Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/CCtHaK1Jv0LJmxjYpgWH-WMiYqs.roa
File: CCtHaK1Jv0LJmxjYpgWH-WMiYqs.roa (raw, json)
Hash identifier: xfnBAwgDWduzAsbv1tBv+j+u8Un1H8QnSMN1IDmYL7I=
Subject key identifier: 08:2B:47:68:AD:49:BF:42:C9:9B:18:D8:A6:05:87:F9:63:22:62:AB
Certificate issuer: /CN=f7420520f8a41bb04d6d1b0f40140e553f8af36f
Certificate serial: 018CC5010B205FB15A3E19854914FD07105E
Authority key identifier: F7:42:05:20:F8:A4:1B:B0:4D:6D:1B:0F:40:14:0E:55:3F:8A:F3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/90IFIPikG7BNbRsPQBQOVT-K828.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/CCtHaK1Jv0LJmxjYpgWH-WMiYqs.roa
Signing time: Mon 01 Jan 2024 12:30:29 +0000
ROA not before: Mon 01 Jan 2024 12:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39821
IP address blocks: 109.233.240.0/21 maxlen: 21
89.107.120.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:0b:20:5f:b1:5a:3e:19:85:49:14:fd:07:10:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f7420520f8a41bb04d6d1b0f40140e553f8af36f
Validity
Not Before: Jan 1 12:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=082b4768ad49bf42c99b18d8a60587f9632262ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c5:76:56:40:73:b8:90:7f:35:73:52:6e:d9:
34:2c:71:6d:a7:79:d6:6c:ac:7a:2f:3c:56:2f:06:
4f:99:2f:4d:ae:ba:01:38:68:63:82:8d:87:61:17:
c3:e7:2a:10:fd:74:52:c8:4e:9d:ca:e8:c7:1f:b9:
a7:5b:a8:7c:3b:95:34:2a:6b:9f:53:2e:80:5a:63:
43:e0:6f:89:f4:8c:d9:f1:d6:11:ab:f0:4b:9e:02:
a9:54:55:f0:bf:28:9f:3f:77:3a:7f:d9:68:29:50:
8a:4e:ad:96:c6:5a:f3:3a:af:dd:8b:8f:ae:bf:25:
1e:71:7c:8e:42:41:7b:80:eb:c9:1f:e2:b6:fb:e1:
5a:1e:10:db:a1:e8:76:af:00:ce:4d:a3:23:2b:7b:
c1:ab:a1:ea:8d:e7:9b:50:cd:46:7b:fe:11:3a:66:
4c:7d:af:6d:a4:ef:27:0f:60:98:4d:53:ea:5b:72:
44:26:a4:ba:61:9d:50:44:32:41:fe:7b:68:40:7c:
8f:b0:85:60:28:8a:86:ab:2f:e2:1f:e4:b9:c5:d7:
fe:d8:64:1d:7a:6c:a4:62:93:77:88:c7:15:bc:48:
08:67:ad:b4:b7:02:2a:a9:03:cd:5c:f4:a0:d6:d6:
be:14:6f:a7:32:f1:c4:5a:ba:e0:0a:cc:06:c6:62:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:2B:47:68:AD:49:BF:42:C9:9B:18:D8:A6:05:87:F9:63:22:62:AB
X509v3 Authority Key Identifier:
keyid:F7:42:05:20:F8:A4:1B:B0:4D:6D:1B:0F:40:14:0E:55:3F:8A:F3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/90IFIPikG7BNbRsPQBQOVT-K828.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/CCtHaK1Jv0LJmxjYpgWH-WMiYqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/2ab9c8-0446-4105-8bff-08be3ee6d8aa/1/90IFIPikG7BNbRsPQBQOVT-K828.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.120.0/21
109.233.240.0/21
Signature Algorithm: sha256WithRSAEncryption
37:2b:9a:03:8e:c8:1e:20:c5:31:be:40:55:ac:89:d9:6d:aa:
a1:f3:87:61:2f:21:56:a5:65:10:f9:f3:1b:c2:52:2d:92:e5:
82:c7:4d:d4:10:82:43:9f:59:af:38:f7:a9:f6:e0:0d:e1:b5:
d1:5f:42:09:4f:eb:9b:7f:37:95:1b:92:01:7b:f2:f1:b8:c0:
db:de:24:29:51:ed:2f:48:5e:df:31:4b:32:9e:44:0c:67:b0:
c8:8b:33:0f:ac:0c:12:07:97:70:f7:1b:17:3a:86:39:bf:8b:
38:97:4b:9f:66:85:c8:ff:80:50:24:d8:5a:26:12:fb:0f:e3:
bc:b6:e2:3e:f9:ee:72:a1:71:e0:77:30:b3:bd:8a:b5:50:f6:
9e:8d:75:a7:b2:d7:16:56:b6:56:f2:3f:f5:af:c9:67:34:99:
a7:96:50:64:b3:20:54:42:ff:cc:00:6a:fc:87:81:e7:c2:38:
73:83:ad:64:10:66:82:5c:05:40:74:c6:f3:c5:14:2e:13:81:
54:0d:44:be:3c:bd:17:9f:c9:a4:a0:3f:32:7d:9b:6e:fa:c4:
54:6b:59:19:e4:f5:71:8d:80:72:85:2e:8b:43:76:3b:9e:b3:
52:d5:61:d2:16:1d:28:90:b3:a6:f5:3e:c5:c0:2e:72:69:4b:
5d:95:0e:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAQsgX7FaPhmFSRT9BxBeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NDIwNTIwZjhhNDFiYjA0ZDZkMWIwZjQwMTQwZTU1M2Y4
YWYzNmYwHhcNMjQwMTAxMTIzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODJiNDc2OGFkNDliZjQyYzk5YjE4ZDhhNjA1ODdmOTYzMjI2MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMV2VkBzuJB/NXNSbtk0LHFtp3nW
bKx6LzxWLwZPmS9NrroBOGhjgo2HYRfD5yoQ/XRSyE6dyujHH7mnW6h8O5U0Kmuf
Uy6AWmND4G+J9IzZ8dYRq/BLngKpVFXwvyifP3c6f9loKVCKTq2WxlrzOq/di4+u
vyUecXyOQkF7gOvJH+K2++FaHhDboeh2rwDOTaMjK3vBq6HqjeebUM1Ge/4ROmZM
fa9tpO8nD2CYTVPqW3JEJqS6YZ1QRDJB/ntoQHyPsIVgKIqGqy/iH+S5xdf+2GQd
emykYpN3iMcVvEgIZ620twIqqQPNXPSg1ta+FG+nMvHEWrrgCswGxmLhGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAgrR2itSb9CyZsY2KYFh/ljImKrMB8GA1UdIwQY
MBaAFPdCBSD4pBuwTW0bD0AUDlU/ivNvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTBJRklQaWtHN0JOYlJzUFFCUU9WVC1LODI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yYWI5YzgtMDQ0Ni00MTA1LThiZmYt
MDhiZTNlZTZkOGFhLzEvQ0N0SGFLMUp2MExKbXhqWXBnV0gtV01pWXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yYWI5YzgtMDQ0Ni00MTA1LThiZmYtMDhiZTNlZTZkOGFh
LzEvOTBJRklQaWtHN0JOYlJzUFFCUU9WVC1LODI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWWt4AwQD
benwMA0GCSqGSIb3DQEBCwUAA4IBAQA3K5oDjsgeIMUxvkBVrInZbaqh84dhLyFW
pWUQ+fMbwlItkuWCx03UEIJDn1mvOPep9uAN4bXRX0IJT+ubfzeVG5IBe/LxuMDb
3iQpUe0vSF7fMUsynkQMZ7DIizMPrAwSB5dw9xsXOoY5v4s4l0ufZoXI/4BQJNha
JhL7D+O8tuI++e5yoXHgdzCzvYq1UPaejXWnstcWVrZW8j/1r8lnNJmnllBksyBU
Qv/MAGr8h4Hnwjhzg61kEGaCXAVAdMbzxRQuE4FUDUS+PL0Xn8mkoD8yfZtu+sRU
a1kZ5PVxjYByhS6LQ3Y7nrNS1WHSFh0okLOm9T7FwC5yaUtdlQ6/
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:15:12 2025 by rpki-client