Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/4lSYv4p0l8k6nIfCo5PL4jm7cDo.roa
File: 4lSYv4p0l8k6nIfCo5PL4jm7cDo.roa (raw, json)
Hash identifier: TNOq6IqfsjaS/EI3Yow4/zWpqZ4/F+0dFsSblGqy4iI=
Subject key identifier: E2:54:98:BF:8A:74:97:C9:3A:9C:87:C2:A3:93:CB:E2:39:BB:70:3A
Certificate issuer: /CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Certificate serial: 0191BD7710F2C3B8011C0DCF2D40B4EB0B99
Authority key identifier: B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/4lSYv4p0l8k6nIfCo5PL4jm7cDo.roa
Signing time: Wed 04 Sep 2024 14:36:22 +0000
ROA not before: Wed 04 Sep 2024 14:36:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60175
IP address blocks: 89.63.0.0/16 maxlen: 24
89.63.16.0/20 maxlen: 20
185.35.12.0/22 maxlen: 22
195.4.128.0/19 maxlen: 19
195.4.145.0/24 maxlen: 24
195.4.160.0/20 maxlen: 20
195.4.184.0/21 maxlen: 21
195.4.192.0/20 maxlen: 20
195.4.199.0/24 maxlen: 24
195.4.208.0/21 maxlen: 21
2a00:dca0::/29 maxlen: 29
Validation: Failed, certificate revoked on Thu 05 Sep 2024 07:23:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:77:10:f2:c3:b8:01:1c:0d:cf:2d:40:b4:eb:0b:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32ee2b39712377b4bfec9e66ac7e6e908efceec
Validity
Not Before: Sep 4 14:36:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e25498bf8a7497c93a9c87c2a393cbe239bb703a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:77:43:e6:d8:11:b9:18:bb:d9:dd:41:68:74:
70:25:c6:ad:ae:b3:c2:f5:3c:a5:19:d7:46:61:9b:
8f:53:b7:7a:de:8f:7a:a3:2d:74:d2:33:1a:9b:13:
8c:b7:6e:04:38:9a:41:18:5b:f0:99:3f:aa:b4:45:
3a:60:a4:01:c8:b1:1b:de:e1:b0:fd:ce:62:e6:b3:
b4:ab:ba:0b:14:4d:57:bb:dc:03:ed:26:85:98:1d:
06:9d:ad:f4:9b:55:63:02:73:8c:60:e8:f4:ac:40:
ec:63:2d:8e:a2:cf:71:ca:71:59:46:22:ff:2c:8a:
3e:03:8b:d0:4d:49:b5:b4:02:18:91:b6:4a:94:b0:
a8:fc:a3:b4:ef:e1:f6:e1:2a:55:0e:a5:c0:88:94:
09:ff:4b:ab:67:79:f0:52:b7:77:02:e6:de:50:9b:
31:67:7d:07:38:15:a0:3c:88:db:c7:52:a3:41:e9:
73:31:06:ca:68:3f:1c:8f:0a:05:fa:a5:6f:6c:f6:
30:be:64:bd:e3:b6:a8:e0:61:9b:a9:b4:b1:cd:37:
35:b6:42:16:34:a8:7a:87:05:05:4f:f5:9f:10:d2:
22:e0:52:f5:3d:9c:97:81:74:e3:a9:ed:0d:1e:69:
b6:45:49:80:cc:8e:e8:2e:c2:40:80:fb:3c:f5:49:
51:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:54:98:BF:8A:74:97:C9:3A:9C:87:C2:A3:93:CB:E2:39:BB:70:3A
X509v3 Authority Key Identifier:
keyid:B3:2E:E2:B3:97:12:37:7B:4B:FE:C9:E6:6A:C7:E6:E9:08:EF:CE:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sy7is5cSN3tL_snmasfm6Qjvzuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/4lSYv4p0l8k6nIfCo5PL4jm7cDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/dfa51b-46aa-4084-a343-f016ca5da219/1/sy7is5cSN3tL_snmasfm6Qjvzuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.63.0.0/16
185.35.12.0/22
195.4.128.0-195.4.175.255
195.4.184.0-195.4.215.255
IPv6:
2a00:dca0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:25:5d:35:49:67:fb:30:ec:83:7e:37:9c:49:84:15:16:74:
ec:f5:83:0b:bb:21:a2:52:e5:fc:8c:85:4c:e6:ca:75:89:11:
2c:8c:21:7a:ab:42:1d:b8:90:75:74:8e:95:3f:05:29:53:b9:
47:b5:08:bd:dd:9d:3b:1b:53:28:90:99:bf:32:65:58:66:75:
51:89:02:d5:52:17:97:fb:d5:b4:12:b2:af:26:c3:33:b1:50:
3e:94:7d:1a:dd:92:c9:81:7c:e2:20:01:5d:a4:d9:b0:a7:a4:
c7:4b:3c:ad:80:da:b3:7a:e8:2f:d9:d2:38:01:a6:0d:7a:7d:
f9:5a:9b:27:b2:c5:26:b5:55:c6:0a:c5:da:a1:6f:68:90:7c:
fd:ef:1f:75:da:2f:f8:2c:a9:26:d6:69:76:7e:6f:86:63:b4:
c0:2e:52:da:59:d8:02:23:fa:ec:8c:46:44:1a:2e:8a:8a:13:
f4:11:cd:80:f7:c1:b7:05:68:4e:21:bf:0a:63:91:34:a0:4d:
5c:66:5b:40:1b:4d:28:dc:5c:b0:44:b9:76:ce:71:f4:ae:fc:
4b:e3:0b:21:e3:b4:2e:ff:26:39:1e:8a:b4:52:94:c6:9e:7c:
6c:e7:b0:bb:0c:48:c7:63:a7:91:78:f5:f3:4d:79:4a:00:36:
f6:26:12:e3
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZG9dxDyw7gBHA3PLUC06wuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmVlMmIzOTcxMjM3N2I0YmZlYzllNjZhYzdlNmU5MDhl
ZmNlZWMwHhcNMjQwOTA0MTQzNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjU0OThiZjhhNzQ5N2M5M2E5Yzg3YzJhMzkzY2JlMjM5YmI3MDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnndD5tgRuRi72d1BaHRwJcatrrPC
9TylGddGYZuPU7d63o96oy100jMamxOMt24EOJpBGFvwmT+qtEU6YKQByLEb3uGw
/c5i5rO0q7oLFE1Xu9wD7SaFmB0Gna30m1VjAnOMYOj0rEDsYy2Oos9xynFZRiL/
LIo+A4vQTUm1tAIYkbZKlLCo/KO07+H24SpVDqXAiJQJ/0urZ3nwUrd3AubeUJsx
Z30HOBWgPIjbx1KjQelzMQbKaD8cjwoF+qVvbPYwvmS947ao4GGbqbSxzTc1tkIW
NKh6hwUFT/WfENIi4FL1PZyXgXTjqe0NHmm2RUmAzI7oLsJAgPs89UlRjwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFOJUmL+KdJfJOpyHwqOTy+I5u3A6MB8GA1UdIwQY
MBaAFLMu4rOXEjd7S/7J5mrH5ukI787sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMt
ZjAxNmNhNWRhMjE5LzEvNGxTWXY0cDBsOGs2bklmQ281UEw0am03Y0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kZmE1MWItNDZhYS00MDg0LWEzNDMtZjAxNmNhNWRhMjE5
LzEvc3k3aXM1Y1NOM3RMX3NubWFzZm02UWp2enV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjAtBAIAATAnAwMAWT8DBAK5
IwwwDAMEB8MEgAMEBMMEoDAMAwQDwwS4AwQDwwTQMA0EAgACMAcDBQMqANygMA0G
CSqGSIb3DQEBCwUAA4IBAQCxJV01SWf7MOyDfjecSYQVFnTs9YMLuyGiUuX8jIVM
5sp1iREsjCF6q0IduJB1dI6VPwUpU7lHtQi93Z07G1MokJm/MmVYZnVRiQLVUheX
+9W0ErKvJsMzsVA+lH0a3ZLJgXziIAFdpNmwp6THSzytgNqzeugv2dI4AaYNen35
WpsnssUmtVXGCsXaoW9okHz97x912i/4LKkm1ml2fm+GY7TALlLaWdgCI/rsjEZE
Gi6KihP0Ec2A98G3BWhOIb8KY5E0oE1cZltAG00o3FywRLl2znH0rvxL4wsh47Qu
/yY5Hoq0UpTGnnxs57C7DEjHY6eRePXzTXlKADb2JhLj
-----END CERTIFICATE-----
Generated at Wed May 14 02:23:06 2025 by rpki-client