Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/97C7qiREI8v1rySkhDUWYpjZOVo.roa
File: 97C7qiREI8v1rySkhDUWYpjZOVo.roa (raw, json)
Hash identifier: HEy0e1PtRWoLgjkWPIPHhfv2sKnkoSUhgSJrbTIs55I=
Subject key identifier: F7:B0:BB:AA:24:44:23:CB:F5:AF:24:A4:84:35:16:62:98:D9:39:5A
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 01931CC3204F8C8147A8DDAEB6E92C04B9A6
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/97C7qiREI8v1rySkhDUWYpjZOVo.roa
Signing time: Mon 11 Nov 2024 19:46:09 +0000
ROA not before: Mon 11 Nov 2024 19:46:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29255
IP address blocks: 89.237.128.0/18 maxlen: 18
89.237.128.0/19 maxlen: 19
89.237.176.0/20 maxlen: 20
185.27.220.0/22 maxlen: 22
185.29.92.0/22 maxlen: 22
212.24.224.0/19 maxlen: 19
Validation: Failed, certificate revoked on Mon 11 Nov 2024 19:47:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1c:c3:20:4f:8c:81:47:a8:dd:ae:b6:e9:2c:04:b9:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Nov 11 19:46:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f7b0bbaa244423cbf5af24a48435166298d9395a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:df:f0:08:41:23:28:cc:bf:90:1b:7d:4e:64:
7a:3e:2a:45:f4:3a:bb:83:c5:28:cc:8f:0a:07:32:
61:53:45:1e:10:e7:7f:3f:f4:6f:4a:85:15:17:cb:
af:a6:9b:12:21:40:d6:56:8b:89:46:64:93:b6:af:
97:68:c6:89:7e:03:23:cf:25:73:e4:4e:5e:ba:a8:
3c:2c:1b:eb:c3:e9:02:d8:33:50:a4:2f:a8:c9:30:
d3:93:80:2d:53:17:8a:77:c5:e6:3b:55:70:e4:a3:
f1:22:e8:08:c1:b4:7a:bd:fb:56:91:19:57:46:cf:
49:f3:cc:d8:4c:e9:3d:42:82:83:df:1c:10:d6:68:
26:c0:79:44:5b:91:80:51:2f:f0:50:28:6a:5c:45:
e7:b6:41:c8:3e:87:8d:db:73:c6:d8:86:15:9c:4e:
d9:0a:07:f4:6a:72:1f:47:3e:03:8e:1c:34:77:ab:
84:f0:e0:96:06:fe:ad:13:55:63:ec:7b:40:81:3c:
93:ed:5c:5e:df:00:4e:16:28:fc:8d:21:dc:12:18:
0b:ef:46:e8:92:3a:05:65:e7:46:dd:f3:00:f7:32:
5e:38:aa:ba:f1:7a:ad:7f:7b:c9:2d:74:4a:57:53:
a5:64:90:9b:22:31:3a:9c:d5:da:4a:e6:0b:1f:f9:
eb:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:B0:BB:AA:24:44:23:CB:F5:AF:24:A4:84:35:16:62:98:D9:39:5A
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/97C7qiREI8v1rySkhDUWYpjZOVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.237.128.0/18
185.27.220.0/22
185.29.92.0/22
212.24.224.0/19
Signature Algorithm: sha256WithRSAEncryption
7d:98:42:34:79:a6:f7:df:ea:7f:73:cc:08:b0:61:63:7d:1b:
2c:c1:2d:9a:e0:ce:46:b1:1b:d5:88:6a:53:04:3c:81:bf:4a:
20:99:5d:c7:18:50:38:74:f0:ed:93:78:0e:b5:0f:59:a1:9c:
ec:1a:2c:eb:0f:23:d6:fb:dd:c1:b0:bc:d3:65:97:61:30:d9:
8a:8b:75:61:1c:23:3e:00:f3:f2:1a:64:b6:b3:5e:82:b6:95:
58:d9:71:16:cb:24:96:8c:f5:59:8b:6a:84:35:12:50:61:ee:
33:ab:af:49:5f:78:2e:c5:1b:1a:2e:0b:49:24:50:30:a8:15:
b0:16:92:64:e2:97:6e:30:e7:39:6b:bd:29:ad:81:93:e7:8b:
c7:a1:f2:00:c8:bc:76:07:f7:fc:a9:da:ba:14:3b:6a:17:25:
37:a4:00:05:4c:a6:9c:8d:53:94:a7:bd:72:ad:a8:9f:80:25:
4a:d3:3f:15:68:c4:6b:7a:10:2e:4d:11:b9:0f:9a:9b:9e:9d:
01:21:ce:40:1a:23:f9:99:90:43:86:51:30:ac:8d:4f:4a:57:
76:8a:70:7c:a7:eb:cd:0c:45:8c:1f:43:7d:da:11:21:d6:e3:
04:de:5f:1c:b4:43:90:f8:e4:c8:57:f7:fa:fd:3b:3f:18:1b:
81:94:d7:7b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZMcwyBPjIFHqN2utuksBLmmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjQxMTExMTk0NjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmN2IwYmJhYTI0NDQyM2NiZjVhZjI0YTQ4NDM1MTY2Mjk4ZDkzOTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxN/wCEEjKMy/kBt9TmR6PipF9Dq7
g8UozI8KBzJhU0UeEOd/P/RvSoUVF8uvppsSIUDWVouJRmSTtq+XaMaJfgMjzyVz
5E5euqg8LBvrw+kC2DNQpC+oyTDTk4AtUxeKd8XmO1Vw5KPxIugIwbR6vftWkRlX
Rs9J88zYTOk9QoKD3xwQ1mgmwHlEW5GAUS/wUChqXEXntkHIPoeN23PG2IYVnE7Z
Cgf0anIfRz4Djhw0d6uE8OCWBv6tE1Vj7HtAgTyT7Vxe3wBOFij8jSHcEhgL70bo
kjoFZedG3fMA9zJeOKq68Xqtf3vJLXRKV1OlZJCbIjE6nNXaSuYLH/nriwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPewu6okRCPL9a8kpIQ1FmKY2TlaMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvOTdDN3FpUkVJOHYxcnlTa2hEVVdZcGpaT1ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQGWe2AAwQC
uRvcAwQCuR1cAwQF1BjgMA0GCSqGSIb3DQEBCwUAA4IBAQB9mEI0eab33+p/c8wI
sGFjfRsswS2a4M5GsRvViGpTBDyBv0ogmV3HGFA4dPDtk3gOtQ9ZoZzsGizrDyPW
+93BsLzTZZdhMNmKi3VhHCM+APPyGmS2s16CtpVY2XEWyySWjPVZi2qENRJQYe4z
q69JX3guxRsaLgtJJFAwqBWwFpJk4pduMOc5a70prYGT54vHofIAyLx2B/f8qdq6
FDtqFyU3pAAFTKacjVOUp71yraifgCVK0z8VaMRrehAuTRG5D5qbnp0BIc5AGiP5
mZBDhlEwrI1PSld2inB8p+vNDEWMH0N92hEh1uME3l8ctEOQ+OTIV/f6/Ts/GBuB
lNd7
-----END CERTIFICATE-----
Generated at Tue May 13 20:07:53 2025 by rpki-client