Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/k_HFj_5-D273v5Ot40GshumNfw4.roa
File: k_HFj_5-D273v5Ot40GshumNfw4.roa (raw, json)
Hash identifier: cnxCuV1TBrY13zun9iLHuD9Rpo8oeb0PfMFrdA6KoQI=
Subject key identifier: 93:F1:C5:8F:FE:7E:0F:6E:F7:BF:93:AD:E3:41:AC:86:E9:8D:7F:0E
Certificate issuer: /CN=978f41e290285473c2a1e2be7f66f63452ed4644
Certificate serial: 018CC34951CC12F13DE7D19ED69C79FBE6C9
Authority key identifier: 97:8F:41:E2:90:28:54:73:C2:A1:E2:BE:7F:66:F6:34:52:ED:46:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l49B4pAoVHPCoeK-f2b2NFLtRkQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/k_HFj_5-D273v5Ot40GshumNfw4.roa
Signing time: Mon 01 Jan 2024 04:30:11 +0000
ROA not before: Mon 01 Jan 2024 04:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39452
IP address blocks: 89.150.0.0/23 maxlen: 23
89.150.0.0/24 maxlen: 24
89.150.1.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 03:48:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:51:cc:12:f1:3d:e7:d1:9e:d6:9c:79:fb:e6:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=978f41e290285473c2a1e2be7f66f63452ed4644
Validity
Not Before: Jan 1 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93f1c58ffe7e0f6ef7bf93ade341ac86e98d7f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e7:4e:11:a0:00:97:4c:f9:34:38:47:c3:8d:
15:c5:90:d5:c0:61:56:bd:8b:bc:73:70:5d:ae:7a:
51:87:30:d6:7b:0a:e8:18:f8:4f:00:80:66:45:76:
9d:50:e2:16:69:01:73:5a:6b:b8:56:61:c3:82:95:
58:91:af:40:34:bc:22:eb:a0:2d:fb:b0:c8:21:61:
5f:eb:94:32:03:e4:fb:58:77:02:72:0f:7f:3f:c5:
13:74:de:29:1d:86:57:b3:82:f7:0e:ee:93:17:7f:
54:2c:9d:ca:c1:3d:53:f4:6f:06:cd:f3:33:29:63:
5a:e2:bd:89:1a:18:8c:9f:dc:ac:da:03:d0:c3:39:
e3:67:b7:bd:c1:0f:94:ce:dc:5a:6a:c1:28:17:99:
ed:b4:55:60:db:7b:f9:de:e3:9c:78:85:ce:22:b2:
91:bc:fd:8e:bd:0e:d2:05:6b:1d:98:c3:b9:d5:6c:
18:f8:90:41:2a:a7:0f:23:d3:79:5c:2b:f1:01:4a:
47:5b:98:37:ff:c2:7f:6f:79:70:e8:8f:18:1b:99:
23:23:50:0e:f1:45:07:12:7f:9c:7e:3e:d1:37:d3:
53:3c:6f:e4:12:37:c7:1f:b9:03:cd:60:ef:d2:f5:
78:6b:05:28:d9:ac:e3:ac:f1:5d:c8:67:66:fc:13:
de:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F1:C5:8F:FE:7E:0F:6E:F7:BF:93:AD:E3:41:AC:86:E9:8D:7F:0E
X509v3 Authority Key Identifier:
keyid:97:8F:41:E2:90:28:54:73:C2:A1:E2:BE:7F:66:F6:34:52:ED:46:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l49B4pAoVHPCoeK-f2b2NFLtRkQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/k_HFj_5-D273v5Ot40GshumNfw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/f1480f-76e9-4c8e-ac32-3577b1efdc78/1/l49B4pAoVHPCoeK-f2b2NFLtRkQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.150.0.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:60:84:8f:05:34:3b:24:04:e4:f2:b1:f1:3d:a6:6c:b9:ff:
e0:47:cc:a6:ec:5a:f7:43:f0:be:b4:79:3e:f2:1f:17:0f:08:
07:d1:18:ea:a6:f6:30:14:64:12:c7:99:1a:c0:ff:b9:67:c4:
8e:80:e9:0e:09:85:4a:3c:2f:11:f3:18:8e:f1:ef:47:cd:cb:
be:42:19:b8:76:8c:bc:bf:4b:ea:82:34:61:2e:ac:8d:9a:ba:
cb:f6:c0:0a:c6:6d:b8:fc:63:13:a9:bd:e0:90:c3:85:84:69:
99:8e:6c:c1:81:ad:81:d6:2d:0a:0e:c4:76:71:d9:45:98:34:
d0:d8:51:26:1b:05:f4:17:2c:83:ba:95:a4:72:53:92:fb:d6:
1b:d3:71:a9:f5:9c:00:f4:58:ba:c0:2b:1f:63:ce:84:f3:19:
be:03:91:9a:9f:30:d1:cd:d5:df:79:12:6e:41:53:ef:67:56:
ff:b2:1b:33:9b:9d:14:ea:e1:86:0e:d4:7f:6a:96:8e:a2:f8:
26:d6:23:32:5a:a7:19:e6:bc:9e:b4:5c:da:4f:c7:ba:27:2a:
0c:21:75:ec:8f:04:78:28:13:a1:76:32:7d:72:2a:96:6b:a8:
53:a1:0b:3a:2e:68:ce:4a:9d:78:5d:0c:fe:20:53:c8:36:bf:
5b:6c:8b:43
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVHMEvE959Ge1px5++bJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OGY0MWUyOTAyODU0NzNjMmExZTJiZTdmNjZmNjM0NTJl
ZDQ2NDQwHhcNMjQwMTAxMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2YxYzU4ZmZlN2UwZjZlZjdiZjkzYWRlMzQxYWM4NmU5OGQ3ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+dOEaAAl0z5NDhHw40VxZDVwGFW
vYu8c3BdrnpRhzDWewroGPhPAIBmRXadUOIWaQFzWmu4VmHDgpVYka9ANLwi66At
+7DIIWFf65QyA+T7WHcCcg9/P8UTdN4pHYZXs4L3Du6TF39ULJ3KwT1T9G8GzfMz
KWNa4r2JGhiMn9ys2gPQwznjZ7e9wQ+UztxaasEoF5nttFVg23v53uOceIXOIrKR
vP2OvQ7SBWsdmMO51WwY+JBBKqcPI9N5XCvxAUpHW5g3/8J/b3lw6I8YG5kjI1AO
8UUHEn+cfj7RN9NTPG/kEjfHH7kDzWDv0vV4awUo2azjrPFdyGdm/BPexQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJPxxY/+fg9u97+TreNBrIbpjX8OMB8GA1UdIwQY
MBaAFJePQeKQKFRzwqHivn9m9jRS7UZEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDQ5QjRwQW9WSFBDb2VLLWYyYjJORkx0UmtRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9mMTQ4MGYtNzZlOS00YzhlLWFjMzIt
MzU3N2IxZWZkYzc4LzEva19IRmpfNS1EMjczdjVPdDQwR3NodW1OZnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9mMTQ4MGYtNzZlOS00YzhlLWFjMzItMzU3N2IxZWZkYzc4
LzEvbDQ5QjRwQW9WSFBDb2VLLWYyYjJORkx0UmtRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWZYAMA0G
CSqGSIb3DQEBCwUAA4IBAQAOYISPBTQ7JATk8rHxPaZsuf/gR8ym7Fr3Q/C+tHk+
8h8XDwgH0RjqpvYwFGQSx5kawP+5Z8SOgOkOCYVKPC8R8xiO8e9Hzcu+Qhm4doy8
v0vqgjRhLqyNmrrL9sAKxm24/GMTqb3gkMOFhGmZjmzBga2B1i0KDsR2cdlFmDTQ
2FEmGwX0FyyDupWkclOS+9Yb03Gp9ZwA9Fi6wCsfY86E8xm+A5GanzDRzdXfeRJu
QVPvZ1b/shszm50U6uGGDtR/apaOovgm1iMyWqcZ5ryetFzaT8e6JyoMIXXsjwR4
KBOhdjJ9ciqWa6hToQs6LmjOSp14XQz+IFPINr9bbItD
-----END CERTIFICATE-----
Generated at Thu Apr 17 20:15:11 2025 by rpki-client