C9:D9:B5:A7:C6:08:15:85:E0:A0:EE:70:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hiuiH8_MNMnZtafGCBWF4KDucK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/BC84Z362X32fz1P7cfRFyJvpl1Q.roa
Signing time: Wed 23 Oct 2024 10:48:16 +0000
ROA not before: Wed 23 Oct 2024 10:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39033
IP address blocks: 89.104.114.0/24 maxlen: 24
185.91.125.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b8:fd:d9:83:a3:f6:b9:c8:ef:23:d9:96:d3:a9:4b:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=862ba21fcfcc34c9d9b5a7c6081585e0a0ee70ae
Validity
Not Before: Oct 23 10:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=042f38677eb65f7d9fcf53fb71f445c89be99754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:c2:53:27:1b:74:4b:6c:56:a6:b9:b5:5a:bc:
81:ed:ba:7d:8c:22:e0:80:ea:72:21:ed:ee:65:d2:
3e:da:9e:ea:4c:53:a1:43:a9:d9:c1:4f:1a:bf:56:
eb:a6:e9:29:25:43:e2:b9:e7:99:39:9f:5a:83:c5:
3a:77:e5:22:a7:34:2a:ce:d2:df:52:c7:eb:34:a0:
56:23:11:1d:9e:c9:81:bd:f7:8b:00:df:fd:a8:dd:
9e:45:71:3d:49:9c:43:3f:a9:c3:f9:7f:22:0d:9f:
a6:b8:0e:c2:a8:da:2b:03:ab:ad:ef:2c:12:63:97:
fd:89:65:ee:fe:46:24:74:b7:8b:0c:c6:68:03:75:
58:20:88:f8:01:1b:03:06:f2:01:76:ea:80:9e:86:
b1:d2:ed:bc:31:0b:65:49:56:56:0e:64:7e:69:fe:
3a:85:50:dd:f7:e5:74:d5:46:5e:db:7f:bc:de:48:
2f:22:6c:86:74:69:01:32:7d:4e:e3:8c:58:39:a5:
dc:e4:73:d8:8e:50:38:9b:3d:41:7d:32:9e:05:95:
84:e4:e9:e7:65:f9:27:a5:d8:f9:f8:ac:66:05:dc:
d7:aa:2c:60:9d:71:6b:62:a8:69:bf:13:cd:45:e6:
3a:6a:27:fd:f3:0a:82:02:8a:9b:33:1b:88:0d:8a:
05:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:2F:38:67:7E:B6:5F:7D:9F:CF:53:FB:71:F4:45:C8:9B:E9:97:54
X509v3 Authority Key Identifier:
keyid:86:2B:A2:1F:CF:CC:34:C9:D9:B5:A7:C6:08:15:85:E0:A0:EE:70:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hiuiH8_MNMnZtafGCBWF4KDucK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/BC84Z362X32fz1P7cfRFyJvpl1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/475e6f-89a5-43e8-83b9-495a959b16e7/1/hiuiH8_MNMnZtafGCBWF4KDucK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.114.0/24
185.91.125.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:25:78:af:55:c4:52:b9:62:54:65:4a:e2:1b:8b:06:4d:e2:
f1:89:ee:b0:58:bd:20:85:de:8c:cd:be:27:c7:f2:8d:68:66:
b4:14:3f:58:0d:64:85:d3:83:02:38:02:6c:6b:e1:ad:d3:84:
e7:2a:fd:2f:12:45:94:ee:33:f4:0d:30:f5:9e:6a:0b:ef:58:
05:2e:c5:c1:92:50:ab:2d:b8:37:e9:4c:d5:3d:4e:41:dd:3a:
2b:53:7d:b3:60:52:04:e1:67:e1:37:7e:2e:ce:e2:b4:72:90:
bc:0d:1b:ec:47:f2:af:df:d6:48:34:57:d0:99:78:f3:cd:73:
7b:32:fc:16:0f:84:82:ad:99:c5:26:46:26:01:aa:92:d9:79:
3f:2f:1c:7d:14:88:e9:5b:b1:d5:65:04:bc:49:5a:5e:a3:94:
ca:ba:e3:09:7a:e2:34:d9:c9:6f:fc:d0:57:38:3e:54:f6:a3:
ac:05:5b:1f:a1:11:1a:98:a1:f4:2e:3c:a1:21:c2:8f:bb:64:
9d:b9:9c:c2:a6:0c:e6:8c:7d:46:f9:9e:54:16:67:65:00:df:
3f:ef:37:af:19:df:be:cd:13:8a:7a:ff:8b:7e:f1:71:d8:42:
ff:39:8e:c6:ff:84:a5:c9:6e:ea:04:60:e3:a8:67:fc:46:d3:
7e:4d:37:aa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK4/dmDo/a5yO8j2ZbTqUt7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2MmJhMjFmY2ZjYzM0YzlkOWI1YTdjNjA4MTU4NWUwYTBl
ZTcwYWUwHhcNMjQxMDIzMTA0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDJmMzg2NzdlYjY1ZjdkOWZjZjUzZmI3MWY0NDVjODliZTk5NzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjsJTJxt0S2xWprm1WryB7bp9jCLg
gOpyIe3uZdI+2p7qTFOhQ6nZwU8av1brpukpJUPiueeZOZ9ag8U6d+UipzQqztLf
UsfrNKBWIxEdnsmBvfeLAN/9qN2eRXE9SZxDP6nD+X8iDZ+muA7CqNorA6ut7ywS
Y5f9iWXu/kYkdLeLDMZoA3VYIIj4ARsDBvIBduqAnoax0u28MQtlSVZWDmR+af46
hVDd9+V01UZe23+83kgvImyGdGkBMn1O44xYOaXc5HPYjlA4mz1BfTKeBZWE5Onn
Zfknpdj5+KxmBdzXqixgnXFrYqhpvxPNReY6aif98wqCAoqbMxuIDYoFFwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAQvOGd+tl99n89T+3H0Rcib6ZdUMB8GA1UdIwQY
MBaAFIYroh/PzDTJ2bWnxggVheCg7nCuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGl1aUg4X01OTW5adGFmR0NCV0Y0S0R1Y0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni80NzVlNmYtODlhNS00M2U4LTgzYjkt
NDk1YTk1OWIxNmU3LzEvQkM4NFozNjJYMzJmejFQN2NmUkZ5SnZwbDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni80NzVlNmYtODlhNS00M2U4LTgzYjktNDk1YTk1OWIxNmU3
LzEvaGl1aUg4X01OTW5adGFmR0NCV0Y0S0R1Y0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWWhyAwQA
uVt9MA0GCSqGSIb3DQEBCwUAA4IBAQAtJXivVcRSuWJUZUriG4sGTeLxie6wWL0g
hd6Mzb4nx/KNaGa0FD9YDWSF04MCOAJsa+Gt04TnKv0vEkWU7jP0DTD1nmoL71gF
LsXBklCrLbg36UzVPU5B3TorU32zYFIE4WfhN34uzuK0cpC8DRvsR/Kv39ZINFfQ
mXjzzXN7MvwWD4SCrZnFJkYmAaqS2Xk/Lxx9FIjpW7HVZQS8SVpeo5TKuuMJeuI0
2clv/NBXOD5U9qOsBVsfoREamKH0LjyhIcKPu2SduZzCpgzmjH1G+Z5UFmdlAN8/
7zevGd++zROKev+LfvFx2EL/OY7G/4SlyW7qBGDjqGf8RtN+TTeq
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:21:15 2025 by rpki-client