Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/6Y0fzw20QqZvh3Pcb2SqSgoObRc.roa
File: 6Y0fzw20QqZvh3Pcb2SqSgoObRc.roa (raw, json)
Hash identifier: XnhoJ1K92LCMK6YBkc2MyJyoGV301uLK6X0DL0LMXlw=
Subject key identifier: E9:8D:1F:CF:0D:B4:42:A6:6F:87:73:DC:6F:64:AA:4A:0A:0E:6D:17
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 0195707041A700A2D1360210B827E1536C2F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/6Y0fzw20QqZvh3Pcb2SqSgoObRc.roa
Signing time: Fri 07 Mar 2025 11:49:19 +0000
ROA not before: Fri 07 Mar 2025 11:49:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56694
IP address blocks: 89.23.96.0/22 maxlen: 22
89.23.100.0/24 maxlen: 24
89.23.101.0/24 maxlen: 24
89.23.102.0/24 maxlen: 24
185.39.206.0/24 maxlen: 24
212.67.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 01 Apr 2025 12:12:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:70:70:41:a7:00:a2:d1:36:02:10:b8:27:e1:53:6c:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Mar 7 11:49:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e98d1fcf0db442a66f8773dc6f64aa4a0a0e6d17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5f:12:73:09:9a:63:11:3e:27:a6:56:15:74:
55:d3:fa:e6:14:18:1d:c6:9e:58:ab:94:de:90:29:
6f:80:96:e2:d7:ea:4a:c5:65:61:a7:c7:13:b4:48:
fb:e6:52:1c:3d:41:0f:98:0c:7b:9b:b1:bb:6a:dd:
e1:0b:84:d2:07:a6:94:a7:43:5f:86:d4:aa:f8:cb:
ed:77:42:d1:6d:2b:b5:9c:87:2a:51:73:57:74:df:
07:0e:da:c5:f4:96:39:6e:c0:55:d6:ba:ba:da:f6:
1e:2c:d8:9c:74:ae:8f:5f:a1:4e:60:62:ce:27:d3:
77:6f:96:a8:5a:0d:d1:6d:1a:4b:4c:8d:33:3a:50:
89:17:52:73:29:a0:df:61:aa:2e:7e:be:20:26:45:
05:8e:c7:4e:e6:bb:91:a1:3e:7d:95:c2:26:f8:66:
71:53:9d:5b:4e:35:f9:c3:95:2b:3d:75:6f:2a:11:
b7:48:cb:72:2b:fe:ee:6d:c1:20:9c:eb:e2:df:a2:
2d:79:70:24:44:63:3b:9d:27:77:ba:f9:e5:bb:90:
4d:5b:9a:bd:7f:d6:e7:a1:95:79:ce:16:67:6a:9c:
f0:d7:34:5a:f2:d0:53:dc:22:ec:3a:2b:26:7e:1b:
5b:a4:b9:3c:58:32:9c:62:a1:ed:28:ac:52:9f:6e:
42:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:8D:1F:CF:0D:B4:42:A6:6F:87:73:DC:6F:64:AA:4A:0A:0E:6D:17
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/6Y0fzw20QqZvh3Pcb2SqSgoObRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.96.0-89.23.102.255
185.39.206.0/24
212.67.17.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:3f:64:4f:c3:92:96:71:c6:83:4c:1f:05:c0:81:5d:5c:da:
e9:9f:9f:a5:83:57:af:84:00:c8:ae:8a:f0:ed:bf:60:f7:07:
e3:96:c0:d1:ad:6f:c6:4e:7b:83:03:26:b7:36:d0:19:80:61:
00:c8:7a:62:c8:35:54:1c:2f:ee:02:2a:be:5a:af:18:af:98:
cd:7c:5e:74:81:54:3a:26:f1:7d:ca:ed:6e:22:1c:b2:d7:81:
5f:5c:84:c7:c2:90:87:d1:2b:31:86:f3:59:b4:e3:3c:47:5b:
e0:d9:94:8c:32:7c:5e:0d:24:d4:4f:64:cd:29:76:0c:f7:f4:
16:a0:0e:d0:37:e8:5c:90:64:84:58:7f:08:69:fa:95:4e:a2:
16:e4:02:08:aa:66:f5:d3:74:9b:d1:e1:58:cf:2b:24:b7:f5:
7b:57:be:74:f7:7e:83:bc:e7:a0:d0:10:0a:20:e0:cd:ae:7c:
57:09:ae:22:0c:7a:df:17:07:b1:88:83:c8:71:b6:d6:66:9f:
e6:51:09:e0:b5:52:89:2b:34:43:d8:3f:fa:0f:a1:7b:a2:b7:
7a:9f:80:bf:93:a3:84:08:4f:2f:33:9f:d8:8c:f0:90:8b:e7:
47:bb:42:17:4d:0b:41:25:cc:96:bc:2e:66:5d:ee:8f:1f:32:
94:f2:c1:5c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZVwcEGnAKLRNgIQuCfhU2wvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjUwMzA3MTE0OTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOThkMWZjZjBkYjQ0MmE2NmY4NzczZGM2ZjY0YWE0YTBhMGU2ZDE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqV8ScwmaYxE+J6ZWFXRV0/rmFBgd
xp5Yq5TekClvgJbi1+pKxWVhp8cTtEj75lIcPUEPmAx7m7G7at3hC4TSB6aUp0Nf
htSq+Mvtd0LRbSu1nIcqUXNXdN8HDtrF9JY5bsBV1rq62vYeLNicdK6PX6FOYGLO
J9N3b5aoWg3RbRpLTI0zOlCJF1JzKaDfYaoufr4gJkUFjsdO5ruRoT59lcIm+GZx
U51bTjX5w5UrPXVvKhG3SMtyK/7ubcEgnOvi36IteXAkRGM7nSd3uvnlu5BNW5q9
f9bnoZV5zhZnapzw1zRa8tBT3CLsOismfhtbpLk8WDKcYqHtKKxSn25C7QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOmNH88NtEKmb4dz3G9kqkoKDm0XMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvNlkwZnp3MjBRcVp2aDNQY2IyU3FTZ29PYlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAVZF2AD
BABZF2YDBAC5J84DBADUQxEwDQYJKoZIhvcNAQELBQADggEBAD4/ZE/DkpZxxoNM
HwXAgV1c2umfn6WDV6+EAMiuivDtv2D3B+OWwNGtb8ZOe4MDJrc20BmAYQDIemLI
NVQcL+4CKr5arxivmM18XnSBVDom8X3K7W4iHLLXgV9chMfCkIfRKzGG81m04zxH
W+DZlIwyfF4NJNRPZM0pdgz39BagDtA36FyQZIRYfwhp+pVOohbkAgiqZvXTdJvR
4VjPKyS39XtXvnT3foO856DQEAog4M2ufFcJriIMet8XB7GIg8hxttZmn+ZRCeC1
UokrNEPYP/oPoXuit3qfgL+To4QITy8zn9iM8JCL50e7QhdNC0ElzJa8LmZd7o8f
MpTywVw=
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:41:46 2025 by rpki-client