Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/r85Xx9r1fjGxS1SywKcl85X1czs.roa
File: r85Xx9r1fjGxS1SywKcl85X1czs.roa (raw, json)
Hash identifier: WIwuYC4yQntMmKuOHgSMbQ/0yIJPF5kc7Awtb/X9Txo=
Subject key identifier: AF:CE:57:C7:DA:F5:7E:31:B1:4B:54:B2:C0:A7:25:F3:95:F5:73:3B
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019191825326FFE9A336ACF9E8B9E71AF00A
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/r85Xx9r1fjGxS1SywKcl85X1czs.roa
Signing time: Tue 27 Aug 2024 01:45:22 +0000
ROA not before: Tue 27 Aug 2024 01:45:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.34.171.0/24 maxlen: 24
188.241.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 18:09:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:91:82:53:26:ff:e9:a3:36:ac:f9:e8:b9:e7:1a:f0:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 27 01:45:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=afce57c7daf57e31b14b54b2c0a725f395f5733b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:3b:17:8c:71:8b:73:d8:aa:66:89:09:73:32:
77:71:26:b5:5a:c8:a4:cd:25:76:cb:3c:89:f7:c5:
4d:8a:5d:5f:78:ee:ff:5e:1a:90:4a:0b:d9:2a:c8:
04:43:5a:dd:94:b7:09:0d:14:8f:95:7c:12:53:ae:
9e:a0:cd:d0:b4:d1:6a:86:17:19:db:4e:fb:55:41:
09:53:b1:83:46:10:5f:ed:99:98:16:7a:47:fb:27:
4d:68:02:e6:13:e1:f0:b4:ca:87:57:9f:7d:b2:c1:
ff:80:9f:2b:8e:e6:32:62:bd:f7:0c:a6:27:0e:b2:
16:47:b9:e7:2e:69:88:5c:59:7f:87:18:ca:87:10:
90:92:60:41:ac:69:86:6e:6c:9e:c3:1d:f4:10:b3:
17:78:f7:de:17:51:40:c8:c9:f7:f0:37:2d:71:69:
13:15:f8:2e:d9:18:fa:03:99:1b:03:b1:bb:1e:61:
e1:4b:ea:74:83:97:ad:f2:d1:0c:10:1a:7d:74:44:
dd:f5:76:6c:f9:e6:85:00:3b:82:0f:3f:94:21:c7:
64:59:27:4d:6e:12:4e:b3:4d:a1:d4:a1:a7:05:27:
c8:64:55:ee:ff:8e:a4:59:72:03:e1:11:e3:f3:dd:
d7:2b:3f:3f:63:a3:56:4c:8b:c1:ed:37:a6:cb:40:
bf:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:CE:57:C7:DA:F5:7E:31:B1:4B:54:B2:C0:A7:25:F3:95:F5:73:3B
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/r85Xx9r1fjGxS1SywKcl85X1czs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.34.171.0/24
188.241.192.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:1a:25:9b:05:a4:ea:d4:31:ae:63:3d:32:b4:21:e5:e3:2b:
0d:88:59:11:81:2c:3b:66:74:c7:41:bf:6d:54:f7:ce:a1:24:
db:ff:77:b6:82:a3:bd:b2:6e:ec:57:d0:22:ec:9d:c7:8b:eb:
17:c4:02:9c:70:08:2d:58:05:36:d3:9e:bd:18:fb:6e:99:fa:
1c:bd:0c:2c:ed:e7:0d:db:87:5e:1c:62:43:b2:11:70:76:44:
31:91:1a:d3:fc:01:2c:7a:b0:9e:4c:15:8e:6a:cc:ce:d3:86:
fc:8a:03:8d:13:81:e7:43:c3:b8:46:76:12:7d:bf:21:2e:83:
04:81:16:d2:a8:19:10:82:e6:a1:de:50:de:56:f0:85:de:d5:
51:ee:15:e3:1d:da:a1:22:3e:ee:86:92:55:36:89:f8:f7:67:
59:35:a9:27:b0:e6:6b:fb:94:9e:58:88:3a:d9:7c:dc:41:32:
f4:34:fd:f9:e6:e5:79:7a:64:a8:20:e9:10:84:7d:f0:96:9c:
bf:f9:4b:56:9b:67:5c:96:56:97:e8:26:e5:ea:62:25:3d:71:
2e:49:b3:a7:ba:22:4e:87:1d:49:3f:42:10:9f:d6:b5:b4:75:
b2:78:3f:64:b6:17:7a:5a:8d:69:03:1a:4a:99:84:ad:eb:8c:
c6:8f:48:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGRglMm/+mjNqz56LnnGvAKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODI3MDE0NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmNlNTdjN2RhZjU3ZTMxYjE0YjU0YjJjMGE3MjVmMzk1ZjU3MzNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjsXjHGLc9iqZokJczJ3cSa1Wsik
zSV2yzyJ98VNil1feO7/XhqQSgvZKsgEQ1rdlLcJDRSPlXwSU66eoM3QtNFqhhcZ
2077VUEJU7GDRhBf7ZmYFnpH+ydNaALmE+HwtMqHV599ssH/gJ8rjuYyYr33DKYn
DrIWR7nnLmmIXFl/hxjKhxCQkmBBrGmGbmyewx30ELMXePfeF1FAyMn38DctcWkT
Ffgu2Rj6A5kbA7G7HmHhS+p0g5et8tEMEBp9dETd9XZs+eaFADuCDz+UIcdkWSdN
bhJOs02h1KGnBSfIZFXu/46kWXID4RHj893XKz8/Y6NWTIvB7Temy0C/NQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/OV8fa9X4xsUtUssCnJfOV9XM7MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvcjg1WHg5cjFmakd4UzFTeXdLY2w4NVgxY3pzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSKrAwQA
vPHAMA0GCSqGSIb3DQEBCwUAA4IBAQA7GiWbBaTq1DGuYz0ytCHl4ysNiFkRgSw7
ZnTHQb9tVPfOoSTb/3e2gqO9sm7sV9Ai7J3Hi+sXxAKccAgtWAU20569GPtumfoc
vQws7ecN24deHGJDshFwdkQxkRrT/AEserCeTBWOaszO04b8igONE4HnQ8O4RnYS
fb8hLoMEgRbSqBkQguah3lDeVvCF3tVR7hXjHdqhIj7uhpJVNon492dZNaknsOZr
+5SeWIg62XzcQTL0NP355uV5emSoIOkQhH3wlpy/+UtWm2dcllaX6Cbl6mIlPXEu
SbOnuiJOhx1JP0IQn9a1tHWyeD9kthd6Wo1pAxpKmYSt64zGj0j6
-----END CERTIFICATE-----
Generated at Mon Apr 28 10:02:26 2025 by rpki-client