Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/Opb2ePxrwYzj-J2ESKRH8_Tn1bs.roa
File: Opb2ePxrwYzj-J2ESKRH8_Tn1bs.roa (raw, json)
Hash identifier: /d3bFOo5vynAOyuYUecCBK4FjcmR2F2K15gzhX/8hvw=
Subject key identifier: 3A:96:F6:78:FC:6B:C1:8C:E3:F8:9D:84:48:A4:47:F3:F4:E7:D5:BB
Certificate issuer: /CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Certificate serial: 018CC50106A7885B9D2CDEA5726671B6C6CC
Authority key identifier: D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/Opb2ePxrwYzj-J2ESKRH8_Tn1bs.roa
Signing time: Mon 01 Jan 2024 12:30:27 +0000
ROA not before: Mon 01 Jan 2024 12:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203055
IP address blocks: 89.44.168.0/21 maxlen: 24
31.216.144.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:06:a7:88:5b:9d:2c:de:a5:72:66:71:b6:c6:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1010da3576242324cefb2c81c1339a6c0e3b403
Validity
Not Before: Jan 1 12:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a96f678fc6bc18ce3f89d8448a447f3f4e7d5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:fb:8a:14:d7:33:9f:cb:dc:07:d1:b0:f4:27:
b8:8a:4d:a4:9b:84:78:15:2b:ca:f8:77:0d:3a:2e:
12:96:e6:bb:a3:fa:0c:f4:0c:df:7d:f2:8d:d9:f2:
c7:b7:94:20:1a:a7:c0:25:69:e4:fc:34:02:80:30:
d8:46:e8:ee:cc:7c:7f:e0:27:72:68:fc:a0:0f:26:
fa:3c:c5:c8:20:e5:e8:ff:68:7c:9e:2a:1b:cc:e7:
c1:2f:9c:ac:3d:c9:65:fe:e4:ea:50:6a:6f:05:50:
f2:92:e5:21:e0:22:0e:fc:05:90:08:dc:ba:4b:f5:
93:36:de:db:41:3b:47:cf:cd:b8:b2:2b:3f:86:28:
9f:36:a9:ba:67:e9:cb:6a:d8:4b:72:62:01:44:d3:
b7:ee:15:12:ef:77:db:35:8d:f3:7d:4f:d1:45:4b:
c8:d4:36:27:5d:8c:5f:d2:3a:02:7c:6a:76:77:51:
a3:a4:96:80:54:a0:9f:32:60:8c:1f:b8:97:15:87:
39:90:fc:6a:36:fd:5e:5f:4b:d2:0c:bb:31:5b:d9:
93:bc:0a:f4:51:94:8f:3a:ce:3a:c2:ed:bb:80:f9:
94:7b:f2:42:92:3a:18:7a:e9:eb:d7:cb:c4:32:aa:
77:46:49:bd:40:df:e8:31:d1:7f:b5:5b:91:58:3d:
50:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:96:F6:78:FC:6B:C1:8C:E3:F8:9D:84:48:A4:47:F3:F4:E7:D5:BB
X509v3 Authority Key Identifier:
keyid:D1:01:0D:A3:57:62:42:32:4C:EF:B2:C8:1C:13:39:A6:C0:E3:B4:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0QENo1diQjJM77LIHBM5psDjtAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/Opb2ePxrwYzj-J2ESKRH8_Tn1bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/577b11-7009-486c-9010-a70412fbc832/1/0QENo1diQjJM77LIHBM5psDjtAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.144.0/21
89.44.168.0/21
Signature Algorithm: sha256WithRSAEncryption
41:4c:97:68:1d:d2:10:f2:92:b3:0a:c3:57:bb:91:38:43:82:
99:06:cb:13:b8:66:1a:e6:a6:b2:84:56:3d:35:ff:4b:c2:ad:
3d:ee:4f:aa:17:37:58:7f:af:c8:ed:03:67:c0:f3:6a:00:5c:
93:b6:47:1e:cc:d5:0d:1c:6e:26:50:98:8e:81:9c:b8:45:d9:
cf:0f:e1:7a:47:d7:ce:63:97:a5:32:7e:6a:87:54:b8:91:11:
ae:b3:db:a7:f4:24:82:56:6e:f5:83:83:9a:b2:f8:49:1b:52:
f5:5b:81:9f:ee:db:9d:c6:03:55:71:eb:db:e1:5e:dd:ab:ff:
c2:b8:fd:d5:86:1c:84:45:4f:d5:46:2a:26:00:f0:79:1f:ae:
79:e0:86:01:3d:70:b4:c1:80:a1:6c:a4:85:d8:b0:fc:f7:68:
77:ba:59:e6:57:cb:f9:41:06:2e:8b:12:64:fb:de:8a:24:a9:
d9:7a:32:31:02:3d:1a:28:b2:40:d8:b2:29:1a:d0:3e:b4:78:
92:2b:dd:f8:41:45:d8:91:03:2a:e2:c1:fe:a6:a9:36:6c:19:
49:23:eb:03:97:e7:af:86:fe:e7:6e:ed:52:90:1c:01:ef:51:
26:a7:c0:2e:a5:23:c2:35:a1:4d:b8:17:78:51:64:62:d2:f9:
81:e1:34:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAQaniFudLN6lcmZxtsbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMDEwZGEzNTc2MjQyMzI0Y2VmYjJjODFjMTMzOWE2YzBl
M2I0MDMwHhcNMjQwMTAxMTIzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTk2ZjY3OGZjNmJjMThjZTNmODlkODQ0OGE0NDdmM2Y0ZTdkNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/uKFNczn8vcB9Gw9Ce4ik2km4R4
FSvK+HcNOi4Slua7o/oM9AzfffKN2fLHt5QgGqfAJWnk/DQCgDDYRujuzHx/4Cdy
aPygDyb6PMXIIOXo/2h8niobzOfBL5ysPcll/uTqUGpvBVDykuUh4CIO/AWQCNy6
S/WTNt7bQTtHz824sis/hiifNqm6Z+nLathLcmIBRNO37hUS73fbNY3zfU/RRUvI
1DYnXYxf0joCfGp2d1GjpJaAVKCfMmCMH7iXFYc5kPxqNv1eX0vSDLsxW9mTvAr0
UZSPOs46wu27gPmUe/JCkjoYeunr18vEMqp3Rkm9QN/oMdF/tVuRWD1QowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDqW9nj8a8GM4/idhEikR/P059W7MB8GA1UdIwQY
MBaAFNEBDaNXYkIyTO+yyBwTOabA47QDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAt
YTcwNDEyZmJjODMyLzEvT3BiMmVQeHJ3WXpqLUoyRVNLUkg4X1RuMWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi81NzdiMTEtNzAwOS00ODZjLTkwMTAtYTcwNDEyZmJjODMy
LzEvMFFFTm8xZGlRakpNNzdMSUhCTTVwc0RqdEFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH9iQAwQD
WSyoMA0GCSqGSIb3DQEBCwUAA4IBAQBBTJdoHdIQ8pKzCsNXu5E4Q4KZBssTuGYa
5qayhFY9Nf9Lwq097k+qFzdYf6/I7QNnwPNqAFyTtkcezNUNHG4mUJiOgZy4RdnP
D+F6R9fOY5elMn5qh1S4kRGus9un9CSCVm71g4OasvhJG1L1W4Gf7tudxgNVcevb
4V7dq//CuP3VhhyERU/VRiomAPB5H6554IYBPXC0wYChbKSF2LD892h3ulnmV8v5
QQYuixJk+96KJKnZejIxAj0aKLJA2LIpGtA+tHiSK934QUXYkQMq4sH+pqk2bBlJ
I+sDl+evhv7nbu1SkBwB71Emp8AupSPCNaFNuBd4UWRi0vmB4TRE
-----END CERTIFICATE-----
Generated at Thu Mar 13 02:48:53 2025 by rpki-client