Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/2d0a48-9f86-48e0-a01e-5b3285c3abaa/1/YrE20UzaASY_mfuwOS9UmrTt28M.roa
File: YrE20UzaASY_mfuwOS9UmrTt28M.roa (raw, json)
Hash identifier: +/g+S8NiaXpdx2NYeWpcNiQKNUOVj3vzbA+H1k8HKmQ=
Subject key identifier: 62:B1:36:D1:4C:DA:01:26:3F:99:FB:B0:39:2F:54:9A:B4:ED:DB:C3
Certificate issuer: /CN=26c988f21ff1ed7df42a6263723226686d3c18d6
Certificate serial: 018CC493807777EC0D16DD1A9CBC8F6DE2AD
Authority key identifier: 26:C9:88:F2:1F:F1:ED:7D:F4:2A:62:63:72:32:26:68:6D:3C:18:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JsmI8h_x7X30KmJjcjImaG08GNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/2d0a48-9f86-48e0-a01e-5b3285c3abaa/1/YrE20UzaASY_mfuwOS9UmrTt28M.roa
Signing time: Mon 01 Jan 2024 10:30:50 +0000
ROA not before: Mon 01 Jan 2024 10:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56648
IP address blocks: 89.207.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 23:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:80:77:77:ec:0d:16:dd:1a:9c:bc:8f:6d:e2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26c988f21ff1ed7df42a6263723226686d3c18d6
Validity
Not Before: Jan 1 10:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=62b136d14cda01263f99fbb0392f549ab4eddbc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:c8:a8:59:d1:85:ba:80:d3:be:74:d4:af:2d:
1c:d1:2d:97:9a:73:07:52:b1:1b:34:a3:9d:2f:6b:
46:fb:d3:05:3a:85:28:9f:d1:30:e8:95:2e:59:4d:
b0:6c:01:09:18:8c:70:53:22:71:a4:f4:c8:59:b8:
06:9a:d5:8d:31:a6:57:3c:ed:09:be:62:0a:81:17:
6c:d2:70:25:8e:56:7b:ef:5b:1c:6e:f5:0e:02:7c:
31:c5:bd:24:c5:82:e9:7f:5c:e2:23:fe:c4:89:68:
93:65:17:55:94:54:3f:dc:09:77:5e:dc:c3:c7:a8:
ad:6d:13:19:80:c1:b4:93:a1:50:47:3c:95:fe:c4:
76:cd:3d:f0:0a:42:aa:54:bb:f1:26:a8:e3:d9:a2:
d4:dc:d0:69:46:c3:0b:3a:ec:0b:fe:b5:2a:b5:61:
0c:d6:41:e1:be:86:fe:0c:d2:b2:39:3e:73:7b:27:
81:6f:9a:32:6c:d0:2f:0a:92:68:3a:a2:30:ec:a8:
40:6c:5b:39:0c:fc:91:d4:1e:0f:62:dc:b7:d7:d9:
1c:04:a3:57:2a:b3:3c:08:ee:c3:a3:5a:71:4d:58:
47:0e:81:0a:a1:aa:4d:9c:47:67:81:e9:26:d3:8a:
7a:82:ba:8a:5c:6c:6a:fd:e2:50:0c:b6:3d:83:97:
1f:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:B1:36:D1:4C:DA:01:26:3F:99:FB:B0:39:2F:54:9A:B4:ED:DB:C3
X509v3 Authority Key Identifier:
keyid:26:C9:88:F2:1F:F1:ED:7D:F4:2A:62:63:72:32:26:68:6D:3C:18:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JsmI8h_x7X30KmJjcjImaG08GNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2d0a48-9f86-48e0-a01e-5b3285c3abaa/1/YrE20UzaASY_mfuwOS9UmrTt28M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/2d0a48-9f86-48e0-a01e-5b3285c3abaa/1/JsmI8h_x7X30KmJjcjImaG08GNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.157.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:74:38:4f:35:22:c9:27:dc:da:75:dd:ad:53:10:a7:2f:27:
e9:58:93:17:7d:39:ca:80:54:20:84:84:09:22:1d:75:cb:f0:
4b:51:bf:85:49:05:7f:31:f1:50:4d:2b:84:65:54:e2:a7:30:
98:09:16:16:1a:42:3c:a7:02:dc:b8:65:38:df:25:91:84:e2:
80:1c:cc:b2:b1:2b:91:0f:78:94:9b:d0:6b:f9:c1:ee:5f:dd:
12:02:d7:50:a3:e5:0e:17:1e:da:24:d1:26:dd:01:bf:54:34:
9d:49:54:3c:3b:59:94:a3:ef:f3:67:33:63:c8:ae:98:f6:4b:
83:74:06:61:87:72:8c:f2:c8:62:75:28:fc:40:fd:95:7f:fe:
3f:5f:20:0d:f6:1a:4a:11:29:c7:4a:6b:47:ca:02:50:ee:68:
be:91:76:c2:29:9a:0e:ff:f3:fa:f7:50:b3:fe:74:89:30:bb:
61:01:59:56:b1:f4:21:0c:3b:df:78:38:f2:52:c0:c3:59:28:
e9:42:90:b4:16:a1:8b:34:3b:12:4f:8c:59:c5:cc:d5:dd:ff:
1e:e0:6b:bf:c6:68:30:5a:19:8b:05:95:12:48:70:14:8c:de:
38:60:42:5c:50:f1:1e:39:cb:57:d2:b9:d7:91:62:14:40:e4:
80:1c:28:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk4B3d+wNFt0anLyPbeKtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2Yzk4OGYyMWZmMWVkN2RmNDJhNjI2MzcyMzIyNjY4NmQz
YzE4ZDYwHhcNMjQwMTAxMTAzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MmIxMzZkMTRjZGEwMTI2M2Y5OWZiYjAzOTJmNTQ5YWI0ZWRkYmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArMioWdGFuoDTvnTUry0c0S2XmnMH
UrEbNKOdL2tG+9MFOoUon9Ew6JUuWU2wbAEJGIxwUyJxpPTIWbgGmtWNMaZXPO0J
vmIKgRds0nAljlZ771scbvUOAnwxxb0kxYLpf1ziI/7EiWiTZRdVlFQ/3Al3XtzD
x6itbRMZgMG0k6FQRzyV/sR2zT3wCkKqVLvxJqjj2aLU3NBpRsMLOuwL/rUqtWEM
1kHhvob+DNKyOT5zeyeBb5oybNAvCpJoOqIw7KhAbFs5DPyR1B4PYty319kcBKNX
KrM8CO7Do1pxTVhHDoEKoapNnEdngekm04p6grqKXGxq/eJQDLY9g5cfwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGKxNtFM2gEmP5n7sDkvVJq07dvDMB8GA1UdIwQY
MBaAFCbJiPIf8e199CpiY3IyJmhtPBjWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnNtSThoX3g3WDMwS21KamNqSW1hRzA4R05ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS8yZDBhNDgtOWY4Ni00OGUwLWEwMWUt
NWIzMjg1YzNhYmFhLzEvWXJFMjBVemFBU1lfbWZ1d09TOVVtclR0MjhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS8yZDBhNDgtOWY4Ni00OGUwLWEwMWUtNWIzMjg1YzNhYmFh
LzEvSnNtSThoX3g3WDMwS21KamNqSW1hRzA4R05ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWc+dMA0G
CSqGSIb3DQEBCwUAA4IBAQBrdDhPNSLJJ9zadd2tUxCnLyfpWJMXfTnKgFQghIQJ
Ih11y/BLUb+FSQV/MfFQTSuEZVTipzCYCRYWGkI8pwLcuGU43yWRhOKAHMyysSuR
D3iUm9Br+cHuX90SAtdQo+UOFx7aJNEm3QG/VDSdSVQ8O1mUo+/zZzNjyK6Y9kuD
dAZhh3KM8shidSj8QP2Vf/4/XyAN9hpKESnHSmtHygJQ7mi+kXbCKZoO//P691Cz
/nSJMLthAVlWsfQhDDvfeDjyUsDDWSjpQpC0FqGLNDsST4xZxczV3f8e4Gu/xmgw
WhmLBZUSSHAUjN44YEJcUPEeOctX0rnXkWIUQOSAHCiJ
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:41:23 2025 by rpki-client