Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3Mc7_wj_P9yvWKqTKIcHJcrpVJ0.roa
File: 3Mc7_wj_P9yvWKqTKIcHJcrpVJ0.roa (raw, json)
Hash identifier: MNvzvGnsNirMx62GfbxE9x3xRfEK8/ffA1VkpcvsmNc=
Subject key identifier: DC:C7:3B:FF:08:FF:3F:DC:AF:58:AA:93:28:87:07:25:CA:E9:54:9D
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01936DD8E0F96197464F63B81600488D2EF8
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3Mc7_wj_P9yvWKqTKIcHJcrpVJ0.roa
Signing time: Wed 27 Nov 2024 13:39:09 +0000
ROA not before: Wed 27 Nov 2024 13:39:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 89.251.20.0/24 maxlen: 24
91.210.144.0/24 maxlen: 24
109.122.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Dec 2024 09:52:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:6d:d8:e0:f9:61:97:46:4f:63:b8:16:00:48:8d:2e:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 27 13:39:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dcc73bff08ff3fdcaf58aa9328870725cae9549d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:41:89:66:e2:66:02:65:78:45:60:35:00:6e:
ef:24:4a:c9:eb:04:37:37:8c:8a:a2:99:72:5f:a8:
f0:3a:f7:5f:d3:ec:72:e3:50:e0:a3:8d:de:b3:76:
42:28:c1:f0:fd:92:41:a3:11:b6:ba:fc:20:bd:04:
bb:b2:d1:d2:6f:04:f6:ed:c6:e4:5d:6b:92:6d:12:
a6:c5:9b:61:27:06:01:ff:fb:ca:b4:8b:25:f9:5f:
d0:6a:0d:58:35:79:cf:8b:16:09:eb:f2:01:a1:f0:
96:64:bb:14:99:71:29:5b:bc:db:ab:d8:d9:df:24:
03:fd:b7:ac:88:52:08:08:e5:74:dd:8e:26:3d:b4:
0f:6e:53:da:03:92:47:bd:3b:b9:c8:4c:25:df:a3:
c6:d7:c3:10:3d:eb:c9:a1:cc:e3:63:10:a1:94:8f:
ae:bd:42:46:f3:0d:83:f0:ff:e2:27:e4:f8:0d:32:
62:d8:ae:27:1e:1a:82:d7:55:36:ed:2e:a4:08:2d:
3a:8b:a8:1a:1c:21:3e:c8:30:b4:fa:e6:9a:2f:2b:
ff:74:5b:de:99:6b:03:a1:5e:75:39:58:78:22:a6:
1d:4f:ce:9e:f5:c9:c5:95:b2:23:1c:8f:4c:9e:5b:
f4:e7:c3:b9:25:c5:0f:fa:a9:31:6f:9b:2b:aa:2a:
9a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C7:3B:FF:08:FF:3F:DC:AF:58:AA:93:28:87:07:25:CA:E9:54:9D
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/3Mc7_wj_P9yvWKqTKIcHJcrpVJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.20.0/24
91.210.144.0/24
109.122.44.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:e0:08:17:9c:48:5d:5b:1e:4b:5b:b4:69:75:23:44:15:db:
22:c3:d1:01:95:c8:27:a3:86:45:d6:77:ac:13:9d:84:73:d7:
16:84:ea:e0:1c:01:0f:ba:48:71:20:35:31:70:7f:49:70:78:
34:aa:97:aa:fa:32:3b:f5:e1:d5:0f:51:77:ee:f7:02:1a:0f:
35:f1:b5:b5:f5:e0:a5:f7:f1:28:f0:b2:4f:4f:2f:c7:66:a8:
9f:66:99:7e:4a:e2:64:04:47:e0:37:df:9a:92:16:d4:fa:f2:
c8:3d:2b:3b:7b:bc:46:d9:d2:21:07:94:99:9b:81:02:a4:b6:
f7:e6:62:8d:60:12:6a:81:66:ff:16:54:45:0a:1e:77:45:04:
29:4b:98:13:64:57:2d:f4:6a:aa:7d:15:be:fc:88:39:1a:fb:
e9:cf:4a:5e:31:9f:19:41:00:13:d2:8f:d8:6a:1c:9d:37:45:
33:68:30:2c:67:20:ee:50:30:81:21:62:94:19:2a:d4:73:e7:
2b:e7:3b:0e:93:6a:33:54:f1:d0:b6:a1:31:4d:86:40:b5:20:
76:96:cf:55:f9:8c:f7:8b:b8:72:63:a5:9b:80:a0:7d:35:da:
f3:84:d9:6a:c8:9c:6a:ca:c3:c2:a8:cb:27:84:45:da:3e:77:
37:aa:1f:b5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNt2OD5YZdGT2O4FgBIjS74MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMTI3MTMzOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkY2M3M2JmZjA4ZmYzZmRjYWY1OGFhOTMyODg3MDcyNWNhZTk1NDlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkGJZuJmAmV4RWA1AG7vJErJ6wQ3
N4yKoplyX6jwOvdf0+xy41Dgo43es3ZCKMHw/ZJBoxG2uvwgvQS7stHSbwT27cbk
XWuSbRKmxZthJwYB//vKtIsl+V/Qag1YNXnPixYJ6/IBofCWZLsUmXEpW7zbq9jZ
3yQD/besiFIICOV03Y4mPbQPblPaA5JHvTu5yEwl36PG18MQPevJoczjYxChlI+u
vUJG8w2D8P/iJ+T4DTJi2K4nHhqC11U27S6kCC06i6gaHCE+yDC0+uaaLyv/dFve
mWsDoV51OVh4IqYdT86e9cnFlbIjHI9Mnlv058O5JcUP+qkxb5srqiqaLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNzHO/8I/z/cr1iqkyiHByXK6VSdMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvM01jN193al9QOXl2V0txVEtJY0hKY3JwVkowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfsUAwQA
W9KQAwQAbXosMA0GCSqGSIb3DQEBCwUAA4IBAQAr4AgXnEhdWx5LW7RpdSNEFdsi
w9EBlcgno4ZF1nesE52Ec9cWhOrgHAEPukhxIDUxcH9JcHg0qpeq+jI79eHVD1F3
7vcCGg818bW19eCl9/Eo8LJPTy/HZqifZpl+SuJkBEfgN9+akhbU+vLIPSs7e7xG
2dIhB5SZm4ECpLb35mKNYBJqgWb/FlRFCh53RQQpS5gTZFct9GqqfRW+/Ig5Gvvp
z0peMZ8ZQQAT0o/YahydN0UzaDAsZyDuUDCBIWKUGSrUc+cr5zsOk2ozVPHQtqEx
TYZAtSB2ls9V+Yz3i7hyY6WbgKB9NdrzhNlqyJxqysPCqMsnhEXaPnc3qh+1
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:45:24 2025 by rpki-client