Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/16QDEaiRMrpGEU6QrWE22wqVltA.roa
File: 16QDEaiRMrpGEU6QrWE22wqVltA.roa (raw, json)
Hash identifier: pzftJ5E/Sm5zMtMz8v/fYTbXHc/zEzN8g7QoUSTstNA=
Subject key identifier: D7:A4:03:11:A8:91:32:BA:46:11:4E:90:AD:61:36:DB:0A:95:96:D0
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 01942748377CD773816C7FADCCCF68808371
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/16QDEaiRMrpGEU6QrWE22wqVltA.roa
Signing time: Thu 02 Jan 2025 13:50:31 +0000
ROA not before: Thu 02 Jan 2025 13:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31479
IP address blocks: 89.42.71.0/24 maxlen: 24
89.45.209.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
185.28.48.0/23 maxlen: 23
201.77.58.0/24 maxlen: 24
2001:4030::/32 maxlen: 32
2001:4030:16::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 15 Jan 2025 10:38:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:37:7c:d7:73:81:6c:7f:ad:cc:cf:68:80:83:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7a40311a89132ba46114e90ad6136db0a9596d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:50:16:de:ee:1a:8b:50:3b:a3:ef:a2:5c:81:
57:ab:fc:eb:b5:e0:6d:f6:37:bc:f0:80:eb:1a:83:
74:1c:12:4f:f7:da:49:29:e2:01:20:20:fa:f6:f6:
64:02:61:d3:82:10:ca:b8:d9:66:aa:30:db:c8:ee:
12:2c:11:27:43:6a:68:90:f8:bf:e6:bd:fd:20:15:
19:13:5b:50:0c:b7:d1:8a:4a:b6:45:62:34:b9:ff:
47:8d:74:7b:d0:83:1d:75:d0:64:b5:37:40:3f:d4:
76:65:70:3d:cd:9e:9d:bb:43:d0:72:88:24:5b:41:
9d:49:54:67:12:07:c9:ac:fc:d0:c3:ea:59:df:ea:
49:b7:c1:96:e0:5e:36:e0:fa:82:17:e4:04:96:33:
38:01:7e:cf:70:8e:f6:ee:d4:3b:73:8a:38:cf:5b:
a1:ec:a7:2f:67:ac:ac:92:2b:f3:0e:ee:44:ab:7c:
8d:c7:7a:cd:29:9d:ac:11:d3:69:68:1b:6f:62:e9:
32:cd:af:c2:66:b9:5a:81:b7:54:19:a6:ae:7b:bc:
e3:7a:ce:2c:87:94:9f:7f:0d:86:cb:9e:05:a3:90:
3a:06:79:d3:ee:7b:11:d1:6c:64:88:0b:6b:bd:d7:
cf:36:a0:78:b1:bb:10:a4:62:b8:4c:1a:4a:05:0c:
a1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:A4:03:11:A8:91:32:BA:46:11:4E:90:AD:61:36:DB:0A:95:96:D0
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/16QDEaiRMrpGEU6QrWE22wqVltA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.71.0/24
89.45.209.0/24
178.19.32.0/23
185.28.48.0/23
201.77.58.0/24
IPv6:
2001:4030::/32
Signature Algorithm: sha256WithRSAEncryption
2f:7e:14:f7:8a:6f:5b:7f:d3:be:83:03:0c:f4:e0:cd:6e:23:
37:f9:87:82:47:92:06:41:7e:8c:6f:d7:c9:5e:d6:98:85:20:
cb:56:13:c7:ba:e6:40:e4:8f:fd:a0:85:c7:03:48:fb:5e:0b:
bd:f9:8d:56:fe:88:7c:f2:83:be:80:50:8f:e5:60:68:4d:30:
0a:f6:fa:3b:d7:96:e3:e7:30:d7:4a:a2:07:14:27:e2:ac:9f:
c8:5b:99:5f:90:ff:b5:48:bd:5b:fd:93:48:d0:9d:25:be:00:
cb:61:bd:5e:50:77:92:33:16:7a:0c:f6:f9:90:e2:9b:8b:bf:
52:e2:29:7f:a1:00:3f:28:1d:95:eb:38:5e:c5:96:b6:d2:b8:
79:a3:26:c4:fd:22:69:aa:49:8d:c3:6d:e3:c3:3e:6a:c9:c6:
cf:b1:5c:68:97:52:9b:01:93:29:f8:70:87:1e:03:64:5b:79:
f7:5d:aa:1e:33:b3:00:ab:e1:e5:b6:87:4c:7b:bf:64:e6:4f:
32:81:cb:7e:9a:9d:59:b4:11:db:a2:33:a3:08:23:be:8a:22:
e7:3b:18:7b:a7:c8:cd:78:ea:fa:77:87:59:7c:49:d5:18:9d:
7c:18:46:19:0d:50:89:10:7a:d7:09:79:af:aa:41:9f:ae:47:
e8:03:3e:4a
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQnSDd813OBbH+tzM9ogINxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2E0MDMxMWE4OTEzMmJhNDYxMTRlOTBhZDYxMzZkYjBhOTU5NmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVAW3u4ai1A7o++iXIFXq/zrteBt
9je88IDrGoN0HBJP99pJKeIBICD69vZkAmHTghDKuNlmqjDbyO4SLBEnQ2pokPi/
5r39IBUZE1tQDLfRikq2RWI0uf9HjXR70IMdddBktTdAP9R2ZXA9zZ6du0PQcogk
W0GdSVRnEgfJrPzQw+pZ3+pJt8GW4F424PqCF+QEljM4AX7PcI727tQ7c4o4z1uh
7KcvZ6yskivzDu5Eq3yNx3rNKZ2sEdNpaBtvYukyza/CZrlagbdUGaaue7zjes4s
h5Sffw2Gy54Fo5A6BnnT7nsR0WxkiAtrvdfPNqB4sbsQpGK4TBpKBQyhpwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNekAxGokTK6RhFOkK1hNtsKlZbQMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvMTZRREVhaVJNcnBHRVU2UXJXRTIyd3FWbHRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWSpHAwQA
WS3RAwQBshMgAwQBuRwwAwQAyU06MA0EAgACMAcDBQAgAUAwMA0GCSqGSIb3DQEB
CwUAA4IBAQAvfhT3im9bf9O+gwMM9ODNbiM3+YeCR5IGQX6Mb9fJXtaYhSDLVhPH
uuZA5I/9oIXHA0j7Xgu9+Y1W/oh88oO+gFCP5WBoTTAK9vo715bj5zDXSqIHFCfi
rJ/IW5lfkP+1SL1b/ZNI0J0lvgDLYb1eUHeSMxZ6DPb5kOKbi79S4il/oQA/KB2V
6zhexZa20rh5oybE/SJpqkmNw23jwz5qycbPsVxol1KbAZMp+HCHHgNkW3n3Xaoe
M7MAq+HltodMe79k5k8ygct+mp1ZtBHbojOjCCO+iiLnOxh7p8jNeOr6d4dZfEnV
GJ18GEYZDVCJEHrXCXmvqkGfrkfoAz5K
-----END CERTIFICATE-----
Generated at Tue Apr 22 13:12:25 2025 by rpki-client