Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/nFjnHWQxeDynjE5hC1pFZ_qvzh8.roa
File: nFjnHWQxeDynjE5hC1pFZ_qvzh8.roa (raw, json)
Hash identifier: Lju9HNoOX9ZFZOMN0U6FjxDWMDK2kVLLVNS/1rqNRiQ=
Subject key identifier: 9C:58:E7:1D:64:31:78:3C:A7:8C:4E:61:0B:5A:45:67:FA:AF:CE:1F
Certificate issuer: /CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Certificate serial: 019401DBF1812A82766A761532218806880B
Authority key identifier: CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/nFjnHWQxeDynjE5hC1pFZ_qvzh8.roa
Signing time: Thu 26 Dec 2024 07:26:18 +0000
ROA not before: Thu 26 Dec 2024 07:26:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213780
IP address blocks: 89.208.119.0/24 maxlen: 24
92.38.222.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 17:49:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:01:db:f1:81:2a:82:76:6a:76:15:32:21:88:06:88:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca1c7571596e444aa32371cbab724d46d3c3c52c
Validity
Not Before: Dec 26 07:26:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9c58e71d6431783ca78c4e610b5a4567faafce1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:d2:85:93:17:f5:80:c1:2d:6d:f3:f5:d0:
25:e9:08:2c:2c:b8:71:db:b5:5b:2f:e8:d2:0c:69:
75:e9:05:c9:9f:f7:26:53:01:48:65:42:3e:14:48:
5d:8e:50:55:13:97:cf:8d:87:24:b0:31:89:9a:de:
6e:df:78:1b:95:93:09:05:e6:cc:c7:74:01:65:dc:
5a:fa:9d:13:0b:dd:57:d9:3b:6a:db:36:c8:51:09:
ec:1f:15:e8:e7:11:dc:35:a2:be:75:3e:6d:b6:b8:
b0:bb:21:e4:86:94:35:59:d9:78:c4:5b:88:dc:61:
c3:77:45:7d:08:16:84:16:55:57:a0:40:a4:41:da:
4f:8d:5d:52:04:ef:c0:87:1a:55:43:00:ae:17:1a:
e7:bb:04:37:37:20:a7:7a:40:3d:c5:a9:15:7e:e7:
b5:96:22:73:75:d3:a8:b3:8c:2d:1e:90:f0:ff:35:
c1:82:e3:ec:ba:fc:42:67:7b:0a:1f:72:b1:65:29:
ea:96:82:26:f2:77:03:95:4d:d7:60:ed:30:91:03:
f1:3f:a8:de:c7:8a:bd:38:2c:45:77:40:ee:32:16:
9f:fc:bd:c7:ae:d0:81:a5:a2:03:6a:14:0f:6d:33:
4f:38:59:bb:ac:ac:0f:c5:1c:41:32:42:7e:78:5a:
29:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:58:E7:1D:64:31:78:3C:A7:8C:4E:61:0B:5A:45:67:FA:AF:CE:1F
X509v3 Authority Key Identifier:
keyid:CA:1C:75:71:59:6E:44:4A:A3:23:71:CB:AB:72:4D:46:D3:C3:C5:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yhx1cVluREqjI3HLq3JNRtPDxSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/nFjnHWQxeDynjE5hC1pFZ_qvzh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3362c6-a03a-4f9f-a091-b762c0175f27/1/yhx1cVluREqjI3HLq3JNRtPDxSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.208.119.0/24
92.38.222.0/24
Signature Algorithm: sha256WithRSAEncryption
af:f3:fa:74:3b:9b:ac:80:f6:4b:4e:5f:f3:e6:44:c5:ac:34:
a9:2d:d0:30:91:ba:b2:8e:67:05:ed:31:90:f2:90:f0:ef:d7:
3c:af:b5:64:70:01:2e:49:72:be:75:b0:f8:06:f3:22:9e:ad:
5c:d6:2b:6b:45:4d:d0:86:ac:a2:da:c7:4a:a2:1c:e7:00:0a:
cf:31:91:e3:4a:52:a1:8d:16:59:01:76:0d:53:33:11:8f:6e:
6c:5e:d4:fe:5c:78:25:11:c9:80:33:26:ab:5c:da:80:5a:2e:
db:37:87:67:b6:e0:d9:09:bf:87:e6:8a:82:32:f4:e8:69:b0:
41:32:e8:09:7d:7f:67:8f:9c:31:4c:96:19:86:4e:0d:53:11:
1a:9c:45:dc:47:e4:05:d9:85:83:71:7f:a9:38:19:fb:45:bf:
d4:e1:e1:47:b8:97:30:69:74:c6:52:68:7c:96:22:05:25:58:
62:84:6e:ec:fa:6d:7c:a2:01:0d:0b:d4:f8:b5:27:f2:4b:07:
26:3a:4c:a2:b6:e0:e9:79:49:d5:c7:2c:10:de:57:9f:90:40:
11:b0:b6:f1:1c:38:19:14:52:1a:98:c9:e2:43:72:32:af:90:
ef:35:b8:6d:5f:65:d1:cc:50:fa:9f:d4:d2:1e:60:a2:d3:4e:
af:5e:e5:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQB2/GBKoJ2anYVMiGIBogLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMWM3NTcxNTk2ZTQ0NGFhMzIzNzFjYmFiNzI0ZDQ2ZDNj
M2M1MmMwHhcNMjQxMjI2MDcyNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YzU4ZTcxZDY0MzE3ODNjYTc4YzRlNjEwYjVhNDU2N2ZhYWZjZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuTShZMX9YDBLW3z9dAl6QgsLLhx
27VbL+jSDGl16QXJn/cmUwFIZUI+FEhdjlBVE5fPjYcksDGJmt5u33gblZMJBebM
x3QBZdxa+p0TC91X2Ttq2zbIUQnsHxXo5xHcNaK+dT5ttriwuyHkhpQ1Wdl4xFuI
3GHDd0V9CBaEFlVXoECkQdpPjV1SBO/AhxpVQwCuFxrnuwQ3NyCnekA9xakVfue1
liJzddOos4wtHpDw/zXBguPsuvxCZ3sKH3KxZSnqloIm8ncDlU3XYO0wkQPxP6je
x4q9OCxFd0DuMhaf/L3HrtCBpaIDahQPbTNPOFm7rKwPxRxBMkJ+eFopsQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJxY5x1kMXg8p4xOYQtaRWf6r84fMB8GA1UdIwQY
MBaAFMocdXFZbkRKoyNxy6tyTUbTw8UsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEt
Yjc2MmMwMTc1ZjI3LzEvbkZqbkhXUXhlRHluakU1aEMxcEZaX3F2emg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zMzYyYzYtYTAzYS00ZjlmLWEwOTEtYjc2MmMwMTc1ZjI3
LzEveWh4MWNWbHVSRXFqSTNITHEzSk5SdFBEeFN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdB3AwQA
XCbeMA0GCSqGSIb3DQEBCwUAA4IBAQCv8/p0O5usgPZLTl/z5kTFrDSpLdAwkbqy
jmcF7TGQ8pDw79c8r7VkcAEuSXK+dbD4BvMinq1c1itrRU3Qhqyi2sdKohznAArP
MZHjSlKhjRZZAXYNUzMRj25sXtT+XHglEcmAMyarXNqAWi7bN4dntuDZCb+H5oqC
MvToabBBMugJfX9nj5wxTJYZhk4NUxEanEXcR+QF2YWDcX+pOBn7Rb/U4eFHuJcw
aXTGUmh8liIFJVhihG7s+m18ogENC9T4tSfySwcmOkyituDpeUnVxywQ3lefkEAR
sLbxHDgZFFIamMniQ3Iyr5DvNbhtX2XRzFD6n9TSHmCi006vXuX1
-----END CERTIFICATE-----
Generated at Sat May 3 11:13:53 2025 by rpki-client