Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/9SD_lHNsufPrZnV2B1n1wYgxnpk.roa
File: 9SD_lHNsufPrZnV2B1n1wYgxnpk.roa (raw, json)
Hash identifier: Wbn5FtqIzyX5GZwgenOx6f+JCWxCxy1oGfKLF43I6UE=
Subject key identifier: F5:20:FF:94:73:6C:B9:F3:EB:66:75:76:07:59:F5:C1:88:31:9E:99
Certificate issuer: /CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Certificate serial: 018CC26D876C925CD60737B3E2E23380C59A
Authority key identifier: 9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/9SD_lHNsufPrZnV2B1n1wYgxnpk.roa
Signing time: Mon 01 Jan 2024 00:30:06 +0000
ROA not before: Mon 01 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12437
IP address blocks: 212.62.79.0/24 maxlen: 24
84.201.96.0/24 maxlen: 24
81.89.224.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 03:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:87:6c:92:5c:d6:07:37:b3:e2:e2:33:80:c5:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9b632edb635aa8f9c40a0495a7a63bb6539580bb
Validity
Not Before: Jan 1 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f520ff94736cb9f3eb6675760759f5c188319e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:a1:8d:14:76:e1:28:26:93:77:cf:19:e3:a1:
23:8c:a6:5c:39:3b:f7:69:e9:78:75:fa:96:78:7b:
7b:a2:12:73:9c:31:f0:e6:0f:58:4c:09:85:de:6d:
9f:51:80:75:84:60:81:48:ac:06:f0:9e:39:c1:35:
57:f3:13:19:ae:63:a7:c8:6a:eb:75:31:91:db:d9:
36:68:bc:d4:21:0e:da:bf:4e:c1:13:27:d5:b3:03:
ed:a6:87:53:46:53:ac:8e:3a:3b:00:ff:38:20:b8:
e4:93:80:69:11:c4:35:d6:bc:fe:dd:95:fe:bb:19:
de:31:e0:a0:42:d3:6a:29:5d:43:ac:48:22:54:97:
b1:48:62:43:1c:df:09:60:df:98:a2:87:8c:12:b0:
eb:69:2d:b9:05:a8:f9:76:ba:ce:af:be:bc:21:52:
b4:0d:c1:10:ef:12:a6:11:4e:10:d2:14:56:68:d9:
e0:97:33:13:84:76:8f:30:51:10:10:c0:39:06:3c:
52:e3:55:b1:32:b6:9b:16:51:9e:a5:62:eb:d7:02:
ce:91:a0:2f:b1:0e:77:58:c9:fa:7b:bb:58:1f:1c:
0d:b7:f3:64:f7:99:be:d2:74:e4:66:d1:14:49:85:
cf:c1:bf:82:28:22:28:2f:30:84:a7:b1:93:ae:b0:
06:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:20:FF:94:73:6C:B9:F3:EB:66:75:76:07:59:F5:C1:88:31:9E:99
X509v3 Authority Key Identifier:
keyid:9B:63:2E:DB:63:5A:A8:F9:C4:0A:04:95:A7:A6:3B:B6:53:95:80:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m2Mu22NaqPnECgSVp6Y7tlOVgLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/9SD_lHNsufPrZnV2B1n1wYgxnpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/d02983-b11c-4bf7-b4b5-e8c9ad5f051a/1/m2Mu22NaqPnECgSVp6Y7tlOVgLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.89.224.0/23
84.201.96.0/24
212.62.79.0/24
Signature Algorithm: sha256WithRSAEncryption
08:5a:83:04:fe:16:9e:60:11:3a:e8:f7:cc:77:34:0a:b0:99:
8c:72:79:eb:fa:d5:ea:b6:3e:2b:34:24:57:a2:f7:ed:59:d7:
af:b0:9e:8d:fc:7f:9d:e2:b2:5d:f1:66:1c:e0:6d:26:44:97:
12:3c:f0:db:bf:36:6a:76:24:fe:aa:7b:f3:45:75:98:64:2a:
a3:72:c2:28:80:5a:6b:d5:fa:9d:5e:8d:44:cd:84:a7:ea:12:
3e:bc:d9:07:75:78:9e:a6:01:aa:34:09:cb:71:df:d5:0f:1c:
a0:ba:11:f7:61:2d:0a:05:90:2d:21:03:87:4f:9b:5b:40:f8:
57:af:a9:fb:01:3d:6f:2d:1f:2c:ce:ad:86:91:a4:d8:35:37:
5a:7e:1e:cb:ea:3b:16:db:11:4a:f0:da:d2:f1:f2:b0:16:45:
20:1c:99:f3:64:f9:d7:5b:fc:03:ed:5f:0b:eb:16:8a:bc:68:
99:c4:84:b7:0c:8d:3f:68:f4:b4:b1:62:cc:75:45:7e:fe:75:
4f:79:3a:98:2c:e3:55:b1:40:e1:29:f3:1f:da:3e:53:f7:0b:
5a:9a:d6:b4:85:5b:ff:45:da:cd:55:e9:77:55:66:41:8e:88:
2a:64:dd:41:6c:0d:50:14:5a:cc:11:c9:c9:3c:23:11:8b:de:
0f:9f:10:dc
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzCbYdsklzWBzez4uIzgMWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliNjMyZWRiNjM1YWE4ZjljNDBhMDQ5NWE3YTYzYmI2NTM5
NTgwYmIwHhcNMjQwMTAxMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTIwZmY5NDczNmNiOWYzZWI2Njc1NzYwNzU5ZjVjMTg4MzE5ZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiKGNFHbhKCaTd88Z46EjjKZcOTv3
ael4dfqWeHt7ohJznDHw5g9YTAmF3m2fUYB1hGCBSKwG8J45wTVX8xMZrmOnyGrr
dTGR29k2aLzUIQ7av07BEyfVswPtpodTRlOsjjo7AP84ILjkk4BpEcQ11rz+3ZX+
uxneMeCgQtNqKV1DrEgiVJexSGJDHN8JYN+YooeMErDraS25Baj5drrOr768IVK0
DcEQ7xKmEU4Q0hRWaNnglzMThHaPMFEQEMA5BjxS41WxMrabFlGepWLr1wLOkaAv
sQ53WMn6e7tYHxwNt/Nk95m+0nTkZtEUSYXPwb+CKCIoLzCEp7GTrrAGZQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPUg/5RzbLnz62Z1dgdZ9cGIMZ6ZMB8GA1UdIwQY
MBaAFJtjLttjWqj5xAoElaemO7ZTlYC7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbTJNdTIyTmFxUG5FQ2dTVnA2WTd0bE9WZ0xzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9kMDI5ODMtYjExYy00YmY3LWI0YjUt
ZThjOWFkNWYwNTFhLzEvOVNEX2xITnN1ZlByWm5WMkIxbjF3WWd4bnBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9kMDI5ODMtYjExYy00YmY3LWI0YjUtZThjOWFkNWYwNTFh
LzEvbTJNdTIyTmFxUG5FQ2dTVnA2WTd0bE9WZ0xzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBUVngAwQA
VMlgAwQA1D5PMA0GCSqGSIb3DQEBCwUAA4IBAQAIWoME/haeYBE66PfMdzQKsJmM
cnnr+tXqtj4rNCRXovftWdevsJ6N/H+d4rJd8WYc4G0mRJcSPPDbvzZqdiT+qnvz
RXWYZCqjcsIogFpr1fqdXo1EzYSn6hI+vNkHdXiepgGqNAnLcd/VDxyguhH3YS0K
BZAtIQOHT5tbQPhXr6n7AT1vLR8szq2GkaTYNTdafh7L6jsW2xFK8NrS8fKwFkUg
HJnzZPnXW/wD7V8L6xaKvGiZxIS3DI0/aPS0sWLMdUV+/nVPeTqYLONVsUDhKfMf
2j5T9wtamta0hVv/RdrNVel3VWZBjogqZN1BbA1QFFrMEcnJPCMRi94PnxDc
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:50:40 2025 by rpki-client