Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-GQ2HFOw_BHFp11VujLHBKcwEb4.roa
File: 1-GQ2HFOw_BHFp11VujLHBKcwEb4.roa (raw, json)
Hash identifier: Z+Q0T0pjp5//aKhvHi8vjKodvRaobvYFs2J+ZlSbkFI=
Subject key identifier: F8:64:36:1C:53:B0:FC:11:C5:A7:5D:55:BA:32:C7:04:A7:30:11:BE
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC7954FDAB65932E23A5E010673FA5235
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-GQ2HFOw_BHFp11VujLHBKcwEb4.roa
Signing time: Tue 02 Jan 2024 00:31:40 +0000
ROA not before: Tue 02 Jan 2024 00:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48669
IP address blocks: 89.38.104.0/24 maxlen: 24
93.115.32.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:4f:da:b6:59:32:e2:3a:5e:01:06:73:fa:52:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f864361c53b0fc11c5a75d55ba32c704a73011be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:37:11:5c:93:e3:1e:bd:a0:70:a4:dd:aa:c2:
90:f7:15:47:d7:81:58:b2:6b:81:49:26:8e:7f:75:
ca:98:5d:6d:2d:f0:08:3d:24:06:b8:80:3f:0d:9f:
4f:89:07:50:2f:60:45:65:d7:36:32:4c:ea:50:19:
76:69:b0:bc:38:3f:4e:4b:02:20:c8:49:a3:6e:f7:
42:4c:cb:cd:d2:c6:d7:80:1f:9d:e2:cb:8e:a2:78:
cd:9a:49:5f:38:3d:fe:e9:bc:c2:d5:e0:0a:7e:76:
03:27:df:06:31:d5:52:8e:cc:e3:ff:08:10:0d:95:
96:c1:19:97:a8:33:40:5f:4d:4a:3c:8b:f1:f9:5a:
c4:23:0f:46:d3:6e:05:f6:1d:ba:f3:2b:26:27:74:
11:98:42:be:a0:56:26:16:ce:22:d9:c3:36:a6:f3:
1a:4c:cc:05:c0:ba:95:5d:31:6a:5a:26:41:76:f8:
80:ab:5b:3f:cf:13:f0:33:de:c5:f0:c2:40:fa:5d:
88:22:a5:f3:9a:c0:7d:72:f2:19:ff:22:2f:fe:cd:
29:60:42:5f:21:76:66:3c:71:e0:b1:52:d7:2e:6e:
35:92:33:a7:be:49:c8:89:38:c8:c8:a4:b3:88:c5:
f9:14:1d:45:61:ac:1f:34:d3:79:ed:44:6e:4a:b0:
89:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:64:36:1C:53:B0:FC:11:C5:A7:5D:55:BA:32:C7:04:A7:30:11:BE
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-GQ2HFOw_BHFp11VujLHBKcwEb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.104.0/24
93.115.32.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:00:d9:db:a7:a4:90:46:28:8d:5a:94:d1:0a:18:37:31:c8:
65:58:aa:67:e9:5e:92:ab:4f:cf:26:ad:82:c1:e3:ae:f6:0e:
17:21:f8:a2:f4:c0:e0:09:f5:eb:cc:4e:d8:45:f8:39:9b:ca:
c1:8c:e0:0c:43:bf:0d:19:93:9b:ae:f8:a1:ab:39:d9:80:7e:
55:e9:c1:88:2f:32:62:97:1c:d2:a1:d5:fc:a5:ac:64:65:f2:
9a:74:61:1d:28:68:cc:7f:ab:ce:86:2f:ec:53:85:24:e4:56:
78:4b:35:2d:f6:cc:2f:9e:dc:ae:e7:88:99:8a:bc:28:c7:01:
f2:fc:3a:e5:33:38:68:44:f5:c9:7f:52:90:c7:ff:00:56:68:
a2:f0:df:16:a3:51:17:f5:01:57:9e:64:3c:19:19:e2:d7:e9:
84:d3:11:07:df:d6:62:7a:cb:3e:9f:d1:d8:a6:f8:17:9b:36:
eb:4e:62:00:33:a6:81:c7:38:8f:38:81:34:f1:da:31:ba:74:
61:a0:8e:e3:1b:d7:cd:c2:f8:9b:e0:c2:78:61:18:1f:41:f2:
ed:63:f6:6d:67:7b:cb:9f:21:64:7b:48:41:15:b0:d6:24:12:
6e:6f:64:00:6e:0a:4a:11:5a:7f:79:0e:a2:f2:ce:db:8b:94:
24:f5:f7:a5
-----BEGIN CERTIFICATE-----
MIIFBjCCA+6gAwIBAgISAYzHlU/atlky4jpeAQZz+lI1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODY0MzYxYzUzYjBmYzExYzVhNzVkNTViYTMyYzcwNGE3MzAxMWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmjcRXJPjHr2gcKTdqsKQ9xVH14FY
smuBSSaOf3XKmF1tLfAIPSQGuIA/DZ9PiQdQL2BFZdc2MkzqUBl2abC8OD9OSwIg
yEmjbvdCTMvN0sbXgB+d4suOonjNmklfOD3+6bzC1eAKfnYDJ98GMdVSjszj/wgQ
DZWWwRmXqDNAX01KPIvx+VrEIw9G024F9h268ysmJ3QRmEK+oFYmFs4i2cM2pvMa
TMwFwLqVXTFqWiZBdviAq1s/zxPwM97F8MJA+l2IIqXzmsB9cvIZ/yIv/s0pYEJf
IXZmPHHgsVLXLm41kjOnvknIiTjIyKSziMX5FB1FYawfNNN57URuSrCJSwIDAQAB
o4ICEjCCAg4wHQYDVR0OBBYEFPhkNhxTsPwRxaddVboyxwSnMBG+MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzEtR1EySEZPd19CSEZwMTFWdWpMSEJLY3dFYjQucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzc4L2RhMzM5OC02Njk4LTQ1ZjItYmFhZS05MmUyNWZlMTYz
MzEvMS8xLU9ZbU5PRzlVVE9wM2tVU3JwakswYklobTFrLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSZo
AwQAXXMgMA0GCSqGSIb3DQEBCwUAA4IBAQC5ANnbp6SQRiiNWpTRChg3MchlWKpn
6V6Sq0/PJq2CweOu9g4XIfii9MDgCfXrzE7YRfg5m8rBjOAMQ78NGZObrvihqznZ
gH5V6cGILzJilxzSodX8paxkZfKadGEdKGjMf6vOhi/sU4Uk5FZ4SzUt9swvntyu
54iZirwoxwHy/DrlMzhoRPXJf1KQx/8AVmii8N8Wo1EX9QFXnmQ8GRni1+mE0xEH
39Ziess+n9HYpvgXmzbrTmIAM6aBxziPOIE08doxunRhoI7jG9fNwvib4MJ4YRgf
QfLtY/ZtZ3vLnyFke0hBFbDWJBJub2QAbgpKEVp/eQ6i8s7bi5Qk9fel
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:29:26 2025 by rpki-client