Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_k8yhI9KvXHIffqUjX4no6RYsxc.roa
File: _k8yhI9KvXHIffqUjX4no6RYsxc.roa (raw, json)
Hash identifier: HLPiwoBIUNn6fLcG3s+NtC/zSLM9VhyScZpO+ZPuq4I=
Subject key identifier: FE:4F:32:84:8F:4A:BD:71:C8:7D:FA:94:8D:7E:27:A3:A4:58:B3:17
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 01941D1406626270FA4E374FCCFD8F7AC4D1
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_k8yhI9KvXHIffqUjX4no6RYsxc.roa
Signing time: Tue 31 Dec 2024 14:17:19 +0000
ROA not before: Tue 31 Dec 2024 14:17:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34918
IP address blocks: 89.44.243.0/24 maxlen: 24
109.122.241.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 01:48:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1d:14:06:62:62:70:fa:4e:37:4f:cc:fd:8f:7a:c4:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Dec 31 14:17:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe4f32848f4abd71c87dfa948d7e27a3a458b317
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ed:66:01:8a:f0:27:b3:5d:de:bc:fd:f7:bb:
da:f8:e4:28:9c:60:f7:44:d0:4a:5f:c4:92:1d:dc:
18:53:5b:96:40:f1:1b:a6:f5:53:8e:c0:6c:ce:dc:
6a:af:dc:41:c5:c0:9f:38:fb:8e:62:51:da:8b:04:
05:0f:fd:f4:56:44:a0:44:e9:f6:ee:97:cc:a6:f0:
84:20:69:36:79:e7:4a:44:81:0d:4e:e2:57:cd:f2:
87:13:22:24:28:28:09:35:43:10:1c:86:37:46:59:
74:f9:f3:44:ac:b4:8d:24:e4:9e:25:bf:98:15:82:
2c:8f:9a:72:a1:28:86:fa:65:ba:e4:58:0b:0b:f1:
4e:82:57:c3:75:83:d0:76:97:f1:95:db:4e:b4:be:
7f:61:9f:0d:09:e0:96:f9:ea:e9:cb:49:8b:c9:16:
cd:bc:9c:2e:56:6e:3a:f7:2f:2c:9c:25:b9:a4:5d:
35:bf:64:c7:16:7f:dd:6c:c0:5e:0f:d0:fd:ac:9d:
6c:6a:5e:f2:87:36:61:61:ca:c4:5f:6b:04:f6:bc:
f5:4e:35:81:5a:a1:b0:77:d4:41:6c:bf:52:22:23:
11:0a:24:b4:0b:f6:98:85:79:ea:ce:5a:33:d6:de:
77:0a:ec:43:75:f2:8e:a3:c2:b8:b3:86:b0:86:ba:
a9:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:4F:32:84:8F:4A:BD:71:C8:7D:FA:94:8D:7E:27:A3:A4:58:B3:17
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/_k8yhI9KvXHIffqUjX4no6RYsxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.243.0/24
109.122.241.0/24
Signature Algorithm: sha256WithRSAEncryption
17:a7:69:f6:23:c4:63:42:ea:ae:6a:06:eb:b0:f2:4f:46:e0:
92:8b:a1:82:02:4e:80:40:66:c4:e8:71:80:0b:4e:96:0e:05:
4a:14:02:55:ca:2d:64:71:1f:f4:03:b4:57:68:5b:f6:77:04:
c8:7f:87:19:28:4d:fc:15:f6:69:c9:c8:91:39:fe:11:3e:a0:
78:cb:83:36:27:fa:e7:c3:43:0b:5e:55:ae:76:cc:28:43:dd:
b9:28:af:81:91:92:6b:e0:3e:ba:59:22:79:e4:86:3f:dd:42:
fa:cf:93:de:87:6f:2c:28:9a:07:ff:92:47:a5:05:6f:c0:0f:
a3:75:b5:45:a0:9b:00:25:b6:68:04:e5:d0:8b:ea:bb:b2:bd:
9c:23:1c:f0:c1:60:a0:ff:ec:d3:d2:0c:8a:cd:cd:b4:2c:51:
8b:ce:98:cc:58:8d:11:7f:74:12:bd:bd:8a:2c:a9:74:51:44:
c2:cc:fe:e6:2c:da:a5:4e:fd:ee:a3:dc:ba:60:b8:33:14:2f:
b5:f0:6d:54:c7:cc:54:6f:7b:b5:dc:41:7c:20:db:90:75:53:
14:91:66:50:ba:9f:3c:c4:ad:ae:ff:d3:0d:5b:88:9d:ba:c7:
64:2c:b2:33:87:bc:ab:ee:41:93:9d:14:72:f3:ba:6d:0b:4c:
07:2e:85:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQdFAZiYnD6TjdPzP2PesTRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjQxMjMxMTQxNzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTRmMzI4NDhmNGFiZDcxYzg3ZGZhOTQ4ZDdlMjdhM2E0NThiMzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAue1mAYrwJ7Nd3rz997va+OQonGD3
RNBKX8SSHdwYU1uWQPEbpvVTjsBsztxqr9xBxcCfOPuOYlHaiwQFD/30VkSgROn2
7pfMpvCEIGk2eedKRIENTuJXzfKHEyIkKCgJNUMQHIY3Rll0+fNErLSNJOSeJb+Y
FYIsj5pyoSiG+mW65FgLC/FOglfDdYPQdpfxldtOtL5/YZ8NCeCW+erpy0mLyRbN
vJwuVm469y8snCW5pF01v2THFn/dbMBeD9D9rJ1sal7yhzZhYcrEX2sE9rz1TjWB
WqGwd9RBbL9SIiMRCiS0C/aYhXnqzloz1t53CuxDdfKOo8K4s4awhrqpEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFP5PMoSPSr1xyH36lI1+J6OkWLMXMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvX2s4eWhJOUt2WEhJZmZxVWpYNG5vNlJZc3hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSzzAwQA
bXrxMA0GCSqGSIb3DQEBCwUAA4IBAQAXp2n2I8RjQuquagbrsPJPRuCSi6GCAk6A
QGbE6HGAC06WDgVKFAJVyi1kcR/0A7RXaFv2dwTIf4cZKE38FfZpyciROf4RPqB4
y4M2J/rnw0MLXlWudswoQ925KK+BkZJr4D66WSJ55IY/3UL6z5Peh28sKJoH/5JH
pQVvwA+jdbVFoJsAJbZoBOXQi+q7sr2cIxzwwWCg/+zT0gyKzc20LFGLzpjMWI0R
f3QSvb2KLKl0UUTCzP7mLNqlTv3uo9y6YLgzFC+18G1Ux8xUb3u13EF8INuQdVMU
kWZQup88xK2u/9MNW4idusdkLLIzh7yr7kGTnRRy87ptC0wHLoWu
-----END CERTIFICATE-----
Generated at Thu May 1 00:53:52 2025 by rpki-client