Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/bZz-2gvTs58UYKDRVIWJ0JHPmp0.roa
File: bZz-2gvTs58UYKDRVIWJ0JHPmp0.roa (raw, json)
Hash identifier: f+VH2CPwmg0YWolCpZMUDdvLTGFL63b+0sTU2ehwO/4=
Subject key identifier: 6D:9C:FE:DA:0B:D3:B3:9F:14:60:A0:D1:54:85:89:D0:91:CF:9A:9D
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 0194266BD7F381DDF49AFEA2AE374B2754E6
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/bZz-2gvTs58UYKDRVIWJ0JHPmp0.roa
Signing time: Thu 02 Jan 2025 09:49:49 +0000
ROA not before: Thu 02 Jan 2025 09:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8551
IP address blocks: 89.38.28.0/22 maxlen: 22
89.38.28.0/23 maxlen: 23
89.38.30.0/23 maxlen: 23
Validation: Failed, certificate revoked on Tue 11 Feb 2025 13:16:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:d7:f3:81:dd:f4:9a:fe:a2:ae:37:4b:27:54:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 2 09:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d9cfeda0bd3b39f1460a0d1548589d091cf9a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:5f:5d:ef:31:37:bf:67:1b:f2:ed:98:b9:eb:
b2:0d:25:e7:8d:37:8e:fe:dc:ce:19:02:0b:15:5a:
2c:b5:95:43:98:71:e1:76:16:6a:9f:97:16:ae:aa:
a4:d4:12:9d:1a:f7:ca:43:b1:6c:ad:17:ac:c5:1c:
c2:99:41:28:e3:36:a3:ca:76:af:69:be:90:eb:a2:
81:a2:2b:0b:24:0e:5f:2c:5f:16:13:50:ed:79:c4:
61:b4:b6:de:5e:07:9e:92:ef:a7:d4:36:a3:da:d1:
80:4c:46:d1:c6:bc:48:fb:52:f8:16:c9:dc:f1:f5:
ba:d1:7d:fd:90:c3:65:ae:f3:4d:72:b2:2a:26:e2:
82:3f:1d:22:ef:aa:ea:c9:e3:96:f2:de:56:c0:29:
40:17:48:3b:4f:fe:56:ff:02:cd:82:a8:77:43:6a:
6b:9a:8d:8e:5c:c5:0d:20:e7:d7:7e:49:6d:8d:b6:
00:2e:bf:cf:a7:c8:05:fe:7d:80:4d:b3:7d:67:67:
3b:2f:d8:63:4d:aa:5a:f1:1b:0c:3b:bc:8d:cd:8a:
75:9f:1f:64:a3:bb:06:71:a0:2f:64:a8:b6:9b:4f:
79:39:6e:6c:b2:40:f7:1e:9c:37:9f:7b:3f:4f:38:
29:09:8d:62:5f:d0:5b:4b:58:3d:05:d1:9f:65:ee:
c2:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:9C:FE:DA:0B:D3:B3:9F:14:60:A0:D1:54:85:89:D0:91:CF:9A:9D
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/bZz-2gvTs58UYKDRVIWJ0JHPmp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.28.0/22
Signature Algorithm: sha256WithRSAEncryption
98:bf:c8:ab:12:75:75:9e:6d:58:d6:f8:9e:07:c9:d7:7c:cb:
b6:2e:7d:10:72:24:55:be:6d:1f:5d:87:2c:3c:9c:2c:0f:03:
21:74:98:b2:cd:a6:3a:ab:1c:b6:65:ee:dd:a0:d3:f4:25:b5:
aa:02:2b:31:17:45:0b:29:48:9c:0e:ea:16:95:b5:27:3e:3c:
2b:eb:08:c1:99:ff:0a:de:1c:79:9c:06:7d:a9:57:2e:2d:f1:
ff:f7:3a:96:0f:d2:16:fb:eb:0b:a9:16:d4:5b:46:a8:32:14:
aa:b6:f8:b6:f6:39:44:9a:7e:6a:04:11:bd:43:80:56:11:ce:
53:82:67:d5:40:68:8a:03:4f:94:6d:2e:51:2c:06:50:e5:d2:
28:9d:86:7b:dc:a4:cd:93:88:4e:34:c2:60:39:58:8f:35:76:
6e:d6:6f:af:21:67:9d:57:39:cb:6d:d1:9c:13:71:92:c0:4a:
29:83:30:09:02:2c:7c:f4:4c:de:76:07:26:b0:e0:3d:ee:36:
a1:ec:44:b0:3f:0e:e7:13:60:17:79:c1:cf:cd:3d:89:64:77:
5a:a7:5d:1a:73:64:79:25:e1:8b:1b:79:da:52:ab:47:eb:8b:
62:6b:02:48:99:20:b9:87:cc:b5:f6:7a:07:59:27:28:84:93:
85:73:65:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma9fzgd30mv6irjdLJ1TmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjUwMTAyMDk0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDljZmVkYTBiZDNiMzlmMTQ2MGEwZDE1NDg1ODlkMDkxY2Y5YTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8V9d7zE3v2cb8u2YueuyDSXnjTeO
/tzOGQILFVostZVDmHHhdhZqn5cWrqqk1BKdGvfKQ7FsrResxRzCmUEo4zajynav
ab6Q66KBoisLJA5fLF8WE1DtecRhtLbeXgeeku+n1Daj2tGATEbRxrxI+1L4Fsnc
8fW60X39kMNlrvNNcrIqJuKCPx0i76rqyeOW8t5WwClAF0g7T/5W/wLNgqh3Q2pr
mo2OXMUNIOfXfkltjbYALr/Pp8gF/n2ATbN9Z2c7L9hjTapa8RsMO7yNzYp1nx9k
o7sGcaAvZKi2m095OW5sskD3Hpw3n3s/TzgpCY1iX9BbS1g9BdGfZe7CNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG2c/toL07OfFGCg0VSFidCRz5qdMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvYlp6LTJndlRzNThVWUtEUlZJV0owSkhQbXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWSYcMA0G
CSqGSIb3DQEBCwUAA4IBAQCYv8irEnV1nm1Y1vieB8nXfMu2Ln0QciRVvm0fXYcs
PJwsDwMhdJiyzaY6qxy2Ze7doNP0JbWqAisxF0ULKUicDuoWlbUnPjwr6wjBmf8K
3hx5nAZ9qVcuLfH/9zqWD9IW++sLqRbUW0aoMhSqtvi29jlEmn5qBBG9Q4BWEc5T
gmfVQGiKA0+UbS5RLAZQ5dIonYZ73KTNk4hONMJgOViPNXZu1m+vIWedVznLbdGc
E3GSwEopgzAJAix89EzedgcmsOA97jah7ESwPw7nE2AXecHPzT2JZHdap10ac2R5
JeGLG3naUqtH64tiawJImSC5h8y19noHWScohJOFc2Uu
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:30:42 2025 by rpki-client