Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/8gMsp13PSPXJKT4q9hZgpGURCNA.roa
File: 8gMsp13PSPXJKT4q9hZgpGURCNA.roa (raw, json)
Hash identifier: j/rzkKiMtEDToo2NJRXnaRR8kND79hTWXjhpe6TnFNE=
Subject key identifier: F2:03:2C:A7:5D:CF:48:F5:C9:29:3E:2A:F6:16:60:A4:65:11:08:D0
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC7955E34E2DBEB94A82E31CBFF03B87B
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/8gMsp13PSPXJKT4q9hZgpGURCNA.roa
Signing time: Tue 02 Jan 2024 00:31:44 +0000
ROA not before: Tue 02 Jan 2024 00:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60125
IP address blocks: 89.35.113.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 19:48:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:5e:34:e2:db:eb:94:a8:2e:31:cb:ff:03:b8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2032ca75dcf48f5c9293e2af61660a4651108d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ef:ea:f0:8d:85:1d:ee:e7:a2:d8:63:ca:c4:
ed:15:07:ce:8c:d9:62:7f:3b:8e:01:c2:7a:95:83:
ea:8e:e9:db:f9:21:d8:a2:12:80:db:1a:a2:74:15:
31:04:d4:fd:0f:79:9e:e1:19:90:4b:5c:83:8e:9d:
55:7c:64:d7:20:29:59:7a:19:fb:2b:f8:44:5e:4e:
8c:ec:51:90:1f:80:ab:20:c2:e4:2c:d6:68:14:b8:
f1:81:a8:f0:31:24:52:dd:3c:41:e1:5d:bb:f0:19:
af:c8:06:85:23:4b:80:96:04:25:2f:d5:9e:c4:cb:
49:4a:4e:39:ac:9b:0c:24:9c:90:09:36:10:6e:9e:
29:7e:cd:4a:31:b8:9d:2e:07:37:90:7a:30:2d:8c:
09:77:c2:f6:fb:3d:98:a0:a7:e4:40:aa:b0:a1:a5:
46:be:9c:4f:e9:ac:4e:d8:54:b6:2c:e6:92:ea:22:
d6:cd:df:48:aa:49:08:0d:e5:bb:c0:3e:de:14:b3:
b1:ab:1a:29:6f:3c:da:5f:7d:67:a5:06:2a:a2:6e:
d5:75:90:43:82:84:90:f1:68:98:36:d6:87:2b:52:
f2:55:28:26:71:86:16:83:58:f4:83:9a:3a:59:75:
02:8d:86:92:b6:e8:e2:e5:52:56:84:9c:84:f4:22:
27:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:03:2C:A7:5D:CF:48:F5:C9:29:3E:2A:F6:16:60:A4:65:11:08:D0
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/8gMsp13PSPXJKT4q9hZgpGURCNA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.113.0/24
Signature Algorithm: sha256WithRSAEncryption
df:c4:f9:c8:e0:10:a6:31:8e:00:ab:ff:ec:c1:c1:6e:f6:02:
af:96:ca:0d:57:49:8f:60:49:83:06:a4:0c:ad:fd:2d:ea:c5:
1f:fd:9b:9a:38:1d:7d:09:25:78:ae:24:7e:7b:51:9a:75:92:
20:6e:2c:7c:83:9c:a4:33:3f:45:d7:8a:aa:0c:59:8c:15:28:
0d:5b:bd:83:97:aa:f0:1e:b0:07:b0:2a:db:af:5b:c4:92:85:
a8:ec:c3:56:b5:96:1a:6e:4b:76:f7:95:cc:38:1e:30:da:3a:
58:6a:ae:6d:f2:3f:be:aa:41:6b:35:ec:fe:c4:97:05:19:72:
a8:9a:34:2b:b9:80:9e:58:39:4d:a1:8a:81:b1:dc:90:19:45:
52:17:3c:d3:1e:f1:3d:ca:44:5f:1b:8c:65:61:6b:47:cf:de:
17:44:07:a4:af:13:b1:4a:df:f8:3e:2b:7c:22:44:60:1c:74:
a8:8f:bf:8a:ec:94:ef:be:73:84:76:6b:60:97:df:a7:58:6d:
f6:f6:f2:6f:c4:ba:da:b8:a1:c8:ec:d5:9e:4b:57:e9:fb:ee:
da:d4:93:94:cc:36:d0:07:50:6f:ea:b2:c7:13:91:15:6c:d0:
57:55:2b:70:54:cf:e9:2b:cc:d3:6f:19:49:5d:e2:6b:17:be:
e2:71:55:98
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlV404tvrlKguMcv/A7h7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjAzMmNhNzVkY2Y0OGY1YzkyOTNlMmFmNjE2NjBhNDY1MTEwOGQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru/q8I2FHe7nothjysTtFQfOjNli
fzuOAcJ6lYPqjunb+SHYohKA2xqidBUxBNT9D3me4RmQS1yDjp1VfGTXIClZehn7
K/hEXk6M7FGQH4CrIMLkLNZoFLjxgajwMSRS3TxB4V278BmvyAaFI0uAlgQlL9We
xMtJSk45rJsMJJyQCTYQbp4pfs1KMbidLgc3kHowLYwJd8L2+z2YoKfkQKqwoaVG
vpxP6axO2FS2LOaS6iLWzd9IqkkIDeW7wD7eFLOxqxopbzzaX31npQYqom7VdZBD
goSQ8WiYNtaHK1LyVSgmcYYWg1j0g5o6WXUCjYaStuji5VJWhJyE9CInTQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFPIDLKddz0j1ySk+KvYWYKRlEQjQMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xLzhnTXNwMTNQU1BYSktUNHE5aFpncEdVUkNOQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZI3Ew
DQYJKoZIhvcNAQELBQADggEBAN/E+cjgEKYxjgCr/+zBwW72Aq+Wyg1XSY9gSYMG
pAyt/S3qxR/9m5o4HX0JJXiuJH57UZp1kiBuLHyDnKQzP0XXiqoMWYwVKA1bvYOX
qvAesAewKtuvW8SShajsw1a1lhpuS3b3lcw4HjDaOlhqrm3yP76qQWs17P7ElwUZ
cqiaNCu5gJ5YOU2hioGx3JAZRVIXPNMe8T3KRF8bjGVha0fP3hdEB6SvE7FK3/g+
K3wiRGAcdKiPv4rslO++c4R2a2CX36dYbfb28m/Eutq4ocjs1Z5LV+n77trUk5TM
NtAHUG/qsscTkRVs0FdVK3BUz+krzNNvGUld4msXvuJxVZg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:07:01 2025 by rpki-client