Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/eh2XMVcm1DN5BaaZj7JodjFUPYI.roa
File: eh2XMVcm1DN5BaaZj7JodjFUPYI.roa (raw, json)
Hash identifier: Da/KiPkWVsziBls+Xke7bSZaKlR16B3V1jv4BklleZ8=
Subject key identifier: 7A:1D:97:31:57:26:D4:33:79:05:A6:99:8F:B2:68:76:31:54:3D:82
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 019391C72DBAB8A672AB4D3BD418A2628578
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/eh2XMVcm1DN5BaaZj7JodjFUPYI.roa
Signing time: Wed 04 Dec 2024 13:06:09 +0000
ROA not before: Wed 04 Dec 2024 13:06:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48459
IP address blocks: 89.44.246.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Dec 2024 13:50:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:91:c7:2d:ba:b8:a6:72:ab:4d:3b:d4:18:a2:62:85:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Dec 4 13:06:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a1d97315726d4337905a6998fb2687631543d82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d1:91:14:d6:b5:f7:bb:2d:2e:c3:0e:d2:90:
f6:4f:a8:67:48:c2:3b:42:39:da:38:3e:9a:5e:4b:
a6:73:ad:af:55:5f:4d:72:6b:00:0a:41:81:23:f0:
a7:a2:cf:bc:65:f4:28:62:f3:39:21:5f:48:ac:e9:
b6:cf:a4:fb:6b:a4:6a:77:59:ff:c7:9c:3b:1c:9d:
76:51:f0:d7:d3:64:58:b2:24:86:a9:df:6d:9f:ad:
b8:08:bb:fe:3c:73:e4:13:08:f0:1e:86:d6:47:67:
1e:4e:50:ca:fb:96:f8:4b:84:6b:3e:1e:26:3e:9e:
3d:08:e2:8a:df:6f:9a:19:11:bc:e7:e0:5d:8b:8f:
5c:cf:0c:6c:5b:f6:5f:71:51:fc:9d:49:95:5f:cc:
42:3b:03:61:cb:e3:3d:7b:80:e6:ed:fb:71:44:3a:
3e:c8:34:e4:d2:17:a6:fc:22:f0:29:2d:9f:c5:47:
9e:09:7c:9b:08:f5:8c:bf:74:b5:12:91:77:03:29:
44:98:6c:87:6e:dd:05:71:29:61:d4:a6:ef:ce:21:
a3:cd:e2:4d:89:b0:27:da:05:24:c9:cf:b8:2d:e3:
14:8d:ed:30:d1:fe:8e:5b:d7:65:b0:06:d6:8c:3c:
4e:da:42:5f:0b:ff:a9:00:60:c5:ed:1c:4a:62:41:
ca:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:1D:97:31:57:26:D4:33:79:05:A6:99:8F:B2:68:76:31:54:3D:82
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/eh2XMVcm1DN5BaaZj7JodjFUPYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.246.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:fa:19:4e:f5:53:c9:94:8b:a2:57:2d:a8:a8:ae:fa:64:2f:
b3:c3:64:94:49:68:3a:14:ac:b9:70:f7:2e:bd:2e:f9:8e:87:
ef:a6:94:33:da:e1:20:eb:46:c2:1e:74:11:82:c2:08:4e:61:
57:f7:83:61:91:65:1c:f7:dd:34:3c:2d:64:6a:5c:65:08:39:
37:9d:f8:cb:26:22:ce:51:36:00:b6:f2:4a:7e:05:78:a6:03:
b0:62:04:0e:1d:67:41:63:30:4a:a4:db:54:0a:ec:12:34:4f:
69:9d:fe:43:89:49:9f:cd:53:58:fe:4a:47:8a:cf:64:7d:2b:
69:2a:28:01:05:35:db:a5:98:4f:a3:8f:42:e7:b0:e7:9c:59:
a6:bb:84:f3:50:d1:2f:28:57:07:ad:e7:2c:73:bb:63:e2:fa:
2a:8a:40:27:44:cb:7b:6b:97:27:85:0d:3b:9e:bc:1c:1f:d5:
e0:ec:82:ae:ff:2f:db:55:81:0e:bd:10:82:24:c8:eb:31:aa:
01:74:f6:04:cf:f3:0e:0e:38:24:01:e3:c0:c4:ec:ed:f5:a0:
d9:94:ab:c9:92:89:6a:ad:88:7a:e7:c3:35:50:9d:37:8e:c3:
4b:18:b7:1d:27:5b:c9:15:8d:c1:6a:ba:06:ec:fb:e2:37:a1:
2d:32:32:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZORxy26uKZyq0071BiiYoV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQxMjA0MTMwNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTFkOTczMTU3MjZkNDMzNzkwNWE2OTk4ZmIyNjg3NjMxNTQzZDgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9GRFNa197stLsMO0pD2T6hnSMI7
QjnaOD6aXkumc62vVV9NcmsACkGBI/Cnos+8ZfQoYvM5IV9IrOm2z6T7a6Rqd1n/
x5w7HJ12UfDX02RYsiSGqd9tn624CLv+PHPkEwjwHobWR2ceTlDK+5b4S4RrPh4m
Pp49COKK32+aGRG85+Bdi49czwxsW/ZfcVH8nUmVX8xCOwNhy+M9e4Dm7ftxRDo+
yDTk0hem/CLwKS2fxUeeCXybCPWMv3S1EpF3AylEmGyHbt0FcSlh1KbvziGjzeJN
ibAn2gUkyc+4LeMUje0w0f6OW9dlsAbWjDxO2kJfC/+pAGDF7RxKYkHKKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHodlzFXJtQzeQWmmY+yaHYxVD2CMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvZWgyWE1WY20xRE41QmFhWmo3Sm9kakZVUFlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSz2MA0G
CSqGSIb3DQEBCwUAA4IBAQB++hlO9VPJlIuiVy2oqK76ZC+zw2SUSWg6FKy5cPcu
vS75jofvppQz2uEg60bCHnQRgsIITmFX94NhkWUc9900PC1kalxlCDk3nfjLJiLO
UTYAtvJKfgV4pgOwYgQOHWdBYzBKpNtUCuwSNE9pnf5DiUmfzVNY/kpHis9kfStp
KigBBTXbpZhPo49C57DnnFmmu4TzUNEvKFcHrecsc7tj4voqikAnRMt7a5cnhQ07
nrwcH9Xg7IKu/y/bVYEOvRCCJMjrMaoBdPYEz/MODjgkAePAxOzt9aDZlKvJkolq
rYh658M1UJ03jsNLGLcdJ1vJFY3BaroG7PviN6EtMjLS
-----END CERTIFICATE-----
Generated at Sun May 11 04:30:59 2025 by rpki-client