Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/TITtQN9H4YMtDNIjhOzReJ_u72Q.roa
File: TITtQN9H4YMtDNIjhOzReJ_u72Q.roa (raw, json)
Hash identifier: 67P3zlJcWxvynbC85NC3cxjRvKlgIIBMXl7lB1dlxRY=
Subject key identifier: 4C:84:ED:40:DF:47:E1:83:2D:0C:D2:23:84:EC:D1:78:9F:EE:EF:64
Certificate issuer: /CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Certificate serial: 019423D6BD7C5053A175168B073270D557A7
Authority key identifier: 07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/TITtQN9H4YMtDNIjhOzReJ_u72Q.roa
Signing time: Wed 01 Jan 2025 21:47:43 +0000
ROA not before: Wed 01 Jan 2025 21:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 89.222.36.0/24 maxlen: 24
89.222.37.0/24 maxlen: 24
89.222.38.0/24 maxlen: 24
89.222.39.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 13 Mar 2025 10:35:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:bd:7c:50:53:a1:75:16:8b:07:32:70:d5:57:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a32999c47eb31d5fbf16ecc3872eaefd43bad7
Validity
Not Before: Jan 1 21:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c84ed40df47e1832d0cd22384ecd1789feeef64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d3:c2:82:0a:72:22:78:99:a0:66:06:1a:0e:
fe:0c:09:00:77:bf:95:6e:eb:0f:2e:25:55:d0:5d:
47:d3:07:1d:bb:6e:64:97:60:77:89:e9:48:9c:15:
68:98:10:f2:cc:f5:2d:53:cd:e6:60:83:48:44:35:
f2:8a:24:b3:b1:03:b6:51:85:b1:7a:c2:3e:fa:04:
ef:0c:f6:77:8d:07:5d:f6:80:97:a0:ec:d5:78:9d:
0f:ed:25:dd:c8:0b:e0:11:a0:0f:d4:cf:15:9e:e4:
1f:2d:4a:d0:b5:eb:b2:68:e4:10:6b:47:1d:4f:4c:
0a:a0:43:da:ac:e2:a3:06:d2:e6:af:1d:20:4e:c4:
8c:ae:58:91:6c:25:1f:05:fd:f9:80:00:d6:ea:b5:
cf:7b:82:99:0f:86:b6:6a:b7:64:90:52:9f:28:71:
ca:7c:53:31:db:3f:68:24:26:34:33:c2:00:76:a2:
a5:81:5d:01:bc:bd:40:e5:77:a2:21:47:33:a1:eb:
f6:20:dc:dd:f4:c8:d5:97:d8:3e:27:52:75:6b:48:
57:da:8a:b3:66:f0:f2:78:c1:fa:40:85:c4:d6:25:
c5:42:df:0c:c8:28:36:bd:c6:71:64:4a:85:78:f4:
7b:01:28:8f:e1:52:e6:72:42:d8:d7:da:66:b1:41:
f5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:84:ED:40:DF:47:E1:83:2D:0C:D2:23:84:EC:D1:78:9F:EE:EF:64
X509v3 Authority Key Identifier:
keyid:07:A3:29:99:C4:7E:B3:1D:5F:BF:16:EC:C3:87:2E:AE:FD:43:BA:D7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6MpmcR-sx1fvxbsw4curv1Dutc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/TITtQN9H4YMtDNIjhOzReJ_u72Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/738179-cf67-4199-b532-2fb2958ab8bb/1/B6MpmcR-sx1fvxbsw4curv1Dutc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.222.36.0/22
Signature Algorithm: sha256WithRSAEncryption
99:8a:7b:ed:40:46:fc:f7:ad:7f:f9:eb:83:b2:21:22:b8:e6:
78:67:6a:6e:c8:60:97:2a:36:83:85:b8:b4:ad:d7:01:7b:be:
65:ba:e0:ac:8c:d9:35:5b:b0:60:02:8b:80:73:95:1c:62:cc:
49:f2:cc:72:c8:34:68:8d:c8:71:d2:4b:6d:8a:c5:3c:4e:c6:
34:27:4c:8d:36:47:b2:43:d8:4f:09:24:23:15:d0:a8:9b:23:
63:35:80:13:13:f1:93:3e:ed:58:3c:88:af:e9:7e:84:fe:82:
eb:fe:0b:09:30:06:8d:1c:e7:dc:94:fa:d3:b9:e4:3f:40:ec:
53:dc:4c:ab:a5:4a:ee:6f:7d:ef:53:e4:2c:b7:67:39:29:bd:
70:8e:a9:9e:61:6c:75:a8:0c:96:b1:f7:38:20:d0:3e:df:72:
c9:05:60:dc:4f:08:64:07:ce:a5:4c:c7:67:a1:2a:8d:04:51:
c2:c7:58:97:61:40:9d:1a:a2:88:d1:fc:8a:dc:c1:11:55:d5:
af:22:c9:da:1c:aa:8b:cc:9c:d7:3d:6b:cc:09:d9:52:08:dd:
c1:3a:77:83:4e:0d:b3:89:22:f8:56:f1:b5:84:a9:68:34:38:
68:3b:11:22:d5:30:03:e4:fb:40:d5:5d:78:03:79:65:67:64:
08:72:ac:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1r18UFOhdRaLBzJw1VenMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTMyOTk5YzQ3ZWIzMWQ1ZmJmMTZlY2MzODcyZWFlZmQ0
M2JhZDcwHhcNMjUwMTAxMjE0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yzg0ZWQ0MGRmNDdlMTgzMmQwY2QyMjM4NGVjZDE3ODlmZWVlZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9PCggpyIniZoGYGGg7+DAkAd7+V
busPLiVV0F1H0wcdu25kl2B3ielInBVomBDyzPUtU83mYINIRDXyiiSzsQO2UYWx
esI++gTvDPZ3jQdd9oCXoOzVeJ0P7SXdyAvgEaAP1M8VnuQfLUrQteuyaOQQa0cd
T0wKoEParOKjBtLmrx0gTsSMrliRbCUfBf35gADW6rXPe4KZD4a2ardkkFKfKHHK
fFMx2z9oJCY0M8IAdqKlgV0BvL1A5XeiIUczoev2INzd9MjVl9g+J1J1a0hX2oqz
ZvDyeMH6QIXE1iXFQt8MyCg2vcZxZEqFePR7ASiP4VLmckLY19pmsUH1gwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEyE7UDfR+GDLQzSI4Ts0Xif7u9kMB8GA1UdIwQY
MBaAFAejKZnEfrMdX78W7MOHLq79Q7rXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzIt
MmZiMjk1OGFiOGJiLzEvVElUdFFOOUg0WU10RE5JamhPelJlSl91NzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83MzgxNzktY2Y2Ny00MTk5LWI1MzItMmZiMjk1OGFiOGJi
LzEvQjZNcG1jUi1zeDFmdnhic3c0Y3VydjFEdXRjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWd4kMA0G
CSqGSIb3DQEBCwUAA4IBAQCZinvtQEb8961/+euDsiEiuOZ4Z2puyGCXKjaDhbi0
rdcBe75luuCsjNk1W7BgAouAc5UcYsxJ8sxyyDRojchx0kttisU8TsY0J0yNNkey
Q9hPCSQjFdComyNjNYATE/GTPu1YPIiv6X6E/oLr/gsJMAaNHOfclPrTueQ/QOxT
3EyrpUrub33vU+Qst2c5Kb1wjqmeYWx1qAyWsfc4INA+33LJBWDcTwhkB86lTMdn
oSqNBFHCx1iXYUCdGqKI0fyK3MERVdWvIsnaHKqLzJzXPWvMCdlSCN3BOneDTg2z
iSL4VvG1hKloNDhoOxEi1TAD5PtA1V14A3llZ2QIcqyZ
-----END CERTIFICATE-----
Generated at Sun Apr 6 14:44:02 2025 by rpki-client