Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0ut07THpJvzfO2g4VKrkOziVRs0.roa
File: 0ut07THpJvzfO2g4VKrkOziVRs0.roa (raw, json)
Hash identifier: lgToHoLiiMxW0XBWW+V7h9yHoU4Lr9pyBLT/igxbF4I=
Subject key identifier: D2:EB:74:ED:31:E9:26:FC:DF:3B:68:38:54:AA:E4:3B:38:95:46:CD
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 01939299C1B9CCFF368FB143838ED72FE7F9
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0ut07THpJvzfO2g4VKrkOziVRs0.roa
Signing time: Wed 04 Dec 2024 16:56:10 +0000
ROA not before: Wed 04 Dec 2024 16:56:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215439
IP address blocks: 89.34.219.0/24 maxlen: 24
89.39.121.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 13 Dec 2024 09:06:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:92:99:c1:b9:cc:ff:36:8f:b1:43:83:8e:d7:2f:e7:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Dec 4 16:56:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2eb74ed31e926fcdf3b683854aae43b389546cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:eb:a7:aa:88:1b:5b:38:25:d7:c4:91:c4:13:
69:d2:1d:fb:11:56:00:8f:f2:13:ac:5c:7e:b1:68:
8b:fc:15:bb:60:1b:4a:be:55:4f:42:b3:bc:44:b0:
fe:21:c2:4b:ad:80:fb:23:17:34:5f:fa:6f:e6:00:
b0:50:34:72:9f:62:1c:6b:91:22:30:8b:91:45:1d:
01:8d:12:3d:59:ca:d1:90:00:7c:b4:de:83:07:d0:
93:46:23:f1:0c:5c:a5:9f:d4:ad:8c:09:82:bd:1d:
e7:50:a4:94:4a:39:f5:2a:1b:ca:b4:4c:e1:ff:f6:
c6:6f:79:f1:db:cc:e6:f8:b6:3f:a7:49:43:40:9c:
ff:4c:16:1f:7d:b2:17:5f:63:00:54:c1:07:46:ad:
90:74:f6:3e:4d:3e:67:2d:9b:22:48:53:c9:3b:0c:
bb:ae:c9:85:bb:bf:35:1d:51:de:66:73:97:1b:2b:
98:c2:f3:b3:98:1b:99:00:1a:ba:ff:ab:28:b0:85:
0f:67:7b:f8:78:17:79:6a:b0:f9:28:8a:8b:15:fc:
f7:01:12:a4:b2:78:ac:ad:b9:55:52:c2:ed:18:1b:
64:8d:b0:00:58:a0:db:cd:a5:d9:4b:86:79:3e:d8:
29:2f:88:f7:20:e4:93:2d:61:d3:87:7e:17:ea:51:
22:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:EB:74:ED:31:E9:26:FC:DF:3B:68:38:54:AA:E4:3B:38:95:46:CD
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/0ut07THpJvzfO2g4VKrkOziVRs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.219.0/24
89.39.121.0/24
Signature Algorithm: sha256WithRSAEncryption
08:3b:d6:33:01:f7:c0:88:e9:8d:5a:74:27:89:66:a8:8b:ca:
9f:18:c0:0d:f6:3e:60:ed:56:f4:0f:0d:d4:ee:39:ba:c0:aa:
97:db:0c:1d:bf:23:9e:ef:4b:7e:e6:e1:79:57:c4:df:e8:03:
6d:f0:79:44:ec:99:e1:ae:82:e1:2e:83:ed:7e:44:1e:61:92:
19:cb:91:17:e9:01:72:22:6a:31:91:59:41:00:d4:f3:0a:b6:
07:11:65:cd:6e:e1:00:0c:c7:ef:0b:7b:0a:ed:a3:7a:0d:1f:
a4:1a:f9:dc:61:84:9c:9a:a1:99:b7:07:24:2f:ec:1b:81:0f:
7c:37:ca:6a:48:c4:e1:5e:58:b9:21:d3:89:7c:9e:cb:5a:c5:
aa:93:98:44:22:1d:72:66:dc:07:70:29:56:38:c2:da:14:48:
40:a6:fc:a5:7e:7a:31:9b:27:04:29:a7:27:d6:f3:73:c0:4f:
a3:dd:0b:66:54:30:4a:ae:ac:7c:dd:0b:ac:48:b9:d1:44:20:
42:0f:f9:16:47:0b:d0:c0:97:7a:0e:48:a9:8a:80:fe:b8:ec:
2c:fa:0e:ee:c3:6e:1b:84:7a:a2:31:5f:83:79:3f:9b:c2:0c:
74:23:0e:d4:ed:d9:4b:14:36:23:25:f4:08:58:5b:db:85:07:
13:3f:db:2b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOSmcG5zP82j7FDg47XL+f5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjQxMjA0MTY1NjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmViNzRlZDMxZTkyNmZjZGYzYjY4Mzg1NGFhZTQzYjM4OTU0NmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7OunqogbWzgl18SRxBNp0h37EVYA
j/ITrFx+sWiL/BW7YBtKvlVPQrO8RLD+IcJLrYD7Ixc0X/pv5gCwUDRyn2Ica5Ei
MIuRRR0BjRI9WcrRkAB8tN6DB9CTRiPxDFyln9StjAmCvR3nUKSUSjn1KhvKtEzh
//bGb3nx28zm+LY/p0lDQJz/TBYffbIXX2MAVMEHRq2QdPY+TT5nLZsiSFPJOwy7
rsmFu781HVHeZnOXGyuYwvOzmBuZABq6/6sosIUPZ3v4eBd5arD5KIqLFfz3ARKk
snisrblVUsLtGBtkjbAAWKDbzaXZS4Z5PtgpL4j3IOSTLWHTh34X6lEiuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNLrdO0x6Sb83ztoOFSq5Ds4lUbNMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvMHV0MDdUSHBKdnpmTzJnNFZLcmtPemlWUnMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSLbAwQA
WSd5MA0GCSqGSIb3DQEBCwUAA4IBAQAIO9YzAffAiOmNWnQniWaoi8qfGMAN9j5g
7Vb0Dw3U7jm6wKqX2wwdvyOe70t+5uF5V8Tf6ANt8HlE7JnhroLhLoPtfkQeYZIZ
y5EX6QFyImoxkVlBANTzCrYHEWXNbuEADMfvC3sK7aN6DR+kGvncYYScmqGZtwck
L+wbgQ98N8pqSMThXli5IdOJfJ7LWsWqk5hEIh1yZtwHcClWOMLaFEhApvylfnox
mycEKacn1vNzwE+j3QtmVDBKrqx83QusSLnRRCBCD/kWRwvQwJd6DkipioD+uOws
+g7uw24bhHqiMV+DeT+bwgx0Iw7U7dlLFDYjJfQIWFvbhQcTP9sr
-----END CERTIFICATE-----
Generated at Fri Mar 14 11:41:22 2025 by rpki-client