Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PwhnhoTISbUjbA9BVlu2tP-7uhM.roa
File: PwhnhoTISbUjbA9BVlu2tP-7uhM.roa (raw, json)
Hash identifier: a0s26otadZFJw2REIJrjf5x5ahiR0CfmS+CtTfMa4Ps=
Subject key identifier: 3F:08:67:86:84:C8:49:B5:23:6C:0F:41:56:5B:B6:B4:FF:BB:BA:13
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0193DA336F3C14B4C4101691E3226DA43D78
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PwhnhoTISbUjbA9BVlu2tP-7uhM.roa
Signing time: Wed 18 Dec 2024 14:37:04 +0000
ROA not before: Wed 18 Dec 2024 14:37:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215355
IP address blocks: 89.251.26.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 09:49:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:da:33:6f:3c:14:b4:c4:10:16:91:e3:22:6d:a4:3d:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Dec 18 14:37:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f08678684c849b5236c0f41565bb6b4ffbbba13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ee:82:ab:6e:2b:45:bb:98:36:27:71:2a:50:
6a:13:a8:9a:9c:70:2b:43:53:96:81:bd:f0:78:89:
1e:26:1e:f4:27:87:8c:18:a5:76:fa:d0:33:81:b9:
0e:e0:92:f7:7f:82:78:fb:c2:08:a5:fc:8d:b0:ab:
26:75:ad:26:85:4c:54:23:a9:2e:2c:af:0c:60:99:
98:36:7c:83:08:b6:9d:68:6e:1f:15:90:e6:e8:a6:
02:49:39:a7:6c:cd:8a:93:60:21:52:bb:57:81:7c:
1c:8d:d4:1a:91:04:16:22:30:14:d5:34:97:60:24:
33:94:5e:3e:cd:b6:80:0a:1e:c5:4b:97:88:f2:aa:
17:ac:cc:fb:34:a1:0b:90:d7:81:78:c7:9f:0e:f2:
e5:8d:c6:76:b5:32:ec:0f:f4:d9:bc:15:d1:ab:3b:
27:5d:a2:11:6b:5f:55:ae:de:61:53:32:0d:12:28:
d1:1a:02:26:ea:cf:79:b0:ec:15:00:bb:05:90:7e:
ff:85:ed:ca:86:35:56:1a:98:44:dc:ef:25:02:da:
9f:10:63:d3:5b:f1:7d:4d:c1:a0:d3:c4:2c:68:25:
f8:54:e7:fa:72:eb:c3:07:fe:4f:5c:55:bd:c8:2c:
67:8f:1a:a4:48:7a:9d:23:2b:93:54:c2:8d:3b:5d:
a3:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:08:67:86:84:C8:49:B5:23:6C:0F:41:56:5B:B6:B4:FF:BB:BA:13
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/PwhnhoTISbUjbA9BVlu2tP-7uhM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.26.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:3e:2d:0b:20:0b:35:64:96:88:b8:3a:02:7f:39:1b:c6:75:
cd:5b:20:a0:a6:be:18:89:8e:ef:19:4f:d9:fa:47:69:83:d8:
88:1c:2c:b2:a4:70:70:c5:68:e3:ff:da:fd:8b:7e:bc:e8:aa:
d8:81:c4:fd:cc:71:59:0f:0a:37:ba:49:c7:56:4f:56:70:20:
6c:9a:bb:2b:e5:86:7f:0b:5a:d5:3b:cf:d5:24:fe:4f:fb:20:
f8:7c:bc:84:5b:b7:8d:9a:d2:48:46:4a:81:f5:7e:2d:3d:f0:
ca:3d:99:15:42:12:d8:a6:8c:33:e0:71:bd:1f:0a:12:74:b3:
67:0d:e0:87:04:a7:ba:2d:fa:86:6e:7a:7a:62:18:44:6b:90:
81:6a:3d:b0:08:c1:c5:5d:82:72:c5:2b:e7:6f:92:97:df:10:
64:bc:ea:1e:23:86:b0:ec:40:c3:a9:bd:d0:3e:73:c9:75:6b:
50:2e:ed:f6:1f:bb:c7:51:98:56:e5:f7:5e:00:d3:b5:15:80:
89:7e:28:b6:1c:4b:67:8f:9a:d2:1d:2e:af:fa:07:69:53:30:
69:71:c3:c0:e9:09:8a:63:41:54:ce:71:e3:82:50:f8:36:70:
f4:d5:06:d4:9e:2d:e5:a7:3c:d9:4c:c6:9c:07:97:93:09:ee:
09:16:9e:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPaM288FLTEEBaR4yJtpD14MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMjE4MTQzNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjA4Njc4Njg0Yzg0OWI1MjM2YzBmNDE1NjViYjZiNGZmYmJiYTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0O6Cq24rRbuYNidxKlBqE6ianHAr
Q1OWgb3weIkeJh70J4eMGKV2+tAzgbkO4JL3f4J4+8IIpfyNsKsmda0mhUxUI6ku
LK8MYJmYNnyDCLadaG4fFZDm6KYCSTmnbM2Kk2AhUrtXgXwcjdQakQQWIjAU1TSX
YCQzlF4+zbaACh7FS5eI8qoXrMz7NKELkNeBeMefDvLljcZ2tTLsD/TZvBXRqzsn
XaIRa19Vrt5hUzINEijRGgIm6s95sOwVALsFkH7/he3KhjVWGphE3O8lAtqfEGPT
W/F9TcGg08QsaCX4VOf6cuvDB/5PXFW9yCxnjxqkSHqdIyuTVMKNO12jBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD8IZ4aEyEm1I2wPQVZbtrT/u7oTMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvUHdobmhvVElTYlVqYkE5QlZsdTJ0UC03dWhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsaMA0G
CSqGSIb3DQEBCwUAA4IBAQAPPi0LIAs1ZJaIuDoCfzkbxnXNWyCgpr4YiY7vGU/Z
+kdpg9iIHCyypHBwxWjj/9r9i3686KrYgcT9zHFZDwo3uknHVk9WcCBsmrsr5YZ/
C1rVO8/VJP5P+yD4fLyEW7eNmtJIRkqB9X4tPfDKPZkVQhLYpowz4HG9HwoSdLNn
DeCHBKe6LfqGbnp6YhhEa5CBaj2wCMHFXYJyxSvnb5KX3xBkvOoeI4aw7EDDqb3Q
PnPJdWtQLu32H7vHUZhW5fdeANO1FYCJfii2HEtnj5rSHS6v+gdpUzBpccPA6QmK
Y0FUznHjglD4NnD01QbUni3lpzzZTMacB5eTCe4JFp6C
-----END CERTIFICATE-----
Generated at Thu Apr 17 22:01:58 2025 by rpki-client