Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/6NsWLohb37syOp1yK1CMSSUYIjQ.roa
File: 6NsWLohb37syOp1yK1CMSSUYIjQ.roa (raw, json)
Hash identifier: Q/rHWBuCsFm8tiu1cFAYrgEeQ04bnRJRePXFHaBJKjU=
Subject key identifier: E8:DB:16:2E:88:5B:DF:BB:32:3A:9D:72:2B:50:8C:49:25:18:22:34
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 0192EDF3A89D8A134ECD8C92B6C4478FA823
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/6NsWLohb37syOp1yK1CMSSUYIjQ.roa
Signing time: Sat 02 Nov 2024 17:37:01 +0000
ROA not before: Sat 02 Nov 2024 17:37:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 89.187.9.0/24 maxlen: 24
89.187.20.0/24 maxlen: 24
89.187.27.0/24 maxlen: 24
89.187.31.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ed:f3:a8:9d:8a:13:4e:cd:8c:92:b6:c4:47:8f:a8:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Nov 2 17:37:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e8db162e885bdfbb323a9d722b508c4925182234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:85:3e:3d:46:6a:66:ff:5f:ef:cc:1d:5c:7b:
59:1d:e9:76:b6:5a:03:50:ac:23:70:47:95:1c:6c:
a8:8c:1a:e2:e8:c2:d5:2d:44:fe:c4:2a:11:35:57:
a5:10:e3:07:1d:b8:5d:f8:0a:57:94:9c:69:9f:85:
4d:57:ae:dc:55:f5:d3:71:b1:b0:b8:f2:3d:4c:c6:
8c:34:e3:06:e9:eb:af:1a:f5:cb:9f:9b:49:e1:0c:
be:2d:62:74:48:1c:28:c5:8e:45:29:ef:1a:54:35:
7d:39:76:05:49:a6:ce:c2:aa:85:ed:d0:4e:27:60:
0c:e0:b5:56:1a:61:9f:44:dd:4c:7b:b6:bc:e9:ac:
3c:8f:e4:20:f9:b7:88:64:99:d0:c0:09:db:bd:d1:
d8:8d:78:c2:67:13:29:ad:e5:bf:56:13:7e:59:b3:
92:ae:87:95:79:5e:a1:97:8c:af:45:87:97:b6:96:
2e:f4:9e:77:52:e6:9b:c1:75:0a:88:39:35:bd:ae:
dd:ec:a9:0d:3c:d8:16:14:8c:99:8e:54:2a:85:07:
f6:0c:2f:c8:68:e2:d2:fb:9c:26:66:c0:7c:a9:8d:
22:92:59:4f:73:d1:d8:5a:c5:82:65:68:1e:ee:36:
64:e9:7a:f7:b6:8f:82:2d:3b:9f:5a:b0:33:43:c5:
ff:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:DB:16:2E:88:5B:DF:BB:32:3A:9D:72:2B:50:8C:49:25:18:22:34
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/6NsWLohb37syOp1yK1CMSSUYIjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.9.0/24
89.187.20.0/24
89.187.27.0/24
89.187.31.0/24
Signature Algorithm: sha256WithRSAEncryption
49:e9:6d:2d:8d:40:1c:b4:51:01:c1:00:ef:f2:50:fd:27:a6:
3e:84:39:33:32:bd:6d:d1:7f:c9:f1:22:4a:ee:f5:6a:bd:ee:
70:4f:0e:c4:cb:1f:e7:98:37:08:9c:cd:16:38:01:dd:a2:b8:
b6:cd:37:53:16:23:ae:36:50:bd:e0:2a:91:f0:9b:b1:59:e8:
7a:35:0e:aa:9f:1b:12:f7:5f:fa:16:18:aa:ad:43:4b:a3:eb:
1e:93:6a:1a:ef:fe:08:84:1d:0c:10:13:d2:29:67:e1:3e:f2:
d2:2e:e5:88:82:95:7d:9c:35:06:af:e5:84:65:7e:fc:06:a6:
5b:50:f5:41:7e:36:b7:77:60:34:f9:73:95:b9:64:3b:b4:c3:
76:b5:f4:ae:fa:e8:c1:e8:20:97:0c:9e:89:81:b3:e0:42:8d:
eb:c0:11:18:22:03:5f:cb:47:aa:cb:74:c0:86:45:0a:8d:ef:
38:e7:35:4b:3d:fd:29:e0:09:f5:24:2e:f6:98:29:9f:08:7b:
58:a2:e8:6b:d1:89:e1:15:b3:d2:ef:32:49:e1:c0:68:19:cc:
42:61:a7:88:58:12:f2:81:93:9b:57:1f:74:95:e5:1b:73:1a:
6b:89:0c:3c:50:a0:44:f2:f6:6b:1e:9f:31:65:4f:7d:a5:b3:
16:09:5f:36
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLt86idihNOzYyStsRHj6gjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQxMTAyMTczNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGRiMTYyZTg4NWJkZmJiMzIzYTlkNzIyYjUwOGM0OTI1MTgyMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6YU+PUZqZv9f78wdXHtZHel2tloD
UKwjcEeVHGyojBri6MLVLUT+xCoRNVelEOMHHbhd+ApXlJxpn4VNV67cVfXTcbGw
uPI9TMaMNOMG6euvGvXLn5tJ4Qy+LWJ0SBwoxY5FKe8aVDV9OXYFSabOwqqF7dBO
J2AM4LVWGmGfRN1Me7a86aw8j+Qg+beIZJnQwAnbvdHYjXjCZxMpreW/VhN+WbOS
roeVeV6hl4yvRYeXtpYu9J53UuabwXUKiDk1va7d7KkNPNgWFIyZjlQqhQf2DC/I
aOLS+5wmZsB8qY0ikllPc9HYWsWCZWge7jZk6Xr3to+CLTufWrAzQ8X/1wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOjbFi6IW9+7MjqdcitQjEklGCI0MB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvNk5zV0xvaGIzN3N5T3AxeUsxQ01TU1VZSWpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWbsJAwQA
WbsUAwQAWbsbAwQAWbsfMA0GCSqGSIb3DQEBCwUAA4IBAQBJ6W0tjUActFEBwQDv
8lD9J6Y+hDkzMr1t0X/J8SJK7vVqve5wTw7Eyx/nmDcInM0WOAHdori2zTdTFiOu
NlC94CqR8JuxWeh6NQ6qnxsS91/6FhiqrUNLo+sek2oa7/4IhB0MEBPSKWfhPvLS
LuWIgpV9nDUGr+WEZX78BqZbUPVBfja3d2A0+XOVuWQ7tMN2tfSu+ujB6CCXDJ6J
gbPgQo3rwBEYIgNfy0eqy3TAhkUKje845zVLPf0p4An1JC72mCmfCHtYouhr0Ynh
FbPS7zJJ4cBoGcxCYaeIWBLygZObVx90leUbcxpriQw8UKBE8vZrHp8xZU99pbMW
CV82
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:30 2025 by rpki-client