Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CcqJOQzQOtOhCYD6VHGVqeNdtiA.roa
File: CcqJOQzQOtOhCYD6VHGVqeNdtiA.roa (raw, json)
Hash identifier: 1NU2br37C/miBkoe5k/hdf1Jx9VEHwf7Sv/Y2fBEC40=
Subject key identifier: 09:CA:89:39:0C:D0:3A:D3:A1:09:80:FA:54:71:95:A9:E3:5D:B6:20
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019373403D8E4886388EE4131FEC30674439
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CcqJOQzQOtOhCYD6VHGVqeNdtiA.roa
Signing time: Thu 28 Nov 2024 14:50:10 +0000
ROA not before: Thu 28 Nov 2024 14:50:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 89.23.114.0/24 maxlen: 24
2a11:91c0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:49:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:73:40:3d:8e:48:86:38:8e:e4:13:1f:ec:30:67:44:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Nov 28 14:50:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=09ca89390cd03ad3a10980fa547195a9e35db620
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:17:19:62:84:79:71:02:29:38:ed:27:b3:a9:
59:fc:46:e7:b2:36:6a:ba:38:cb:cb:00:be:75:f6:
ae:ba:c0:dc:12:b9:a9:4d:7e:d9:97:5a:bc:4a:fd:
f7:85:6b:88:db:38:48:1f:f9:1b:a9:6a:f7:e6:ed:
8c:1c:a6:d2:4a:67:b5:32:f1:b5:32:65:e4:e0:a1:
bc:d0:f7:6d:a3:e9:52:7a:4c:66:09:31:da:f5:3b:
a2:f4:f0:7e:cc:07:31:8a:08:d9:f7:64:32:38:8d:
71:32:d2:a2:a9:5a:a5:44:15:7c:7e:9e:11:e1:4f:
af:41:a0:49:b1:73:f6:bc:4b:db:31:21:d6:57:8b:
79:28:80:ad:7f:32:17:0f:87:a3:ee:a0:23:30:c9:
07:eb:5d:5f:8c:f2:50:a5:4a:0f:74:ca:99:e4:3c:
c3:cc:86:66:20:b3:24:98:e7:ec:f5:0e:5b:57:a6:
58:25:ba:4a:db:14:2e:6c:5f:ae:19:7b:4d:6e:52:
b3:b3:df:15:7d:6d:5d:8a:d1:94:6a:fe:26:80:6f:
9a:e6:e5:66:e9:2f:1a:e4:5b:4a:50:49:88:48:6e:
c7:83:89:7c:88:83:eb:c0:87:ac:49:8d:45:89:41:
64:9a:2d:2e:a9:5c:ad:a4:7e:f0:f6:a1:1a:79:37:
d9:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:CA:89:39:0C:D0:3A:D3:A1:09:80:FA:54:71:95:A9:E3:5D:B6:20
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/CcqJOQzQOtOhCYD6VHGVqeNdtiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.114.0/24
IPv6:
2a11:91c0::/29
Signature Algorithm: sha256WithRSAEncryption
53:bb:3e:9c:be:79:1f:03:ce:f3:1a:e2:f2:ef:e0:1e:29:a3:
7f:8c:ea:25:c6:40:28:d2:df:7d:da:ba:1f:9e:4a:f2:03:5f:
c9:c0:fe:d0:77:4b:e9:1f:28:a6:87:f6:89:fb:57:85:d8:c2:
c7:b9:c2:ac:f2:77:62:75:e4:8c:1d:12:6b:83:71:55:31:2f:
9a:08:c0:b4:32:3e:e0:4e:8d:6a:8f:10:aa:53:cc:3b:75:ff:
1c:d8:2e:25:9c:4f:ab:1f:84:f3:4c:44:20:9a:5e:38:56:77:
70:9a:2d:90:93:58:6f:0c:c7:de:90:bd:44:20:c9:1b:1d:79:
fe:5f:e5:e7:a4:62:36:77:88:12:95:fd:fa:9b:c3:8b:29:ff:
4c:36:5b:eb:b6:bf:32:ae:22:00:e2:00:23:e1:bf:6a:19:1f:
fd:ef:bb:3f:07:ac:87:54:68:6b:72:52:c6:a0:c8:48:f0:eb:
b6:93:2b:f3:cc:1b:88:1c:3f:11:60:ba:cd:51:89:95:61:33:
45:c7:88:da:f9:cf:8b:96:b3:a7:69:43:0a:5a:17:26:64:24:
65:f4:51:be:3d:64:ae:fe:6f:1d:65:6b:17:b4:7a:22:07:e5:
75:20:52:fa:71:ec:18:df:b1:96:db:22:44:6b:39:1f:80:aa:
c9:2e:b1:07
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNzQD2OSIY4juQTH+wwZ0Q5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMTI4MTQ1MDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWNhODkzOTBjZDAzYWQzYTEwOTgwZmE1NDcxOTVhOWUzNWRiNjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvxcZYoR5cQIpOO0ns6lZ/EbnsjZq
ujjLywC+dfauusDcErmpTX7Zl1q8Sv33hWuI2zhIH/kbqWr35u2MHKbSSme1MvG1
MmXk4KG80Pdto+lSekxmCTHa9Tui9PB+zAcxigjZ92QyOI1xMtKiqVqlRBV8fp4R
4U+vQaBJsXP2vEvbMSHWV4t5KICtfzIXD4ej7qAjMMkH611fjPJQpUoPdMqZ5DzD
zIZmILMkmOfs9Q5bV6ZYJbpK2xQubF+uGXtNblKzs98VfW1ditGUav4mgG+a5uVm
6S8a5FtKUEmISG7Hg4l8iIPrwIesSY1FiUFkmi0uqVytpH7w9qEaeTfZSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAnKiTkM0DrToQmA+lRxlanjXbYgMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvQ2NxSk9RelFPdE9oQ1lENlZIR1ZxZU5kdGlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWRdyMA0E
AgACMAcDBQMqEZHAMA0GCSqGSIb3DQEBCwUAA4IBAQBTuz6cvnkfA87zGuLy7+Ae
KaN/jOolxkAo0t992rofnkryA1/JwP7Qd0vpHyimh/aJ+1eF2MLHucKs8ndideSM
HRJrg3FVMS+aCMC0Mj7gTo1qjxCqU8w7df8c2C4lnE+rH4TzTEQgml44Vndwmi2Q
k1hvDMfekL1EIMkbHXn+X+XnpGI2d4gSlf36m8OLKf9MNlvrtr8yriIA4gAj4b9q
GR/977s/B6yHVGhrclLGoMhI8Ou2kyvzzBuIHD8RYLrNUYmVYTNFx4ja+c+LlrOn
aUMKWhcmZCRl9FG+PWSu/m8dZWsXtHoiB+V1IFL6cewY37GW2yJEazkfgKrJLrEH
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:13:14 2025 by rpki-client