Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/i03vrJZ8uc7pfKe81QPP8wmkLho.roa
File: i03vrJZ8uc7pfKe81QPP8wmkLho.roa (raw, json)
Hash identifier: S1/MxjWLN/JGmT3bx20WpszQZb4/d9GXQMTbic1D6q8=
Subject key identifier: 8B:4D:EF:AC:96:7C:B9:CE:E9:7C:A7:BC:D5:03:CF:F3:09:A4:2E:1A
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019503D8EC133DA51A28F9889F1A2EA1EB71
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/i03vrJZ8uc7pfKe81QPP8wmkLho.roa
Signing time: Fri 14 Feb 2025 09:45:02 +0000
ROA not before: Fri 14 Feb 2025 09:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41852
IP address blocks: 89.39.72.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 24 Feb 2025 16:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:03:d8:ec:13:3d:a5:1a:28:f9:88:9f:1a:2e:a1:eb:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Feb 14 09:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b4defac967cb9cee97ca7bcd503cff309a42e1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:8b:0b:60:70:6b:4c:65:98:70:9e:de:bd:f4:
86:a4:bd:9c:07:bb:c6:0d:f7:15:dc:63:1a:05:4d:
4a:36:1b:71:6a:18:f7:5a:52:c5:ce:f6:3f:66:9e:
05:f3:37:5d:a7:47:19:cb:a9:2e:e8:41:9b:89:7a:
74:e5:d2:21:a9:37:1a:55:3a:85:60:48:a6:9b:bd:
1a:73:19:c5:8f:70:b6:a5:aa:9c:cc:90:ff:2c:f4:
20:80:1b:e0:40:e4:5d:9c:e7:eb:30:29:81:00:2b:
54:27:37:68:24:b9:5d:b9:22:fe:66:d9:b3:46:d6:
aa:e1:92:f3:60:02:3b:b4:a3:c7:64:8f:61:b0:cf:
24:aa:39:0e:44:49:2e:51:e4:28:3f:19:73:46:76:
e9:82:53:4b:fb:ad:ec:3a:15:17:4d:f1:ad:31:0f:
76:2d:03:d5:e4:82:c1:84:e2:19:89:98:15:cc:47:
c5:e0:15:b7:26:2d:8d:f1:26:3b:ab:ea:e7:1d:75:
d3:dc:ea:14:42:b5:c9:78:57:fd:fb:a9:e2:6c:dd:
8b:05:6c:ba:9c:f6:43:6a:fc:7b:49:7c:12:ce:eb:
a4:f7:90:c3:44:42:e8:48:3d:1d:c5:e1:19:c6:38:
68:b0:94:bf:77:13:3a:32:e1:5f:b3:0c:38:22:01:
d3:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:4D:EF:AC:96:7C:B9:CE:E9:7C:A7:BC:D5:03:CF:F3:09:A4:2E:1A
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/i03vrJZ8uc7pfKe81QPP8wmkLho.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.72.0/22
Signature Algorithm: sha256WithRSAEncryption
82:10:e4:23:28:4b:94:27:f1:5f:ff:e0:16:ed:b4:1e:68:85:
95:67:24:4b:92:06:65:0a:fc:25:e6:19:db:4b:fe:00:a7:0b:
c2:c8:08:41:b1:8f:f7:3a:d6:ad:71:36:1c:3e:9e:87:97:d0:
06:37:e3:87:52:82:10:58:03:73:7e:fe:df:aa:6f:d3:e2:4c:
52:0c:af:5e:71:2c:e1:3c:b5:81:95:88:5d:5c:a4:76:c1:5f:
cb:da:26:29:1a:e6:7e:85:7c:6e:d9:d8:5f:12:35:f9:f8:c9:
9a:c3:86:1e:a7:00:7c:87:12:42:21:45:1e:43:6c:af:ba:1a:
13:67:8b:16:60:8e:0c:87:55:27:21:12:40:c5:f0:6e:65:23:
d9:fc:62:dc:c3:ff:4d:6a:3b:cc:0f:db:83:6b:1f:bc:dc:05:
03:24:f7:6a:77:68:eb:57:f9:ea:ed:94:64:7d:58:10:cf:89:
d0:60:1a:05:aa:98:2f:9b:c0:40:49:3e:d5:87:0e:ee:47:3e:
e9:bf:0d:90:8b:ef:40:f3:02:1e:46:a3:f6:f0:11:f0:a5:08:
b8:e3:eb:61:4a:7c:e7:79:aa:25:19:55:bf:51:62:b3:b4:7a:
cb:7b:58:2c:f9:4f:fa:14:e3:f1:af:0d:e2:d1:76:f7:a7:d7:
18:07:60:6f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZUD2OwTPaUaKPmInxouoetxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjUwMjE0MDk0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjRkZWZhYzk2N2NiOWNlZTk3Y2E3YmNkNTAzY2ZmMzA5YTQyZTFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzosLYHBrTGWYcJ7evfSGpL2cB7vG
DfcV3GMaBU1KNhtxahj3WlLFzvY/Zp4F8zddp0cZy6ku6EGbiXp05dIhqTcaVTqF
YEimm70acxnFj3C2paqczJD/LPQggBvgQORdnOfrMCmBACtUJzdoJLlduSL+Ztmz
Rtaq4ZLzYAI7tKPHZI9hsM8kqjkOREkuUeQoPxlzRnbpglNL+63sOhUXTfGtMQ92
LQPV5ILBhOIZiZgVzEfF4BW3Ji2N8SY7q+rnHXXT3OoUQrXJeFf9+6nibN2LBWy6
nPZDavx7SXwSzuuk95DDRELoSD0dxeEZxjhosJS/dxM6MuFfsww4IgHTVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFItN76yWfLnO6XynvNUDz/MJpC4aMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvaTAzdnJKWjh1YzdwZktlODFRUFA4d21rTGhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSdIMA0G
CSqGSIb3DQEBCwUAA4IBAQCCEOQjKEuUJ/Ff/+AW7bQeaIWVZyRLkgZlCvwl5hnb
S/4ApwvCyAhBsY/3OtatcTYcPp6Hl9AGN+OHUoIQWANzfv7fqm/T4kxSDK9ecSzh
PLWBlYhdXKR2wV/L2iYpGuZ+hXxu2dhfEjX5+Mmaw4YepwB8hxJCIUUeQ2yvuhoT
Z4sWYI4Mh1UnIRJAxfBuZSPZ/GLcw/9NajvMD9uDax+83AUDJPdqd2jrV/nq7ZRk
fVgQz4nQYBoFqpgvm8BAST7Vhw7uRz7pvw2Qi+9A8wIeRqP28BHwpQi44+thSnzn
eaolGVW/UWKztHrLe1gs+U/6FOPxrw3i0Xb3p9cYB2Bv
-----END CERTIFICATE-----
Generated at Fri Apr 18 03:18:54 2025 by rpki-client