Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/XnV92qRpjzL9NiSlCAMAqCzTy7Q.roa
File: XnV92qRpjzL9NiSlCAMAqCzTy7Q.roa (raw, json)
Hash identifier: x5JfgEIqPon//BPacVD49WbjKRdXkuNIT03yD4HKgM8=
Subject key identifier: 5E:75:7D:DA:A4:69:8F:32:FD:36:24:A5:08:03:00:A8:2C:D3:CB:B4
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 019421B18E82B82747DEB3A574317C38CF96
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/XnV92qRpjzL9NiSlCAMAqCzTy7Q.roa
Signing time: Wed 01 Jan 2025 11:47:51 +0000
ROA not before: Wed 01 Jan 2025 11:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 89.149.15.0/24 maxlen: 24
89.149.42.0/24 maxlen: 24
89.149.43.0/24 maxlen: 24
89.149.44.0/24 maxlen: 24
89.149.45.0/24 maxlen: 24
89.149.46.0/24 maxlen: 24
89.149.47.0/24 maxlen: 24
89.149.48.0/24 maxlen: 24
89.149.52.0/24 maxlen: 24
89.149.53.0/24 maxlen: 24
89.149.56.0/24 maxlen: 24
89.149.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 11 Mar 2025 08:55:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8e:82:b8:27:47:de:b3:a5:74:31:7c:38:cf:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jan 1 11:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e757ddaa4698f32fd3624a5080300a82cd3cbb4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a8:4b:1c:8f:5e:7e:9a:31:92:ee:e3:95:e5:
bb:82:a5:d1:b6:4a:4e:1e:20:c3:ae:22:7b:c9:92:
46:3d:fa:ab:34:f8:24:a0:43:09:0f:23:c4:a3:b0:
b7:61:e8:56:cb:ec:cb:74:99:df:9f:f6:7d:28:f7:
76:43:e4:eb:0c:b1:d0:0d:b0:89:0e:61:83:41:02:
24:16:4c:b5:51:7e:c1:83:c8:fb:98:a2:80:6f:e0:
1a:21:93:68:64:51:55:18:4c:c9:36:c9:b1:aa:e5:
d4:a4:67:01:be:39:b2:87:41:c4:a8:55:ad:47:9a:
c1:6a:81:d9:d7:2e:9a:65:20:18:74:c1:e9:bf:4d:
bf:26:de:e7:1c:46:45:a5:ae:e6:58:b1:7b:95:d8:
50:b3:9c:f4:7c:ca:d9:50:bc:6d:a3:44:21:25:95:
73:f0:f3:93:8e:6d:1b:93:9a:4d:10:e8:74:76:55:
d4:04:a3:db:6a:ae:d5:97:ac:1f:0d:11:59:a8:99:
99:ce:76:9c:6d:56:0b:55:ed:05:53:f7:d9:5c:63:
21:da:0f:f6:06:d3:2c:18:84:6d:df:cb:a6:09:1c:
4e:ac:e0:45:4f:d0:5d:ab:ed:8b:f4:5a:0c:f5:a6:
e9:71:b5:9a:f2:96:95:bb:a3:20:47:60:18:c3:47:
7c:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:75:7D:DA:A4:69:8F:32:FD:36:24:A5:08:03:00:A8:2C:D3:CB:B4
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/XnV92qRpjzL9NiSlCAMAqCzTy7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.149.15.0/24
89.149.42.0-89.149.48.255
89.149.52.0/23
89.149.56.0/24
89.149.62.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:bb:72:6a:f6:a7:da:3e:4f:4d:1b:9b:a2:c8:51:1b:df:15:
cf:6c:e1:4d:80:a3:22:cf:92:3e:1f:a3:60:81:7b:6e:94:e2:
85:66:67:d6:d4:0b:a6:2e:f4:d1:59:a6:93:cf:2a:ae:64:67:
d1:1d:af:2c:11:2e:1c:cc:e6:61:67:3b:15:bd:b3:f9:8e:f9:
88:78:c0:8f:9d:fd:e3:e7:04:f8:22:2d:0a:54:ff:6b:50:88:
e9:82:3d:0d:13:31:6f:20:f8:36:43:e2:69:90:88:b7:57:b4:
df:b3:40:39:0a:01:07:b0:24:cb:72:e6:79:90:c1:a1:36:ee:
90:a4:87:a2:34:8f:3b:22:fb:3e:18:3c:72:18:9e:99:47:75:
c9:25:0b:49:b8:96:cb:8c:b4:0a:66:94:df:ee:e1:9e:f9:8c:
3d:cf:06:3a:85:54:19:34:35:f5:ef:99:92:3f:e4:10:d9:33:
2d:2f:f1:2a:e3:60:8f:53:72:31:4a:b2:6e:2e:ed:64:74:f6:
d8:11:9b:ca:59:c8:3f:5d:eb:8c:43:99:ac:83:d5:bf:4a:e9:
c1:38:1a:a8:ad:89:43:9a:f7:7a:0b:7c:15:5f:40:cb:21:f9:
32:a7:00:a7:11:19:a3:f0:82:41:35:6b:97:af:03:35:bc:bc:
24:76:58:ed
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQhsY6CuCdH3rOldDF8OM+WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjUwMTAxMTE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTc1N2RkYWE0Njk4ZjMyZmQzNjI0YTUwODAzMDBhODJjZDNjYmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwahLHI9efpoxku7jleW7gqXRtkpO
HiDDriJ7yZJGPfqrNPgkoEMJDyPEo7C3YehWy+zLdJnfn/Z9KPd2Q+TrDLHQDbCJ
DmGDQQIkFky1UX7Bg8j7mKKAb+AaIZNoZFFVGEzJNsmxquXUpGcBvjmyh0HEqFWt
R5rBaoHZ1y6aZSAYdMHpv02/Jt7nHEZFpa7mWLF7ldhQs5z0fMrZULxto0QhJZVz
8POTjm0bk5pNEOh0dlXUBKPbaq7Vl6wfDRFZqJmZznacbVYLVe0FU/fZXGMh2g/2
BtMsGIRt38umCRxOrOBFT9Bdq+2L9FoM9abpcbWa8paVu6MgR2AYw0d8xwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFF51fdqkaY8y/TYkpQgDAKgs08u0MB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvWG5WOTJxUnBqekw5TmlTbENBTUFxQ3pUeTdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAWZUPMAwD
BAFZlSoDBABZlTADBAFZlTQDBABZlTgDBABZlT4wDQYJKoZIhvcNAQELBQADggEB
AHy7cmr2p9o+T00bm6LIURvfFc9s4U2AoyLPkj4fo2CBe26U4oVmZ9bUC6Yu9NFZ
ppPPKq5kZ9EdrywRLhzM5mFnOxW9s/mO+Yh4wI+d/ePnBPgiLQpU/2tQiOmCPQ0T
MW8g+DZD4mmQiLdXtN+zQDkKAQewJMty5nmQwaE27pCkh6I0jzsi+z4YPHIYnplH
dcklC0m4lsuMtApmlN/u4Z75jD3PBjqFVBk0NfXvmZI/5BDZMy0v8SrjYI9TcjFK
sm4u7WR09tgRm8pZyD9d64xDmayD1b9K6cE4GqitiUOa93oLfBVfQMsh+TKnAKcR
GaPwgkE1a5evAzW8vCR2WO0=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:18:40 2025 by rpki-client