Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/byrxVDU67pXN70yENxoY32n6-QQ.roa
File: byrxVDU67pXN70yENxoY32n6-QQ.roa (raw, json)
Hash identifier: zIypTfszS4672F+H4wJDF4Bcp8jvX+YXJtscQ1eBl+0=
Subject key identifier: 6F:2A:F1:54:35:3A:EE:95:CD:EF:4C:84:37:1A:18:DF:69:FA:F9:04
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 01946E985C82B854B2BF303241FD9BA6AA76
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/byrxVDU67pXN70yENxoY32n6-QQ.roa
Signing time: Thu 16 Jan 2025 10:11:06 +0000
ROA not before: Thu 16 Jan 2025 10:11:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58065
IP address blocks: 89.251.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 22 Jan 2025 12:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6e:98:5c:82:b8:54:b2:bf:30:32:41:fd:9b:a6:aa:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 16 10:11:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f2af154353aee95cdef4c84371a18df69faf904
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:84:df:a0:5e:42:40:0a:0f:9e:28:b2:c9:63:
d6:64:42:43:ab:6e:aa:48:40:bb:dc:f1:7d:6c:80:
a1:5e:cd:3f:ed:d5:e0:c5:2e:5f:37:f8:76:f6:6a:
15:f1:f3:11:89:c6:d7:ec:ee:36:d1:a2:34:de:93:
73:b4:45:64:a7:f5:f5:87:78:90:ef:e2:82:df:d4:
b8:da:48:bf:d5:f2:22:d7:22:f1:69:4c:a2:7f:58:
b7:af:ed:63:76:58:03:a3:43:e9:9e:06:53:b2:24:
3e:d0:cb:b0:2e:75:2b:10:88:7d:ff:da:82:f7:38:
40:af:49:71:98:bf:2f:fc:38:ac:f0:c8:18:e3:f0:
72:81:82:a3:84:9d:3c:a6:7c:4f:61:60:7d:ae:2b:
b9:1b:11:9b:e8:3e:6d:78:79:67:08:a6:21:15:7e:
16:54:5e:57:f4:e1:39:d6:43:e1:3e:4d:8e:4c:4a:
4b:b1:d8:52:49:3f:a3:b9:c4:c9:f8:27:f4:b5:7e:
43:7b:0d:8c:c4:34:e8:d9:a5:76:6f:82:f1:78:fd:
e5:f6:e8:c5:c3:8e:e8:3f:e9:1f:e4:1a:e2:26:9c:
a9:08:d0:bd:69:53:4a:2b:57:7d:b1:10:6e:1a:ce:
df:e0:0f:d5:f2:1a:11:81:f2:d9:f5:95:e5:aa:02:
0a:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:2A:F1:54:35:3A:EE:95:CD:EF:4C:84:37:1A:18:DF:69:FA:F9:04
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/byrxVDU67pXN70yENxoY32n6-QQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.0.0/24
Signature Algorithm: sha256WithRSAEncryption
80:64:39:18:dc:f6:73:ef:2c:1c:97:ab:98:d7:27:32:a3:5c:
69:2f:e2:14:55:45:fe:cc:fa:d5:74:dc:51:3b:e0:11:a1:db:
3b:fb:18:23:1a:d4:60:3a:00:56:34:59:a3:7c:65:9d:25:bd:
76:8e:e9:c6:9d:28:45:5e:64:0e:fe:eb:79:0b:36:99:dc:4d:
d8:c9:21:6b:70:86:f7:5d:72:31:7b:e2:5e:a6:3d:b4:3e:d0:
56:39:3c:52:99:7a:7c:d4:5c:b5:b1:a6:33:a3:0e:d4:80:aa:
c8:f6:0c:27:38:3c:6f:33:1d:a5:0a:30:11:d9:2f:43:1b:ed:
cc:94:93:3a:dd:d3:56:78:ab:e4:bc:94:db:9b:ff:74:61:20:
e1:3e:f7:b7:ad:de:06:2c:09:5d:46:b9:e3:7a:57:cf:5f:c2:
d9:da:d1:c9:ef:81:e6:25:0d:27:76:fb:45:ba:b8:43:a0:56:
46:29:cf:a1:8c:ce:76:b4:72:60:fc:de:a2:95:d9:be:04:84:
23:e0:b9:82:48:3a:3a:04:fa:f9:0d:5d:45:c5:4a:33:03:0c:
80:20:95:13:2c:ec:47:97:d3:04:6b:9f:d4:e0:90:76:f8:a0:
48:32:04:5d:fa:f9:43:72:68:a8:92:94:15:e1:13:5f:4f:0a:
a8:7c:2e:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZRumFyCuFSyvzAyQf2bpqp2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTE2MTAxMTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjJhZjE1NDM1M2FlZTk1Y2RlZjRjODQzNzFhMThkZjY5ZmFmOTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+ITfoF5CQAoPniiyyWPWZEJDq26q
SEC73PF9bIChXs0/7dXgxS5fN/h29moV8fMRicbX7O420aI03pNztEVkp/X1h3iQ
7+KC39S42ki/1fIi1yLxaUyif1i3r+1jdlgDo0PpngZTsiQ+0MuwLnUrEIh9/9qC
9zhAr0lxmL8v/Dis8MgY4/BygYKjhJ08pnxPYWB9riu5GxGb6D5teHlnCKYhFX4W
VF5X9OE51kPhPk2OTEpLsdhSST+jucTJ+Cf0tX5Dew2MxDTo2aV2b4LxeP3l9ujF
w47oP+kf5BriJpypCNC9aVNKK1d9sRBuGs7f4A/V8hoRgfLZ9ZXlqgIKjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG8q8VQ1Ou6Vze9MhDcaGN9p+vkEMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYnlyeFZEVTY3cFhONzB5RU54b1kzMm42LVFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsAMA0G
CSqGSIb3DQEBCwUAA4IBAQCAZDkY3PZz7ywcl6uY1ycyo1xpL+IUVUX+zPrVdNxR
O+ARods7+xgjGtRgOgBWNFmjfGWdJb12junGnShFXmQO/ut5CzaZ3E3YySFrcIb3
XXIxe+Jepj20PtBWOTxSmXp81Fy1saYzow7UgKrI9gwnODxvMx2lCjAR2S9DG+3M
lJM63dNWeKvkvJTbm/90YSDhPve3rd4GLAldRrnjelfPX8LZ2tHJ74HmJQ0ndvtF
urhDoFZGKc+hjM52tHJg/N6ildm+BIQj4LmCSDo6BPr5DV1FxUozAwyAIJUTLOxH
l9MEa5/U4JB2+KBIMgRd+vlDcmiokpQV4RNfTwqofC7Y
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:50:38 2025 by rpki-client