Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/Ru5pT3fFhWiJARMLny8G8HoUSwY.roa
File: Ru5pT3fFhWiJARMLny8G8HoUSwY.roa (raw, json)
Hash identifier: nNSIAvHr6jAf4wxPCF/ribQ5BYSIX/j6WTvOqSD71Vs=
Subject key identifier: 46:EE:69:4F:77:C5:85:68:89:01:13:0B:9F:2F:06:F0:7A:14:4B:06
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 018CCA2A925FA2A5A79FA1846F60F0EE5416
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/Ru5pT3fFhWiJARMLny8G8HoUSwY.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62044
IP address blocks: 89.167.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 11:48:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:92:5f:a2:a5:a7:9f:a1:84:6f:60:f0:ee:54:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=46ee694f77c585688901130b9f2f06f07a144b06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e7:02:b0:87:30:b9:99:81:ce:4e:dc:3c:bb:
6f:1a:42:6f:df:a0:69:71:28:a6:16:31:25:6d:92:
66:43:b1:17:d4:b4:55:77:0d:eb:0c:f6:1d:a9:1d:
10:21:f4:b1:e6:ce:e8:c5:98:dc:cf:bb:ce:91:7d:
2c:80:90:ee:f0:00:db:52:5c:85:96:a0:71:a4:4d:
55:27:05:da:20:64:37:4d:aa:2d:67:dd:b6:fd:ca:
72:ae:56:98:56:ac:aa:d9:56:6d:f0:eb:40:d6:f0:
ae:b3:de:f9:2d:72:61:04:40:cb:45:f0:7c:cb:e5:
f2:01:fb:55:a0:77:d0:61:f6:12:b2:42:53:6b:37:
c4:03:06:1d:bd:00:0c:f8:7b:40:cd:be:7b:eb:99:
8c:39:2a:b8:f3:98:13:10:ea:d2:9e:ee:7c:a8:12:
c7:3a:b1:26:0c:f3:86:fd:98:da:b7:ec:2b:db:96:
5a:30:98:6d:98:02:95:24:2e:0a:f6:34:a7:51:d8:
80:39:6d:98:ea:d5:44:d9:ce:b2:f9:30:1b:c6:15:
3b:75:c3:4d:90:b4:52:b2:76:d5:f4:f8:1a:6e:0f:
24:b2:dd:1c:b9:c2:b8:fc:67:45:cd:c5:19:81:cf:
75:bc:ea:4a:90:e0:2d:9c:0d:91:19:eb:26:29:ec:
cb:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:EE:69:4F:77:C5:85:68:89:01:13:0B:9F:2F:06:F0:7A:14:4B:06
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/Ru5pT3fFhWiJARMLny8G8HoUSwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.167.131.0/24
Signature Algorithm: sha256WithRSAEncryption
44:1f:53:1c:a9:f2:b7:3b:96:b2:f2:b1:98:71:b8:93:59:d7:
6f:56:a7:10:aa:d0:8d:fc:16:e4:00:d7:02:76:1e:c6:17:5d:
57:8d:70:bb:c5:ac:77:04:f3:55:cd:62:36:1b:42:f2:18:4f:
f4:f9:b6:ee:3b:15:fb:95:49:19:23:27:09:ad:cd:3c:e6:85:
3f:f4:a1:79:dd:26:f3:30:0d:9a:6a:e8:f2:67:a0:35:70:21:
4e:5c:1e:71:fa:38:bf:02:a9:8c:1b:23:12:b4:f4:17:78:5a:
38:0c:2a:9a:29:21:e6:36:ff:d5:67:60:1c:77:3a:77:9b:68:
24:ea:86:5f:92:b9:c3:33:6d:13:9f:05:7a:e7:21:1d:a4:18:
f1:44:62:cf:81:44:f0:13:90:ce:05:af:da:83:77:05:6b:7d:
25:d9:ca:3a:50:f0:dd:11:85:09:9e:cb:b0:f7:89:1d:ab:b6:
a1:f9:fe:fd:e7:68:9d:8c:59:41:a8:3e:16:f6:fa:fd:79:4f:
d0:ed:a2:08:73:16:b5:45:91:29:79:b9:77:18:a7:79:86:cf:
24:d0:34:bf:5d:dd:8f:20:c9:00:83:51:2c:33:1c:5a:dd:bc:
62:17:34:10:b0:a7:df:a1:60:62:b4:70:fc:e6:e8:d0:fa:ae:
97:e1:af:e5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKpJfoqWnn6GEb2Dw7lQWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NmVlNjk0Zjc3YzU4NTY4ODkwMTEzMGI5ZjJmMDZmMDdhMTQ0YjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+cCsIcwuZmBzk7cPLtvGkJv36Bp
cSimFjElbZJmQ7EX1LRVdw3rDPYdqR0QIfSx5s7oxZjcz7vOkX0sgJDu8ADbUlyF
lqBxpE1VJwXaIGQ3TaotZ922/cpyrlaYVqyq2VZt8OtA1vCus975LXJhBEDLRfB8
y+XyAftVoHfQYfYSskJTazfEAwYdvQAM+HtAzb5765mMOSq485gTEOrSnu58qBLH
OrEmDPOG/Zjat+wr25ZaMJhtmAKVJC4K9jSnUdiAOW2Y6tVE2c6y+TAbxhU7dcNN
kLRSsnbV9Pgabg8kst0cucK4/GdFzcUZgc91vOpKkOAtnA2RGesmKezLRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEbuaU93xYVoiQETC58vBvB6FEsGMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvUnU1cFQzZkZoV2lKQVJNTG55OEc4SG9VU3dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWaeDMA0G
CSqGSIb3DQEBCwUAA4IBAQBEH1McqfK3O5ay8rGYcbiTWddvVqcQqtCN/BbkANcC
dh7GF11XjXC7xax3BPNVzWI2G0LyGE/0+bbuOxX7lUkZIycJrc085oU/9KF53Sbz
MA2aaujyZ6A1cCFOXB5x+ji/AqmMGyMStPQXeFo4DCqaKSHmNv/VZ2Acdzp3m2gk
6oZfkrnDM20TnwV65yEdpBjxRGLPgUTwE5DOBa/ag3cFa30l2co6UPDdEYUJnsuw
94kdq7ah+f7952idjFlBqD4W9vr9eU/Q7aIIcxa1RZEpebl3GKd5hs8k0DS/Xd2P
IMkAg1EsMxxa3bxiFzQQsKffoWBitHD85ujQ+q6X4a/l
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:54:08 2025 by rpki-client