Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/55c1f1-63ab-4145-b156-e6aeb9413f72/1/74qxwp7yPix8vW0XwQ6NzuEWwO8.roa
File: 74qxwp7yPix8vW0XwQ6NzuEWwO8.roa (raw, json)
Hash identifier: HJ8QWXEt9lgRBvpnBskDj5dQPXKGK4alplc4YMq/O2M=
Subject key identifier: EF:8A:B1:C2:9E:F2:3E:2C:7C:BD:6D:17:C1:0E:8D:CE:E1:16:C0:EF
Certificate issuer: /CN=de5aecba103bb3c0c0e884d520eb38464d0fa903
Certificate serial: 018CC348BC4C2EAB445537A8A29483AFE128
Authority key identifier: DE:5A:EC:BA:10:3B:B3:C0:C0:E8:84:D5:20:EB:38:46:4D:0F:A9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3lrsuhA7s8DA6ITVIOs4Rk0PqQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/55c1f1-63ab-4145-b156-e6aeb9413f72/1/74qxwp7yPix8vW0XwQ6NzuEWwO8.roa
Signing time: Mon 01 Jan 2024 04:29:33 +0000
ROA not before: Mon 01 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211103
IP address blocks: 185.89.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:bc:4c:2e:ab:44:55:37:a8:a2:94:83:af:e1:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de5aecba103bb3c0c0e884d520eb38464d0fa903
Validity
Not Before: Jan 1 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef8ab1c29ef23e2c7cbd6d17c10e8dcee116c0ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:4d:9c:cc:6b:3b:ec:5f:4a:c3:d1:d0:c2:56:
18:67:40:9e:6d:6a:33:53:eb:2a:e8:96:27:01:67:
f6:17:73:e6:6e:63:42:cc:2d:99:df:f2:2e:73:64:
a7:12:06:1d:e7:1e:d8:5f:b2:f8:59:90:df:bc:dd:
f4:59:df:ef:c4:c7:59:db:7f:60:e7:3f:5e:40:5b:
7a:d9:33:83:9a:ab:17:b7:d0:36:93:ad:d3:e3:04:
17:6c:cf:19:48:12:72:10:cb:ab:34:32:f7:41:73:
01:b2:37:23:e2:58:7c:c7:b9:10:57:42:33:8b:3a:
43:0b:f6:44:12:da:af:aa:8d:e2:94:b6:a4:c4:2d:
21:81:1e:a2:28:5b:16:15:ff:3b:a5:50:43:0d:3d:
4d:bf:30:ce:cf:14:b8:93:0d:2c:b8:2e:a7:78:e3:
87:15:b6:da:f6:8b:3b:87:73:74:3c:7c:e4:a1:ea:
16:d1:31:fc:08:14:07:67:6f:02:a4:c8:dc:18:1c:
a3:72:35:41:d1:63:7c:0d:65:2c:4c:74:67:a8:5a:
ad:6a:ee:db:5a:46:b4:d6:8a:39:69:49:78:66:9f:
53:a1:ae:94:fe:a2:a1:9b:0f:a0:cf:96:04:e4:ee:
a4:98:c4:e2:20:b7:df:f5:4c:9d:f6:08:c5:b0:0b:
ea:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:8A:B1:C2:9E:F2:3E:2C:7C:BD:6D:17:C1:0E:8D:CE:E1:16:C0:EF
X509v3 Authority Key Identifier:
keyid:DE:5A:EC:BA:10:3B:B3:C0:C0:E8:84:D5:20:EB:38:46:4D:0F:A9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3lrsuhA7s8DA6ITVIOs4Rk0PqQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/55c1f1-63ab-4145-b156-e6aeb9413f72/1/74qxwp7yPix8vW0XwQ6NzuEWwO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/55c1f1-63ab-4145-b156-e6aeb9413f72/1/3lrsuhA7s8DA6ITVIOs4Rk0PqQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.89.21.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:ee:9b:51:03:c1:fc:0d:47:c4:f8:6c:f9:ee:21:e2:50:48:
cf:36:4a:71:c3:a8:0e:90:dd:b7:14:dd:b5:15:3d:2b:83:6e:
cb:26:5f:b6:6e:64:c8:e0:92:73:08:63:98:5a:c5:54:28:4c:
56:e5:55:17:7f:0b:06:94:52:e7:8c:a7:5c:1d:57:e9:44:a9:
bd:ca:66:c3:57:a7:bd:75:16:34:a0:7b:82:9d:24:05:cf:84:
30:96:b6:8c:af:b8:be:54:e5:6d:08:7b:b1:e1:6d:63:5f:29:
cd:be:73:32:8b:06:97:bd:e5:fa:66:83:5b:05:27:ee:83:5f:
9b:f1:5a:ac:3a:f9:c6:61:97:fa:9b:d8:8a:68:77:e3:23:63:
58:f5:b9:4b:5e:20:b3:2f:9f:0c:3a:10:71:16:98:d1:56:19:
b5:ba:52:98:42:11:90:d3:c5:76:8e:9f:ff:73:2c:a0:b7:d2:
27:1b:bf:9c:06:a0:72:aa:cf:de:2d:4b:d9:80:d8:81:a8:ed:
97:5c:5b:17:a4:a2:f4:19:4f:ec:9e:a8:f4:18:21:e6:0b:8e:
df:e6:82:c3:31:62:f7:be:f9:4f:16:8e:8c:30:54:ac:ce:84:
e4:48:fb:0c:a8:68:f1:e3:ec:10:6b:7d:9e:09:dd:b3:48:ff:
a9:36:0d:e0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSLxMLqtEVTeoopSDr+EoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlNWFlY2JhMTAzYmIzYzBjMGU4ODRkNTIwZWIzODQ2NGQw
ZmE5MDMwHhcNMjQwMTAxMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjhhYjFjMjllZjIzZTJjN2NiZDZkMTdjMTBlOGRjZWUxMTZjMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoU2czGs77F9Kw9HQwlYYZ0CebWoz
U+sq6JYnAWf2F3PmbmNCzC2Z3/Iuc2SnEgYd5x7YX7L4WZDfvN30Wd/vxMdZ239g
5z9eQFt62TODmqsXt9A2k63T4wQXbM8ZSBJyEMurNDL3QXMBsjcj4lh8x7kQV0Iz
izpDC/ZEEtqvqo3ilLakxC0hgR6iKFsWFf87pVBDDT1NvzDOzxS4kw0suC6neOOH
Fbba9os7h3N0PHzkoeoW0TH8CBQHZ28CpMjcGByjcjVB0WN8DWUsTHRnqFqtau7b
Wka01oo5aUl4Zp9Toa6U/qKhmw+gz5YE5O6kmMTiILff9Uyd9gjFsAvqIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO+KscKe8j4sfL1tF8EOjc7hFsDvMB8GA1UdIwQY
MBaAFN5a7LoQO7PAwOiE1SDrOEZND6kDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2xyc3VoQTdzOERBNklUVklPczRSazBQcVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS81NWMxZjEtNjNhYi00MTQ1LWIxNTYt
ZTZhZWI5NDEzZjcyLzEvNzRxeHdwN3lQaXg4dlcwWHdRNk56dUVXd084LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS81NWMxZjEtNjNhYi00MTQ1LWIxNTYtZTZhZWI5NDEzZjcy
LzEvM2xyc3VoQTdzOERBNklUVklPczRSazBQcVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVkVMA0G
CSqGSIb3DQEBCwUAA4IBAQC47ptRA8H8DUfE+Gz57iHiUEjPNkpxw6gOkN23FN21
FT0rg27LJl+2bmTI4JJzCGOYWsVUKExW5VUXfwsGlFLnjKdcHVfpRKm9ymbDV6e9
dRY0oHuCnSQFz4QwlraMr7i+VOVtCHux4W1jXynNvnMyiwaXveX6ZoNbBSfug1+b
8VqsOvnGYZf6m9iKaHfjI2NY9blLXiCzL58MOhBxFpjRVhm1ulKYQhGQ08V2jp//
cyygt9InG7+cBqByqs/eLUvZgNiBqO2XXFsXpKL0GU/snqj0GCHmC47f5oLDMWL3
vvlPFo6MMFSszoTkSPsMqGjx4+wQa32eCd2zSP+pNg3g
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:43:27 2025 by rpki-client