Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/tb2XvAiXj-zIkxQAaD28iXxpj1w.roa
File: tb2XvAiXj-zIkxQAaD28iXxpj1w.roa (raw, json)
Hash identifier: HdnWLmMdK7V/DldD851qPmEUVLex9yszkwYaFQwLBGc=
Subject key identifier: B5:BD:97:BC:08:97:8F:EC:C8:93:14:00:68:3D:BC:89:7C:69:8F:5C
Certificate issuer: /CN=09ef0b8e5bbab29a1330fa0e7493f2a179847bb2
Certificate serial: 01931B1543205F0A6603C0250EDDF4A70784
Authority key identifier: 09:EF:0B:8E:5B:BA:B2:9A:13:30:FA:0E:74:93:F2:A1:79:84:7B:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ce8Ljlu6spoTMPoOdJPyoXmEe7I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/tb2XvAiXj-zIkxQAaD28iXxpj1w.roa
Signing time: Mon 11 Nov 2024 11:56:38 +0000
ROA not before: Mon 11 Nov 2024 11:56:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198331
IP address blocks: 89.145.176.0/21 maxlen: 21
2a02:7b80::/32 maxlen: 32
Validation: Failed, certificate revoked on Thu 02 Jan 2025 13:50:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1b:15:43:20:5f:0a:66:03:c0:25:0e:dd:f4:a7:07:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09ef0b8e5bbab29a1330fa0e7493f2a179847bb2
Validity
Not Before: Nov 11 11:56:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5bd97bc08978fecc8931400683dbc897c698f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:e7:ca:17:ee:77:fc:4e:59:20:d1:7e:a5:0e:
b2:74:df:de:7f:1d:25:0f:18:0b:07:0b:a6:16:9b:
18:12:f5:14:e4:a1:27:c2:66:d6:55:1f:9c:e6:53:
00:c4:56:ef:58:94:a5:7a:ef:b8:36:4a:58:3a:e9:
b6:5b:e8:fe:71:e4:a6:22:01:4e:a6:53:83:c9:96:
54:1c:02:11:b4:c2:ae:56:10:6e:9a:ef:78:59:8a:
0e:cb:6b:bb:3c:29:00:00:3a:d1:d2:99:3d:61:25:
3f:6f:72:9f:04:54:9d:64:9a:59:6f:ad:09:ee:e0:
c2:0f:c9:82:56:9f:00:16:d4:bd:6d:9f:57:79:42:
f8:4e:27:4e:95:f3:f2:5e:78:a4:0f:18:30:f8:6f:
4b:22:80:c8:5c:ea:44:8e:23:7d:d8:7b:24:07:58:
f4:36:bb:97:b4:0c:c9:d8:47:db:29:e2:e4:de:b2:
9a:7d:1f:20:e9:08:c0:19:e0:bc:d7:5e:d0:f2:70:
71:20:13:54:51:6d:a9:4a:d8:d0:98:bf:b1:08:47:
d3:58:5e:b9:a6:a9:2a:f6:f9:5d:a2:12:bb:c9:5b:
6f:bd:73:81:a5:a3:e6:64:47:e5:b0:8f:cd:6f:0e:
4d:7e:84:06:21:b9:fe:2d:92:e7:1e:dc:1b:df:04:
d7:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:BD:97:BC:08:97:8F:EC:C8:93:14:00:68:3D:BC:89:7C:69:8F:5C
X509v3 Authority Key Identifier:
keyid:09:EF:0B:8E:5B:BA:B2:9A:13:30:FA:0E:74:93:F2:A1:79:84:7B:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ce8Ljlu6spoTMPoOdJPyoXmEe7I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/tb2XvAiXj-zIkxQAaD28iXxpj1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/40543e-195a-4332-a8ed-37374e396c7d/1/Ce8Ljlu6spoTMPoOdJPyoXmEe7I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.176.0/21
IPv6:
2a02:7b80::/32
Signature Algorithm: sha256WithRSAEncryption
1d:97:25:94:54:a3:55:a6:26:2a:4b:d1:3f:ce:3b:2e:2f:c1:
17:b1:16:d1:0f:a8:62:62:e0:9a:0d:25:06:7b:5a:97:79:0e:
2b:2b:08:ce:84:33:37:41:26:ea:fb:14:31:53:26:57:78:8b:
28:8f:02:c7:58:d5:4a:7d:9c:da:be:bd:d3:67:54:f6:ca:ed:
35:56:d6:bb:24:c1:41:37:fc:28:f8:00:f6:41:21:dd:c2:70:
2f:31:e9:b4:6e:a4:be:85:2b:fa:ea:e3:36:5b:d5:91:8b:85:
e1:84:df:81:2f:b5:4c:15:c3:e3:a6:67:cb:12:0e:db:24:82:
26:f8:86:c3:43:1b:f3:ea:3a:04:d4:ed:08:85:b6:0a:4a:53:
76:64:dd:2f:d1:13:09:8d:92:9b:62:8b:cb:78:fd:54:27:82:
ef:7e:c4:3d:09:22:f9:82:28:a2:cf:92:56:af:16:6f:9a:a6:
97:61:06:44:bd:01:42:88:87:9f:88:5e:49:e2:0f:21:1a:a5:
a8:ef:0a:ee:4f:8f:95:bd:c1:da:92:bf:56:c9:71:09:d7:c7:
b8:fa:cf:76:63:de:6c:0d:36:7d:6a:4d:07:77:26:ca:f9:6e:
03:7b:77:65:43:95:b6:4b:d5:71:a1:56:79:ae:3e:95:24:75:
ca:30:f9:e4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMbFUMgXwpmA8AlDt30pweEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5ZWYwYjhlNWJiYWIyOWExMzMwZmEwZTc0OTNmMmExNzk4
NDdiYjIwHhcNMjQxMTExMTE1NjM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNWJkOTdiYzA4OTc4ZmVjYzg5MzE0MDA2ODNkYmM4OTdjNjk4ZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ufKF+53/E5ZINF+pQ6ydN/efx0l
DxgLBwumFpsYEvUU5KEnwmbWVR+c5lMAxFbvWJSleu+4NkpYOum2W+j+ceSmIgFO
plODyZZUHAIRtMKuVhBumu94WYoOy2u7PCkAADrR0pk9YSU/b3KfBFSdZJpZb60J
7uDCD8mCVp8AFtS9bZ9XeUL4TidOlfPyXnikDxgw+G9LIoDIXOpEjiN92HskB1j0
NruXtAzJ2EfbKeLk3rKafR8g6QjAGeC8117Q8nBxIBNUUW2pStjQmL+xCEfTWF65
pqkq9vldohK7yVtvvXOBpaPmZEflsI/Nbw5NfoQGIbn+LZLnHtwb3wTXtwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLW9l7wIl4/syJMUAGg9vIl8aY9cMB8GA1UdIwQY
MBaAFAnvC45burKaEzD6DnST8qF5hHuyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2U4TGpsdTZzcG9UTVBvT2RKUHlvWG1FZTdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80MDU0M2UtMTk1YS00MzMyLWE4ZWQt
MzczNzRlMzk2YzdkLzEvdGIyWHZBaVhqLXpJa3hRQWFEMjhpWHhwajF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80MDU0M2UtMTk1YS00MzMyLWE4ZWQtMzczNzRlMzk2Yzdk
LzEvQ2U4TGpsdTZzcG9UTVBvT2RKUHlvWG1FZTdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWZGwMA0E
AgACMAcDBQAqAnuAMA0GCSqGSIb3DQEBCwUAA4IBAQAdlyWUVKNVpiYqS9E/zjsu
L8EXsRbRD6hiYuCaDSUGe1qXeQ4rKwjOhDM3QSbq+xQxUyZXeIsojwLHWNVKfZza
vr3TZ1T2yu01Vta7JMFBN/wo+AD2QSHdwnAvMem0bqS+hSv66uM2W9WRi4XhhN+B
L7VMFcPjpmfLEg7bJIIm+IbDQxvz6joE1O0IhbYKSlN2ZN0v0RMJjZKbYovLeP1U
J4LvfsQ9CSL5giiiz5JWrxZvmqaXYQZEvQFCiIefiF5J4g8hGqWo7wruT4+VvcHa
kr9WyXEJ18e4+s92Y95sDTZ9ak0HdybK+W4De3dlQ5W2S9VxoVZ5rj6VJHXKMPnk
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:16:27 2025 by rpki-client