Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/AWYgtCSTmziU92oIfSPNeosHRck.roa
File: AWYgtCSTmziU92oIfSPNeosHRck.roa (raw, json)
Hash identifier: /532zieXAmohJ/0JSVTMJ9UTwsXE8LTR0hgCIOEjXbw=
Subject key identifier: 01:66:20:B4:24:93:9B:38:94:F7:6A:08:7D:23:CD:7A:8B:07:45:C9
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018CC425592E82AA6A45C62B3CA0A15A9D92
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/AWYgtCSTmziU92oIfSPNeosHRck.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8551
IP address blocks: 89.38.28.0/23 maxlen: 23
89.38.28.0/22 maxlen: 22
89.38.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:59:2e:82:aa:6a:45:c6:2b:3c:a0:a1:5a:9d:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=016620b424939b3894f76a087d23cd7a8b0745c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9b:3e:db:4e:e8:3f:af:f3:34:7f:66:da:42:
76:c6:05:5b:8f:ad:dd:d0:c8:cf:5d:5b:4d:76:51:
3a:e7:b8:ca:e5:2b:8d:2e:5a:f1:b8:7d:85:64:0a:
0c:2d:08:4e:17:77:d2:b0:21:5b:2f:e6:4f:29:86:
5f:cf:e6:ea:53:71:fc:3f:80:38:37:cf:8e:a9:9b:
8c:62:5c:d2:4b:98:6d:91:83:c7:07:76:4c:ec:f5:
fa:68:fd:fc:4e:b3:dd:2b:40:da:be:22:bd:84:60:
c4:8e:a1:eb:1e:cc:03:48:a6:0c:d4:5d:51:f7:3f:
c7:c2:25:d2:18:11:57:df:38:06:ec:56:c1:2c:70:
bd:ce:cc:a6:5e:fe:58:ec:74:68:c5:75:0e:2c:09:
fb:bd:3f:fb:75:62:89:a8:d2:cc:cd:9a:8c:c2:48:
bd:68:fb:5a:af:fc:42:bc:7e:09:da:aa:da:f3:72:
21:45:87:db:0d:4b:fe:ad:ae:3f:63:58:5b:3b:02:
80:a7:16:84:62:d7:4d:5c:18:27:8b:57:df:4f:79:
68:3e:88:b6:8a:ee:da:03:35:fc:08:ff:8d:68:6d:
13:a7:72:7e:f6:5a:96:76:b2:ad:a7:04:2c:3c:8b:
da:49:1e:aa:54:4f:15:09:6d:69:8b:02:18:1d:ec:
a0:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:66:20:B4:24:93:9B:38:94:F7:6A:08:7D:23:CD:7A:8B:07:45:C9
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/AWYgtCSTmziU92oIfSPNeosHRck.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.28.0/22
Signature Algorithm: sha256WithRSAEncryption
80:f2:de:13:26:52:2b:79:d5:4d:c3:50:4d:78:1f:44:cc:91:
0e:54:db:59:0d:72:34:33:bd:ad:ca:3e:bd:36:d7:07:4f:b1:
20:21:df:17:a2:ae:f4:3f:77:b4:a8:71:5f:d2:82:9e:63:13:
ff:82:51:bf:a0:27:91:4a:6e:db:27:d9:9e:5f:c7:83:13:2c:
e8:d2:33:6c:38:86:67:aa:3d:b8:d3:37:79:70:bb:8d:4c:d8:
13:ca:cf:2f:d3:33:cc:3d:ce:d8:5c:5b:85:90:2e:e1:17:4f:
19:70:71:10:46:91:9a:ee:df:dd:b3:d1:18:99:04:47:dc:c4:
50:ae:77:9d:80:22:18:97:35:e6:95:36:7a:3b:b1:15:30:e0:
c1:d8:45:ca:9b:31:03:21:e8:0d:d5:8e:18:eb:26:a6:db:b0:
df:c1:e3:2f:5f:1b:f0:d0:2a:c6:8e:c2:9e:d5:4e:4a:0d:2c:
60:92:3f:73:f4:ac:0a:8f:93:b7:81:d6:a2:02:b1:ac:69:4e:
50:93:e0:86:ca:b8:77:2c:e6:e6:fb:06:62:c4:9f:20:ab:4f:
45:3f:d7:59:80:9b:bb:2f:77:27:c1:60:36:6c:99:e2:b5:84:
8e:05:a8:39:bf:20:7f:dc:5e:e9:86:97:52:91:ef:66:68:dd:
99:e3:93:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJVkugqpqRcYrPKChWp2SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTY2MjBiNDI0OTM5YjM4OTRmNzZhMDg3ZDIzY2Q3YThiMDc0NWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Zs+207oP6/zNH9m2kJ2xgVbj63d
0MjPXVtNdlE657jK5SuNLlrxuH2FZAoMLQhOF3fSsCFbL+ZPKYZfz+bqU3H8P4A4
N8+OqZuMYlzSS5htkYPHB3ZM7PX6aP38TrPdK0DaviK9hGDEjqHrHswDSKYM1F1R
9z/HwiXSGBFX3zgG7FbBLHC9zsymXv5Y7HRoxXUOLAn7vT/7dWKJqNLMzZqMwki9
aPtar/xCvH4J2qra83IhRYfbDUv+ra4/Y1hbOwKApxaEYtdNXBgni1ffT3loPoi2
iu7aAzX8CP+NaG0Tp3J+9lqWdrKtpwQsPIvaSR6qVE8VCW1piwIYHeygkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAFmILQkk5s4lPdqCH0jzXqLB0XJMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvQVdZZ3RDU1RtemlVOTJvSWZTUE5lb3NIUmNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSYcMA0G
CSqGSIb3DQEBCwUAA4IBAQCA8t4TJlIredVNw1BNeB9EzJEOVNtZDXI0M72tyj69
NtcHT7EgId8Xoq70P3e0qHFf0oKeYxP/glG/oCeRSm7bJ9meX8eDEyzo0jNsOIZn
qj240zd5cLuNTNgTys8v0zPMPc7YXFuFkC7hF08ZcHEQRpGa7t/ds9EYmQRH3MRQ
rnedgCIYlzXmlTZ6O7EVMODB2EXKmzEDIegN1Y4Y6yam27DfweMvXxvw0CrGjsKe
1U5KDSxgkj9z9KwKj5O3gdaiArGsaU5Qk+CGyrh3LObm+wZixJ8gq09FP9dZgJu7
L3cnwWA2bJnitYSOBag5vyB/3F7phpdSke9maN2Z45Mi
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:50:05 2025 by rpki-client