Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8fcbe9-9b9b-4987-95be-25904ba9a355/1/1-kvRcC7vA3TzPJY9iuJ62gTTSIU.roa
File: 1-kvRcC7vA3TzPJY9iuJ62gTTSIU.roa (raw, json)
Hash identifier: U/0rMaIX9NjKVDWuT0pzFzKUMuYtkfdH9DoScDdykkw=
Subject key identifier: FA:4B:D1:70:2E:EF:03:74:F3:3C:96:3D:8A:E2:7A:DA:04:D3:48:85
Certificate issuer: /CN=c0f69d2f474474dbb57f6bec8c2d65d5e0c29661
Certificate serial: 018CC26D629D9121463F0E7CF9FFDFB8D59F
Authority key identifier: C0:F6:9D:2F:47:44:74:DB:B5:7F:6B:EC:8C:2D:65:D5:E0:C2:96:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wPadL0dEdNu1f2vsjC1l1eDClmE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8fcbe9-9b9b-4987-95be-25904ba9a355/1/1-kvRcC7vA3TzPJY9iuJ62gTTSIU.roa
Signing time: Mon 01 Jan 2024 00:29:57 +0000
ROA not before: Mon 01 Jan 2024 00:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25285
IP address blocks: 81.89.32.0/20 maxlen: 20
Validation: Failed, certificate revoked on Thu 02 Jan 2025 07:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:62:9d:91:21:46:3f:0e:7c:f9:ff:df:b8:d5:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0f69d2f474474dbb57f6bec8c2d65d5e0c29661
Validity
Not Before: Jan 1 00:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa4bd1702eef0374f33c963d8ae27ada04d34885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:57:76:0d:25:1a:73:d6:8d:d8:2b:70:22:56:
7c:b0:ea:8b:de:a0:de:15:9c:6e:db:d4:a9:9f:43:
2d:c0:31:87:23:2f:0b:30:a1:8d:29:73:95:a9:71:
2e:b0:00:91:5d:54:09:4f:16:00:84:ad:d6:43:c2:
91:ce:1f:39:30:be:60:9d:56:df:33:be:e5:10:f3:
30:fb:44:d6:48:ab:ac:e2:d9:98:7d:cc:eb:dc:da:
c1:d9:ac:4c:fa:ce:67:fc:52:f7:2a:b6:fb:be:24:
f6:56:d5:87:07:3f:98:cd:e4:1d:3c:66:96:e4:7a:
6e:39:76:3b:7e:74:fb:43:14:ee:cc:5f:d0:7a:4e:
3b:19:b3:a4:17:5b:e7:e7:65:bd:9e:62:2d:dc:a5:
bd:fc:03:8a:c2:a5:f3:8b:04:c9:30:1f:d0:13:74:
7d:f0:93:0b:b8:f0:40:db:30:38:1e:12:b0:67:e8:
09:d0:9f:4b:ad:0d:98:52:11:42:c9:cd:0a:24:63:
84:77:4b:36:f0:0d:4a:20:21:00:60:28:09:2b:ad:
43:01:9a:0e:c5:84:cf:98:44:69:bc:d4:a9:a1:14:
98:1c:4b:b6:f0:ba:21:96:87:ae:e0:91:09:ed:fd:
84:74:24:ae:6d:cf:ca:54:b9:6c:5e:df:d1:11:af:
d1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:4B:D1:70:2E:EF:03:74:F3:3C:96:3D:8A:E2:7A:DA:04:D3:48:85
X509v3 Authority Key Identifier:
keyid:C0:F6:9D:2F:47:44:74:DB:B5:7F:6B:EC:8C:2D:65:D5:E0:C2:96:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wPadL0dEdNu1f2vsjC1l1eDClmE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8fcbe9-9b9b-4987-95be-25904ba9a355/1/1-kvRcC7vA3TzPJY9iuJ62gTTSIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8fcbe9-9b9b-4987-95be-25904ba9a355/1/wPadL0dEdNu1f2vsjC1l1eDClmE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.32.0/20
Signature Algorithm: sha256WithRSAEncryption
93:fb:84:20:dc:90:c9:d1:c7:70:5e:48:40:80:ca:7f:1a:c7:
d3:07:ad:8f:3d:1f:2f:18:10:01:64:59:d7:5a:a8:00:13:35:
19:fe:ec:62:9d:84:86:a4:52:88:70:ff:3b:83:b4:f4:25:f7:
70:ab:f8:3c:28:21:47:5d:87:46:5e:d6:b7:3b:ff:c2:7e:08:
cf:1f:20:08:ba:d3:dd:69:d7:b2:54:b1:c2:08:f9:b9:a7:9f:
14:59:5e:b2:91:e8:9a:8c:e3:56:e3:d5:e1:7d:e3:e3:0c:85:
b9:d0:a3:64:c3:1c:a9:c0:30:08:ac:00:3f:3f:28:77:bc:3a:
e8:ba:d1:b8:f0:3b:79:e0:be:91:53:31:44:54:cf:7d:4a:a2:
34:0d:7c:9e:3a:39:7e:c1:3b:b2:b8:e1:92:75:2f:01:54:c4:
a1:17:88:62:38:8a:13:21:5a:cb:4a:7e:39:61:c0:1d:12:a4:
3e:58:34:53:c4:d0:5a:c8:46:79:4c:1c:d7:66:48:13:84:80:
e4:98:af:8c:e1:fb:c6:4f:25:85:07:b8:1d:41:d3:13:4d:9d:
49:61:28:a4:f2:2b:ce:ff:ba:4c:53:cb:bf:b2:94:a3:14:ac:
8d:dd:1b:b8:df:ab:9e:61:ec:13:5f:c4:1f:9b:d9:b1:65:73:
45:a2:41:84
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzCbWKdkSFGPw58+f/fuNWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwZjY5ZDJmNDc0NDc0ZGJiNTdmNmJlYzhjMmQ2NWQ1ZTBj
Mjk2NjEwHhcNMjQwMTAxMDAyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTRiZDE3MDJlZWYwMzc0ZjMzYzk2M2Q4YWUyN2FkYTA0ZDM0ODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgld2DSUac9aN2CtwIlZ8sOqL3qDe
FZxu29Spn0MtwDGHIy8LMKGNKXOVqXEusACRXVQJTxYAhK3WQ8KRzh85ML5gnVbf
M77lEPMw+0TWSKus4tmYfczr3NrB2axM+s5n/FL3Krb7viT2VtWHBz+YzeQdPGaW
5HpuOXY7fnT7QxTuzF/Qek47GbOkF1vn52W9nmIt3KW9/AOKwqXziwTJMB/QE3R9
8JMLuPBA2zA4HhKwZ+gJ0J9LrQ2YUhFCyc0KJGOEd0s28A1KICEAYCgJK61DAZoO
xYTPmERpvNSpoRSYHEu28Lohloeu4JEJ7f2EdCSubc/KVLlsXt/REa/ReQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPpL0XAu7wN08zyWPYrietoE00iFMB8GA1UdIwQY
MBaAFMD2nS9HRHTbtX9r7IwtZdXgwpZhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1BhZEwwZEVkTnUxZjJ2c2pDMWwxZURDbG1FLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ZmNiZTktOWI5Yi00OTg3LTk1YmUt
MjU5MDRiYTlhMzU1LzEvMS1rdlJjQzd2QTNUelBKWTlpdUo2MmdUVFNJVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTcvOGZjYmU5LTliOWItNDk4Ny05NWJlLTI1OTA0YmE5YTM1
NS8xL3dQYWRMMGRFZE51MWYydnNqQzFsMWVEQ2xtRS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFFZIDAN
BgkqhkiG9w0BAQsFAAOCAQEAk/uEINyQydHHcF5IQIDKfxrH0wetjz0fLxgQAWRZ
11qoABM1Gf7sYp2EhqRSiHD/O4O09CX3cKv4PCghR12HRl7Wtzv/wn4Izx8gCLrT
3WnXslSxwgj5uaefFFlespHomozjVuPV4X3j4wyFudCjZMMcqcAwCKwAPz8od7w6
6LrRuPA7eeC+kVMxRFTPfUqiNA18njo5fsE7srjhknUvAVTEoReIYjiKEyFay0p+
OWHAHRKkPlg0U8TQWshGeUwc12ZIE4SA5JivjOH7xk8lhQe4HUHTE02dSWEopPIr
zv+6TFPLv7KUoxSsjd0buN+rnmHsE1/EH5vZsWVzRaJBhA==
-----END CERTIFICATE-----
Generated at Tue Apr 22 18:33:06 2025 by rpki-client