Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/L_J7yQe3UsNZnZzATcPzGaK_66k.roa
File: L_J7yQe3UsNZnZzATcPzGaK_66k.roa (raw, json)
Hash identifier: tk7uaRdOhagMiVAqj7M+jSEvzyo3gXmKtRwnNOSAuwQ=
Subject key identifier: 2F:F2:7B:C9:07:B7:52:C3:59:9D:9C:C0:4D:C3:F3:19:A2:BF:EB:A9
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018D56A6F8BC8DDD7029010B4F2083758649
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/L_J7yQe3UsNZnZzATcPzGaK_66k.roa
Signing time: Mon 29 Jan 2024 19:16:39 +0000
ROA not before: Mon 29 Jan 2024 19:16:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20616
IP address blocks: 89.34.107.0/24 maxlen: 24
176.223.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 02 Feb 2024 16:29:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:a6:f8:bc:8d:dd:70:29:01:0b:4f:20:83:75:86:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 29 19:16:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ff27bc907b752c3599d9cc04dc3f319a2bfeba9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a5:21:ba:91:fa:ef:7d:a3:59:b8:17:8c:42:
f3:e7:7a:cf:13:ba:24:aa:3d:1d:c0:92:04:94:fa:
06:f3:e6:e3:db:34:c8:b8:68:79:b8:52:5d:18:41:
dc:be:db:b7:b4:27:9e:9f:8c:07:3f:ef:08:9a:64:
02:28:c6:f1:9f:64:04:44:d8:9a:da:37:ca:16:80:
32:2a:ae:00:1d:ae:ab:7f:50:8b:05:6d:b8:3d:db:
ea:30:16:1f:27:7d:5c:bb:79:00:6c:d2:d8:51:a5:
19:9d:ae:c8:43:0a:1c:44:a2:70:f8:12:a3:fa:d4:
1a:5f:a8:62:27:78:2b:d8:3c:9a:35:aa:3d:b6:4a:
c9:d1:65:d4:10:ea:05:ad:5f:60:c3:dc:c5:c3:df:
6b:0b:37:d7:14:f2:28:61:99:49:4b:6a:04:45:68:
27:6b:58:db:a4:f4:75:c7:5c:e2:d2:e2:7a:00:71:
b3:e6:6e:e2:1d:ec:de:4c:68:87:a0:66:82:0b:7f:
2c:3a:99:d9:72:75:3e:a6:91:af:22:74:21:51:bd:
20:d2:d0:94:0c:3b:b0:39:50:cf:50:ad:e2:d0:62:
8d:1c:fa:99:fc:4b:fe:2c:82:82:d1:fc:cd:2f:f9:
45:cf:16:24:b3:33:05:42:a2:4d:99:f0:70:dd:c5:
18:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:F2:7B:C9:07:B7:52:C3:59:9D:9C:C0:4D:C3:F3:19:A2:BF:EB:A9
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/L_J7yQe3UsNZnZzATcPzGaK_66k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.107.0/24
176.223.166.0/24
Signature Algorithm: sha256WithRSAEncryption
d2:53:8b:57:2d:e9:1e:5f:08:9b:0d:98:e7:e5:2a:a5:9d:96:
68:f8:18:41:83:82:32:91:e7:cb:03:5c:db:46:6b:60:23:75:
30:02:d8:8f:a2:1c:b0:72:07:73:52:c2:66:91:4f:a9:c3:36:
ee:53:4b:b7:7f:dc:45:c6:28:5f:18:02:c2:72:c9:79:93:3c:
45:8e:9e:35:5a:7b:71:b5:75:a1:0d:e6:a4:58:74:8d:4b:29:
a1:db:8e:e9:fe:12:1a:1c:9f:4f:35:c5:56:10:03:d4:e2:44:
86:20:0a:3a:48:80:20:8f:08:2d:45:05:9a:19:67:16:b3:2d:
8e:18:84:85:4d:01:4d:ce:5c:6f:7c:cd:4e:2b:bd:42:12:7c:
e6:b9:80:b0:66:99:a4:2f:0a:0e:e2:3a:09:f8:29:00:8d:39:
04:b7:b2:9d:59:f8:8d:d9:da:59:a1:a3:88:ec:c6:10:bb:75:
6c:77:2c:a0:5f:b4:a5:f2:36:0a:11:1f:af:cd:a9:d2:da:31:
6b:f2:e7:b9:f4:b2:7d:36:78:a7:bf:63:d6:be:21:f5:98:6c:
e5:af:04:4c:e0:ec:00:2e:bf:9a:f9:26:5d:5c:6b:71:cd:d1:
f5:f8:7a:c4:0d:04:69:44:6b:ee:4a:32:5c:ba:9b:3f:ff:f3:
3b:b6:51:bc
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY1Wpvi8jd1wKQELTyCDdYZJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTI5MTkxNjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmYyN2JjOTA3Yjc1MmMzNTk5ZDljYzA0ZGMzZjMxOWEyYmZlYmE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqUhupH6732jWbgXjELz53rPE7ok
qj0dwJIElPoG8+bj2zTIuGh5uFJdGEHcvtu3tCeen4wHP+8ImmQCKMbxn2QERNia
2jfKFoAyKq4AHa6rf1CLBW24PdvqMBYfJ31cu3kAbNLYUaUZna7IQwocRKJw+BKj
+tQaX6hiJ3gr2DyaNao9tkrJ0WXUEOoFrV9gw9zFw99rCzfXFPIoYZlJS2oERWgn
a1jbpPR1x1zi0uJ6AHGz5m7iHezeTGiHoGaCC38sOpnZcnU+ppGvInQhUb0g0tCU
DDuwOVDPUK3i0GKNHPqZ/Ev+LIKC0fzNL/lFzxYkszMFQqJNmfBw3cUY9wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFC/ye8kHt1LDWZ2cwE3D8xmiv+upMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0xfSjd5UWUzVXNOWm5aekFUY1B6R2FLXzY2ay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABZImsD
BACw36YwDQYJKoZIhvcNAQELBQADggEBANJTi1ct6R5fCJsNmOflKqWdlmj4GEGD
gjKR58sDXNtGa2AjdTAC2I+iHLByB3NSwmaRT6nDNu5TS7d/3EXGKF8YAsJyyXmT
PEWOnjVae3G1daEN5qRYdI1LKaHbjun+Ehocn081xVYQA9TiRIYgCjpIgCCPCC1F
BZoZZxazLY4YhIVNAU3OXG98zU4rvUISfOa5gLBmmaQvCg7iOgn4KQCNOQS3sp1Z
+I3Z2lmho4jsxhC7dWx3LKBftKXyNgoRH6/NqdLaMWvy57n0sn02eKe/Y9a+IfWY
bOWvBEzg7AAuv5r5Jl1ca3HN0fX4esQNBGlEa+5KMly6mz//8zu2Ubw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:37:13 2025 by rpki-client