Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/9B-dA8XRRnVFph44j0KHr1QMDH8.roa
File: 9B-dA8XRRnVFph44j0KHr1QMDH8.roa (raw, json)
Hash identifier: o3vuZXVdLW+E5F+FFs41N5quq61h6HSFy0d+FWoma30=
Subject key identifier: F4:1F:9D:03:C5:D1:46:75:45:A6:1E:38:8F:42:87:AF:54:0C:0C:7F
Certificate issuer: /CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Certificate serial: 018CC3B6D09919F15EE455D727E8A507CF06
Authority key identifier: 0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/9B-dA8XRRnVFph44j0KHr1QMDH8.roa
Signing time: Mon 01 Jan 2024 06:29:47 +0000
ROA not before: Mon 01 Jan 2024 06:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41557
IP address blocks: 89.205.0.0/17 maxlen: 17
89.205.0.0/21 maxlen: 21
89.205.8.0/21 maxlen: 21
89.205.16.0/21 maxlen: 21
89.205.24.0/21 maxlen: 21
185.47.56.0/22 maxlen: 22
89.205.32.0/21 maxlen: 21
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:47:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d0:99:19:f1:5e:e4:55:d7:27:e8:a5:07:cf:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c1037c17bc15a7c9d8569887f5b05835ce32d27
Validity
Not Before: Jan 1 06:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f41f9d03c5d1467545a61e388f4287af540c0c7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:16:f9:9a:e4:f4:50:5f:96:d6:a5:fe:15:0a:
d5:d2:d3:71:c4:cb:fc:a6:25:ab:69:2d:c2:3b:ad:
ec:cb:cf:51:12:bf:e5:30:d8:b6:96:34:a0:be:04:
0b:4d:d3:68:53:bf:3d:47:28:f8:23:1d:19:7b:8d:
fb:0e:ae:ea:2b:71:11:cd:47:81:d9:40:0d:5e:39:
05:79:35:b8:58:86:23:e3:d4:d1:94:83:07:91:24:
85:b9:98:89:27:35:89:26:a7:7d:8e:da:0b:8c:43:
64:56:04:78:de:ef:a5:b1:92:44:3e:1e:b5:f2:cb:
4c:bf:80:a4:c9:5e:6d:47:d0:e2:c5:17:c8:06:c8:
6c:0b:9f:28:5a:97:25:4f:43:8a:31:9c:8a:1e:cd:
9f:c8:dd:1c:a2:c3:5c:e2:77:c7:78:cd:9b:42:52:
64:f9:83:ca:cb:8c:c4:ea:8f:6e:02:b1:83:57:87:
aa:b1:f3:74:68:ab:8f:1a:0e:43:3f:09:87:3a:63:
65:15:28:61:fb:43:9e:fd:74:dd:51:da:0e:f3:11:
61:89:fc:24:a1:c4:63:14:9d:97:57:40:ca:ce:36:
e1:8a:f2:30:f4:25:0c:ac:31:3d:2d:11:5e:5c:c4:
3b:ec:e6:49:77:02:26:32:87:22:bd:59:c2:e7:98:
25:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:1F:9D:03:C5:D1:46:75:45:A6:1E:38:8F:42:87:AF:54:0C:0C:7F
X509v3 Authority Key Identifier:
keyid:0C:10:37:C1:7B:C1:5A:7C:9D:85:69:88:7F:5B:05:83:5C:E3:2D:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DBA3wXvBWnydhWmIf1sFg1zjLSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/9B-dA8XRRnVFph44j0KHr1QMDH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/a62a7b-8f76-4899-a153-8c500295cb96/1/DBA3wXvBWnydhWmIf1sFg1zjLSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.205.0.0/17
185.47.56.0/22
Signature Algorithm: sha256WithRSAEncryption
86:20:b5:28:6c:7b:28:65:fd:11:af:bc:5f:e8:a0:9b:a4:75:
b8:1c:29:92:95:f8:22:80:7e:0f:ae:82:11:66:43:65:bd:74:
ef:66:6a:4e:f6:c3:da:0e:36:c5:bb:75:e7:2a:ce:8a:f8:9d:
b1:a3:24:af:fe:4a:9f:b8:9f:90:08:f1:35:0a:0f:65:96:1a:
d1:b1:6f:32:ee:2c:1e:52:77:ca:61:a1:1f:24:6b:8f:28:7a:
3a:0b:dc:d3:44:ec:ea:8e:f1:c7:43:32:f1:f1:29:f3:05:3e:
64:4c:17:0b:26:44:ac:8c:c1:07:f6:58:d3:8d:ee:63:18:e1:
cd:a1:4e:ef:bd:7c:e7:7e:12:c0:7a:01:19:d8:d8:37:75:26:
b9:20:d5:50:34:35:32:06:ae:23:a6:e5:59:81:b9:b1:ee:43:
2a:9a:f5:1a:62:c8:ed:18:34:1d:ab:be:69:3c:e0:3d:bc:88:
87:6f:ee:f7:88:d4:0e:a5:cd:1e:46:ce:4d:76:16:7c:74:ee:
16:6c:4a:19:1a:a5:a5:5d:f2:d4:88:ab:d5:14:48:42:f8:5c:
09:77:27:18:81:42:4d:78:ab:46:8d:00:54:b8:aa:4d:c3:8e:
b3:5e:71:b3:1c:61:1c:e3:af:94:57:41:0e:2a:71:ec:f6:05:
a2:24:99:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDttCZGfFe5FXXJ+ilB88GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMTAzN2MxN2JjMTVhN2M5ZDg1Njk4ODdmNWIwNTgzNWNl
MzJkMjcwHhcNMjQwMTAxMDYyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDFmOWQwM2M1ZDE0Njc1NDVhNjFlMzg4ZjQyODdhZjU0MGMwYzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6Rb5muT0UF+W1qX+FQrV0tNxxMv8
piWraS3CO63sy89REr/lMNi2ljSgvgQLTdNoU789Ryj4Ix0Ze437Dq7qK3ERzUeB
2UANXjkFeTW4WIYj49TRlIMHkSSFuZiJJzWJJqd9jtoLjENkVgR43u+lsZJEPh61
8stMv4CkyV5tR9DixRfIBshsC58oWpclT0OKMZyKHs2fyN0cosNc4nfHeM2bQlJk
+YPKy4zE6o9uArGDV4eqsfN0aKuPGg5DPwmHOmNlFShh+0Oe/XTdUdoO8xFhifwk
ocRjFJ2XV0DKzjbhivIw9CUMrDE9LRFeXMQ77OZJdwImMocivVnC55glRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPQfnQPF0UZ1RaYeOI9Ch69UDAx/MB8GA1UdIwQY
MBaAFAwQN8F7wVp8nYVpiH9bBYNc4y0nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREJBM3dYdkJXbnlkaFdtSWYxc0ZnMXpqTFNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9hNjJhN2ItOGY3Ni00ODk5LWExNTMt
OGM1MDAyOTVjYjk2LzEvOUItZEE4WFJSblZGcGg0NGowS0hyMVFNREg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9hNjJhN2ItOGY3Ni00ODk5LWExNTMtOGM1MDAyOTVjYjk2
LzEvREJBM3dYdkJXbnlkaFdtSWYxc0ZnMXpqTFNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQHWc0AAwQC
uS84MA0GCSqGSIb3DQEBCwUAA4IBAQCGILUobHsoZf0Rr7xf6KCbpHW4HCmSlfgi
gH4ProIRZkNlvXTvZmpO9sPaDjbFu3XnKs6K+J2xoySv/kqfuJ+QCPE1Cg9llhrR
sW8y7iweUnfKYaEfJGuPKHo6C9zTROzqjvHHQzLx8SnzBT5kTBcLJkSsjMEH9ljT
je5jGOHNoU7vvXznfhLAegEZ2Ng3dSa5INVQNDUyBq4jpuVZgbmx7kMqmvUaYsjt
GDQdq75pPOA9vIiHb+73iNQOpc0eRs5NdhZ8dO4WbEoZGqWlXfLUiKvVFEhC+FwJ
dycYgUJNeKtGjQBUuKpNw46zXnGzHGEc46+UV0EOKnHs9gWiJJlW
-----END CERTIFICATE-----
Generated at Mon Feb 17 08:23:09 2025 by rpki-client