Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1-hE2jvSktwA7R060lEVLIxgMfCo.roa
File: 1-hE2jvSktwA7R060lEVLIxgMfCo.roa (raw, json)
Hash identifier: SyNbDA7nES3yH80on4StoPGsTajS5lPCvk3sXw3lXGo=
Subject key identifier: FA:11:36:8E:F4:A4:B7:00:3B:47:4E:B4:94:45:4B:23:18:0C:7C:2A
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 0191272FDD6310528DC0C545BD9BF55B9286
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1-hE2jvSktwA7R060lEVLIxgMfCo.roa
Signing time: Tue 06 Aug 2024 10:15:33 +0000
ROA not before: Tue 06 Aug 2024 10:15:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50527
IP address blocks: 89.36.88.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Nov 2024 16:32:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:27:2f:dd:63:10:52:8d:c0:c5:45:bd:9b:f5:5b:92:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Aug 6 10:15:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa11368ef4a4b7003b474eb494454b23180c7c2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:48:6c:c8:0f:f6:06:24:48:59:4c:fb:c4:f8:
ff:18:f8:4a:3b:14:fa:e8:ec:d8:53:20:29:53:ca:
10:41:26:80:e9:d9:b2:b7:d0:88:37:fd:1f:ec:96:
6e:7a:82:4d:d7:87:4f:04:d2:94:c5:a8:7e:fe:60:
2d:43:ae:bc:7b:90:cc:44:35:0c:d9:fd:6f:38:11:
5f:46:ab:b6:e3:a5:31:e4:0c:b0:b1:25:98:c8:74:
03:f3:ae:10:9f:ee:d4:b4:49:a4:2e:7c:c2:a3:ce:
7e:71:ab:5f:75:05:c6:9d:04:12:07:10:a0:cc:22:
63:49:d2:09:1f:d7:29:6d:5a:c1:60:80:7a:b9:2f:
fe:e6:9a:fa:06:f3:0f:ce:1f:eb:39:30:6e:7f:e2:
9f:2b:06:d9:24:2d:78:9a:ac:8c:90:03:08:32:45:
08:ff:8d:29:7c:88:c3:8d:b1:8f:fe:e7:ca:b0:0f:
2f:8e:98:91:96:5f:04:f0:1c:72:8f:ff:3d:ac:61:
c0:dd:49:d0:1e:45:fb:46:b6:b8:12:b1:57:d2:ee:
0f:55:5e:e2:16:be:f7:45:40:ff:fd:1e:a8:d6:89:
47:44:fb:69:9d:1d:5e:ff:e7:e6:28:52:4a:10:a4:
7d:86:9b:df:16:36:f4:22:2c:92:5a:ce:04:65:27:
81:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:11:36:8E:F4:A4:B7:00:3B:47:4E:B4:94:45:4B:23:18:0C:7C:2A
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/1-hE2jvSktwA7R060lEVLIxgMfCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.88.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:02:9c:ff:54:0e:ce:42:ab:a8:94:18:00:ba:ae:43:df:46:
5a:f6:3a:64:06:e6:7e:2e:03:eb:d9:dd:e0:32:75:a8:3d:ad:
b5:e8:e7:20:bf:89:50:f1:42:a4:54:80:11:23:4d:91:8a:42:
fe:9b:bc:03:20:e9:08:fb:f7:d0:85:b9:a8:9d:8a:87:18:9c:
05:a4:b3:91:51:da:d0:e8:ac:2d:c2:f3:19:8f:7c:35:fb:25:
1e:61:2d:44:5c:aa:de:b9:ee:34:46:d3:9b:89:d1:24:d7:c4:
64:9c:26:37:d6:cb:71:80:bb:4a:66:7b:36:67:be:90:ba:1a:
8e:8a:77:26:91:4b:09:79:f7:ec:17:f1:45:20:14:4d:00:d6:
b4:19:d7:68:6d:48:92:f0:2f:b2:11:fc:8b:56:dd:66:1f:23:
b9:fe:5c:66:24:a7:ad:15:4a:97:0f:f7:32:fe:2e:8f:05:fc:
b7:53:1c:5c:7d:53:1d:20:e3:9a:8b:73:27:2f:40:a8:fa:14:
c7:49:11:1d:4f:3b:b7:d7:72:ec:ed:71:93:96:30:3c:30:30:
ea:9c:92:a5:a6:ec:f7:81:4f:4e:e1:b9:87:56:c7:fa:44:90:
e2:10:cd:3a:bc:b8:ec:99:8d:fd:42:9f:cd:cb:1e:7f:ea:e9:
8f:29:31:3a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZEnL91jEFKNwMVFvZv1W5KGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwODA2MTAxNTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTExMzY4ZWY0YTRiNzAwM2I0NzRlYjQ5NDQ1NGIyMzE4MGM3YzJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzkhsyA/2BiRIWUz7xPj/GPhKOxT6
6OzYUyApU8oQQSaA6dmyt9CIN/0f7JZueoJN14dPBNKUxah+/mAtQ668e5DMRDUM
2f1vOBFfRqu246Ux5AywsSWYyHQD864Qn+7UtEmkLnzCo85+catfdQXGnQQSBxCg
zCJjSdIJH9cpbVrBYIB6uS/+5pr6BvMPzh/rOTBuf+KfKwbZJC14mqyMkAMIMkUI
/40pfIjDjbGP/ufKsA8vjpiRll8E8Bxyj/89rGHA3UnQHkX7Rra4ErFX0u4PVV7i
Fr73RUD//R6o1olHRPtpnR1e/+fmKFJKEKR9hpvfFjb0IiySWs4EZSeBkwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPoRNo70pLcAO0dOtJRFSyMYDHwqMB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvMS1oRTJqdlNrdHdBN1IwNjBsRVZMSXhnTWZDby5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvYzM3NDk3LTYzNzYtNDYxZS05M2M2LTk3Nzg2NzRlZGM5
Ny8xL2ZmRXkzeFBrdmxQWUpReU1TRUlDWk83MndVdy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkkWDAN
BgkqhkiG9w0BAQsFAAOCAQEAngKc/1QOzkKrqJQYALquQ99GWvY6ZAbmfi4D69nd
4DJ1qD2ttejnIL+JUPFCpFSAESNNkYpC/pu8AyDpCPv30IW5qJ2KhxicBaSzkVHa
0OisLcLzGY98NfslHmEtRFyq3rnuNEbTm4nRJNfEZJwmN9bLcYC7SmZ7Nme+kLoa
jop3JpFLCXn37BfxRSAUTQDWtBnXaG1IkvAvshH8i1bdZh8juf5cZiSnrRVKlw/3
Mv4ujwX8t1McXH1THSDjmotzJy9AqPoUx0kRHU87t9dy7O1xk5YwPDAw6pySpabs
94FPTuG5h1bH+kSQ4hDNOry47JmN/UKfzcsef+rpjykxOg==
-----END CERTIFICATE-----
Generated at Fri Apr 18 07:32:42 2025 by rpki-client