Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/D2h_eWcIU3tOeYd99srrdNtyjQI.roa
File: D2h_eWcIU3tOeYd99srrdNtyjQI.roa (raw, json)
Hash identifier: Jv8YdH6bezVmS/bEXd9nfbLuRE6+BN05S3qkspJLf1Y=
Subject key identifier: 0F:68:7F:79:67:08:53:7B:4E:79:87:7D:F6:CA:EB:74:DB:72:8D:02
Certificate issuer: /CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Certificate serial: 018CC795015A416A54D10F41FDF8785CC7B8
Authority key identifier: B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/D2h_eWcIU3tOeYd99srrdNtyjQI.roa
Signing time: Tue 02 Jan 2024 00:31:20 +0000
ROA not before: Tue 02 Jan 2024 00:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199887
IP address blocks: 89.33.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 13:10:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:01:5a:41:6a:54:d1:0f:41:fd:f8:78:5c:c7:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b409168fdb52e9b7d1a7a5e8f518edfbc2c3f9af
Validity
Not Before: Jan 2 00:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f687f796708537b4e79877df6caeb74db728d02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:8a:8c:36:7b:06:41:7e:cd:7e:47:7d:c9:eb:
53:cb:af:95:50:81:a7:13:d7:de:b5:89:a3:b7:b0:
14:fa:66:3f:7d:ff:7f:c8:2b:15:09:70:dc:8a:a9:
67:08:da:fc:79:87:79:ab:f1:36:2b:5a:75:ac:2a:
47:84:63:22:7e:bf:b1:a6:db:34:7b:7f:5c:b6:ae:
ec:3b:7f:07:f3:d2:9c:3f:88:f8:88:0e:32:3f:bb:
ff:0b:75:c4:4d:84:24:8a:45:43:54:12:98:19:b0:
e1:4d:41:bd:de:b1:56:ec:02:29:62:67:1f:7f:28:
d9:54:9b:24:25:63:01:69:34:d6:7b:a8:69:1b:ff:
a4:90:44:1a:42:51:d4:05:aa:9b:b4:1d:53:70:d7:
ef:2d:63:ac:97:81:d3:87:cf:3e:b1:94:2f:2d:d9:
84:c4:20:39:a3:0f:93:66:a6:45:0a:3b:4c:fb:f0:
e0:47:7a:a9:89:88:2b:73:4b:61:e1:33:22:10:8c:
90:49:fa:31:12:e4:4a:fd:8a:f8:56:ac:7e:ec:e1:
06:4f:bb:0c:7b:8d:1c:a7:87:89:f3:12:d5:08:bb:
b4:1a:f6:34:ed:dd:cd:58:be:33:bd:93:e0:41:62:
f8:19:64:de:1e:06:a9:ab:fb:80:68:04:2b:06:7a:
e6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:68:7F:79:67:08:53:7B:4E:79:87:7D:F6:CA:EB:74:DB:72:8D:02
X509v3 Authority Key Identifier:
keyid:B4:09:16:8F:DB:52:E9:B7:D1:A7:A5:E8:F5:18:ED:FB:C2:C3:F9:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/D2h_eWcIU3tOeYd99srrdNtyjQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/36ba9d-33af-4cf3-a27d-fa718ac9d758/1/tAkWj9tS6bfRp6Xo9Rjt-8LD-a8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.166.0/24
Signature Algorithm: sha256WithRSAEncryption
55:5b:85:f6:2d:b3:d2:98:0b:5f:8f:5b:c0:86:88:a2:6e:3a:
70:f9:ec:67:2f:23:89:29:ef:21:b0:98:83:11:7b:1b:22:97:
4e:dd:5d:bd:34:f7:cc:c0:84:86:08:fd:2c:e1:4d:5e:00:b2:
81:7e:a7:24:a0:5c:85:f8:37:70:0a:69:0a:ec:ec:93:15:3b:
c2:07:a5:17:a6:96:12:c5:19:d7:b1:da:ec:23:3f:f9:06:68:
ee:5f:71:dd:9c:c6:9a:43:bb:35:ac:2e:ac:c7:9f:68:74:d1:
a0:b6:68:dd:dd:9f:33:b0:22:03:48:6e:3a:d8:89:13:e9:9e:
2e:4e:55:48:b9:43:b4:4b:85:b2:40:ae:e8:da:fc:81:a3:88:
47:71:65:f1:90:6d:42:6a:12:67:44:4d:c0:31:08:e2:3e:93:
b0:cb:cd:6b:09:17:a2:4b:d6:c9:8a:01:67:8b:d4:1e:ee:1b:
cf:78:3c:2e:ff:72:57:9a:df:1f:b0:fe:76:18:d6:e7:c7:d9:
56:da:bc:8a:e9:67:cb:f1:2f:90:6a:1f:de:69:44:54:3f:15:
74:68:55:59:69:6d:bb:30:48:42:36:e9:97:9e:e8:a3:4f:d6:
36:9e:b3:29:33:b2:a4:57:7d:fd:b4:06:1a:f4:89:7f:78:bc:
35:5a:96:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlQFaQWpU0Q9B/fh4XMe4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDkxNjhmZGI1MmU5YjdkMWE3YTVlOGY1MThlZGZiYzJj
M2Y5YWYwHhcNMjQwMTAyMDAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjY4N2Y3OTY3MDg1MzdiNGU3OTg3N2RmNmNhZWI3NGRiNzI4ZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYqMNnsGQX7Nfkd9yetTy6+VUIGn
E9fetYmjt7AU+mY/ff9/yCsVCXDciqlnCNr8eYd5q/E2K1p1rCpHhGMifr+xpts0
e39ctq7sO38H89KcP4j4iA4yP7v/C3XETYQkikVDVBKYGbDhTUG93rFW7AIpYmcf
fyjZVJskJWMBaTTWe6hpG/+kkEQaQlHUBaqbtB1TcNfvLWOsl4HTh88+sZQvLdmE
xCA5ow+TZqZFCjtM+/DgR3qpiYgrc0th4TMiEIyQSfoxEuRK/Yr4Vqx+7OEGT7sM
e40cp4eJ8xLVCLu0GvY07d3NWL4zvZPgQWL4GWTeHgapq/uAaAQrBnrmYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA9of3lnCFN7TnmHffbK63Tbco0CMB8GA1UdIwQY
MBaAFLQJFo/bUum30ael6PUY7fvCw/mvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2Qt
ZmE3MThhYzlkNzU4LzEvRDJoX2VXY0lVM3RPZVlkOTlzcnJkTnR5alFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNmJhOWQtMzNhZi00Y2YzLWEyN2QtZmE3MThhYzlkNzU4
LzEvdEFrV2o5dFM2YmZScDZYbzlSanQtOExELWE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSGmMA0G
CSqGSIb3DQEBCwUAA4IBAQBVW4X2LbPSmAtfj1vAhoiibjpw+exnLyOJKe8hsJiD
EXsbIpdO3V29NPfMwISGCP0s4U1eALKBfqckoFyF+DdwCmkK7OyTFTvCB6UXppYS
xRnXsdrsIz/5BmjuX3HdnMaaQ7s1rC6sx59odNGgtmjd3Z8zsCIDSG462IkT6Z4u
TlVIuUO0S4WyQK7o2vyBo4hHcWXxkG1CahJnRE3AMQjiPpOwy81rCReiS9bJigFn
i9Qe7hvPeDwu/3JXmt8fsP52GNbnx9lW2ryK6WfL8S+Qah/eaURUPxV0aFVZaW27
MEhCNumXnuijT9Y2nrMpM7KkV339tAYa9Il/eLw1WpYU
-----END CERTIFICATE-----
Generated at Wed May 14 05:59:50 2025 by rpki-client