Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/taR111XbjlWMBAmWfZmYoF0Fhm0.roa
File: taR111XbjlWMBAmWfZmYoF0Fhm0.roa (raw, json)
Hash identifier: gk4NDJaLv6Dnne0CGfLbAukzbXGxM6T2T8LOLY8GliA=
Subject key identifier: B5:A4:75:D7:55:DB:8E:55:8C:04:09:96:7D:99:98:A0:5D:05:86:6D
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 019421B18AEF8AE7E2EE5E6EAA5816CD8FA1
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/taR111XbjlWMBAmWfZmYoF0Fhm0.roa
Signing time: Wed 01 Jan 2025 11:47:51 +0000
ROA not before: Wed 01 Jan 2025 11:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 84.247.113.0/24 maxlen: 24
89.149.17.0/24 maxlen: 24
89.149.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:17:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8a:ef:8a:e7:e2:ee:5e:6e:aa:58:16:cd:8f:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jan 1 11:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b5a475d755db8e558c0409967d9998a05d05866d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:bc:9a:81:31:c8:83:93:5e:22:e3:6c:96:61:
a2:a0:50:dd:c2:a0:a1:cb:c6:53:98:2b:92:63:8b:
8f:ec:62:b8:a2:e1:f8:32:79:f1:81:78:f4:31:ba:
fe:0b:29:20:05:30:0a:20:f4:33:24:5b:42:2b:18:
c0:7b:5c:aa:e5:7f:10:d8:48:e4:38:43:b2:78:45:
56:8f:bd:32:42:40:4d:e8:8f:68:6b:3c:c0:12:01:
b0:c5:9e:9d:6a:ca:5d:24:82:7b:52:21:8b:45:d8:
e0:dd:10:ba:48:0b:e1:10:5d:40:79:14:27:33:22:
dd:44:3c:4b:93:98:e6:4f:f5:b3:27:03:96:d3:be:
8c:50:93:7e:ee:e2:ca:b3:fc:08:89:60:b0:b8:0a:
1e:d2:ed:cc:7a:fb:46:58:85:53:6e:48:08:1d:62:
0a:6e:03:3f:69:8d:3e:82:42:eb:f9:75:31:3b:44:
6d:14:1b:8a:3d:c8:56:cb:0c:f5:0c:48:f0:ee:9a:
f1:48:f3:3b:63:db:84:70:5f:34:e0:e7:f5:ab:9b:
d3:4b:00:80:e0:fe:9b:d7:83:4e:7c:79:c6:22:c6:
41:6a:35:fb:53:ee:04:ac:81:72:1b:f5:42:c8:09:
94:eb:40:a9:ab:90:4a:ba:a3:f1:84:39:ee:98:52:
10:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:A4:75:D7:55:DB:8E:55:8C:04:09:96:7D:99:98:A0:5D:05:86:6D
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/taR111XbjlWMBAmWfZmYoF0Fhm0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.113.0/24
89.149.17.0-89.149.18.255
Signature Algorithm: sha256WithRSAEncryption
66:36:77:0f:65:02:e8:8f:70:8d:ed:00:dc:17:c8:14:09:5d:
2c:d5:4f:15:72:51:6a:64:8c:58:bd:9e:eb:2a:c0:d6:60:30:
36:c8:90:ba:1f:67:e1:18:84:e7:64:5c:bf:d8:bc:ad:85:cf:
84:50:df:e2:5a:3a:8b:96:84:df:1e:0f:73:d8:8e:f6:03:ab:
b5:d8:34:53:50:37:17:1e:cb:6d:cb:23:41:fb:b5:fe:57:87:
ee:ac:db:01:da:0c:f9:42:99:6a:a7:b9:c2:f6:11:d3:65:c5:
6a:01:09:43:ea:82:bb:d3:33:4b:27:94:98:02:9c:5a:8b:e7:
08:6f:b1:47:4e:f5:9b:3c:2c:c3:1c:1b:25:e3:10:93:4b:3b:
8d:60:11:ac:c0:fb:42:d0:da:70:f4:27:13:82:02:a1:ef:c1:
ac:4a:62:3d:7d:7b:b7:70:69:76:39:25:11:81:12:f5:06:6f:
6f:ea:2c:52:0b:69:05:1c:03:52:0b:3a:fa:a1:f4:bf:47:52:
3b:23:69:af:df:10:90:55:b1:53:1c:87:de:08:61:7a:f0:48:
41:53:dd:e3:04:94:4a:bc:92:41:58:9d:42:5e:97:40:99:16:
44:af:54:73:89:c0:d4:ee:cf:b9:46:2c:f2:55:a8:b5:42:1d:
5a:4e:b2:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQhsYrviufi7l5uqlgWzY+hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjUwMTAxMTE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWE0NzVkNzU1ZGI4ZTU1OGMwNDA5OTY3ZDk5OThhMDVkMDU4NjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmryagTHIg5NeIuNslmGioFDdwqCh
y8ZTmCuSY4uP7GK4ouH4MnnxgXj0Mbr+CykgBTAKIPQzJFtCKxjAe1yq5X8Q2Ejk
OEOyeEVWj70yQkBN6I9oazzAEgGwxZ6daspdJIJ7UiGLRdjg3RC6SAvhEF1AeRQn
MyLdRDxLk5jmT/WzJwOW076MUJN+7uLKs/wIiWCwuAoe0u3MevtGWIVTbkgIHWIK
bgM/aY0+gkLr+XUxO0RtFBuKPchWywz1DEjw7prxSPM7Y9uEcF804Of1q5vTSwCA
4P6b14NOfHnGIsZBajX7U+4ErIFyG/VCyAmU60Cpq5BKuqPxhDnumFIQcQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLWkdddV245VjAQJln2ZmKBdBYZtMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvdGFSMTExWGJqbFdNQkFtV2ZabVlvRjBGaG0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVPdxMAwD
BABZlREDBABZlRIwDQYJKoZIhvcNAQELBQADggEBAGY2dw9lAuiPcI3tANwXyBQJ
XSzVTxVyUWpkjFi9nusqwNZgMDbIkLofZ+EYhOdkXL/YvK2Fz4RQ3+JaOouWhN8e
D3PYjvYDq7XYNFNQNxcey23LI0H7tf5Xh+6s2wHaDPlCmWqnucL2EdNlxWoBCUPq
grvTM0snlJgCnFqL5whvsUdO9Zs8LMMcGyXjEJNLO41gEazA+0LQ2nD0JxOCAqHv
waxKYj19e7dwaXY5JRGBEvUGb2/qLFILaQUcA1ILOvqh9L9HUjsjaa/fEJBVsVMc
h94IYXrwSEFT3eMElEq8kkFYnUJel0CZFkSvVHOJwNTuz7lGLPJVqLVCHVpOspc=
-----END CERTIFICATE-----
Generated at Sat Apr 19 07:13:18 2025 by rpki-client