Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0cksuA9K_zxao8KukiaTMRzzOIU.roa
File: 0cksuA9K_zxao8KukiaTMRzzOIU.roa (raw, json)
Hash identifier: zH/rpFw4vt/orKTfwWH9Ia/F1d9ZpZgyhRyIB1SWNow=
Subject key identifier: D1:C9:2C:B8:0F:4A:FF:3C:5A:A3:C2:AE:92:26:93:31:1C:F3:38:85
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191B3605E6B51274B00A55B51E565EA0F2C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0cksuA9K_zxao8KukiaTMRzzOIU.roa
Signing time: Mon 02 Sep 2024 15:35:22 +0000
ROA not before: Mon 02 Sep 2024 15:35:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60117
IP address blocks: 89.213.229.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 23:57:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b3:60:5e:6b:51:27:4b:00:a5:5b:51:e5:65:ea:0f:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 2 15:35:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1c92cb80f4aff3c5aa3c2ae922693311cf33885
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:39:f2:1c:3a:e2:d9:37:6c:a8:87:79:e1:a5:
a6:94:a8:a9:09:64:19:cd:e3:dd:4b:76:44:1d:a7:
a5:e0:d5:07:df:e9:84:64:c8:f5:f7:ee:e6:ea:44:
18:5b:71:ab:6a:8f:6e:01:a7:02:16:06:61:14:da:
a6:77:58:f3:a9:fa:17:c3:04:af:56:1e:92:31:24:
5b:90:2f:8e:c6:63:e7:45:a9:ab:ea:06:f4:86:e0:
6a:7a:be:50:4d:92:3f:be:ea:95:24:fc:5f:3c:e4:
04:03:b1:56:78:76:e2:ce:46:cc:d2:31:94:e2:f1:
e7:1b:1f:c8:34:5f:ab:6c:8f:a4:1a:41:fe:56:7b:
61:a3:db:39:67:a8:b4:74:64:c6:36:69:05:57:c0:
5e:99:bf:e1:49:58:95:45:66:1c:94:bc:3d:aa:62:
f1:20:9e:65:46:8e:ed:1a:b9:85:17:2d:a5:06:d7:
b1:79:81:78:8c:1c:ec:bc:08:14:fa:7d:c0:bb:9b:
ee:00:e1:95:90:bc:43:47:98:c8:ec:1d:5c:a8:c0:
a6:8b:97:b9:52:0a:25:45:21:c4:e8:95:46:b5:7e:
f9:10:2e:e1:c9:a4:67:31:69:b2:86:44:67:d6:07:
f8:43:4f:fe:1e:c1:24:86:17:70:a9:db:02:d6:5b:
23:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:C9:2C:B8:0F:4A:FF:3C:5A:A3:C2:AE:92:26:93:31:1C:F3:38:85
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0cksuA9K_zxao8KukiaTMRzzOIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.229.0/24
Signature Algorithm: sha256WithRSAEncryption
17:39:7c:86:e7:40:f0:f3:55:24:c5:32:0c:72:16:b9:60:4d:
24:cc:9d:5d:8b:b6:72:16:8a:b6:7c:3c:b7:42:fa:4a:c5:b2:
ed:a2:b7:dd:3a:1e:52:08:54:58:2d:81:73:ca:2f:e6:c6:0b:
dc:3e:b2:4f:bc:85:10:61:b1:d8:d6:24:ef:d7:25:e3:46:f5:
74:ad:e4:b0:30:88:51:ff:65:8a:4e:6c:6a:4d:a5:ac:a3:29:
7d:40:52:22:85:24:d3:a6:50:e6:37:fb:4a:5e:5f:01:13:23:
ed:1e:9b:59:4f:5b:1b:1c:41:d3:f7:be:4d:67:b6:d7:81:97:
f6:7a:95:15:e2:81:37:cf:ba:f9:c2:d6:bd:6c:6f:c6:41:0d:
c5:1d:cc:33:16:87:e7:e1:c0:f2:f1:f8:60:9a:7f:d8:da:31:
92:75:32:ea:b9:be:bf:35:e3:c2:20:46:2f:a6:fd:19:14:7c:
97:67:eb:48:5b:9d:2f:71:55:2a:4f:e0:67:8e:76:f6:90:aa:
b1:a3:ff:e4:d3:a9:14:b9:48:80:16:27:be:c1:9a:f5:4e:98:
be:65:a5:da:9c:90:ae:22:ec:c8:bc:5d:a2:22:ff:9d:ec:84:
e5:93:6b:06:7f:22:b9:8a:a0:4f:be:02:44:e8:e7:20:4d:cd:
6d:95:af:1d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGzYF5rUSdLAKVbUeVl6g8sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTAyMTUzNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWM5MmNiODBmNGFmZjNjNWFhM2MyYWU5MjI2OTMzMTFjZjMzODg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTnyHDri2TdsqId54aWmlKipCWQZ
zePdS3ZEHael4NUH3+mEZMj19+7m6kQYW3Grao9uAacCFgZhFNqmd1jzqfoXwwSv
Vh6SMSRbkC+OxmPnRamr6gb0huBqer5QTZI/vuqVJPxfPOQEA7FWeHbizkbM0jGU
4vHnGx/INF+rbI+kGkH+Vntho9s5Z6i0dGTGNmkFV8Bemb/hSViVRWYclLw9qmLx
IJ5lRo7tGrmFFy2lBtexeYF4jBzsvAgU+n3Au5vuAOGVkLxDR5jI7B1cqMCmi5e5
UgolRSHE6JVGtX75EC7hyaRnMWmyhkRn1gf4Q0/+HsEkhhdwqdsC1lsjvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNHJLLgPSv88WqPCrpImkzEc8ziFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMGNrc3VBOUtfenhhbzhLdWtpYVRNUnp6T0lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdXlMA0G
CSqGSIb3DQEBCwUAA4IBAQAXOXyG50Dw81UkxTIMcha5YE0kzJ1di7ZyFoq2fDy3
QvpKxbLtorfdOh5SCFRYLYFzyi/mxgvcPrJPvIUQYbHY1iTv1yXjRvV0reSwMIhR
/2WKTmxqTaWsoyl9QFIihSTTplDmN/tKXl8BEyPtHptZT1sbHEHT975NZ7bXgZf2
epUV4oE3z7r5wta9bG/GQQ3FHcwzFofn4cDy8fhgmn/Y2jGSdTLqub6/NePCIEYv
pv0ZFHyXZ+tIW50vcVUqT+Bnjnb2kKqxo//k06kUuUiAFie+wZr1Tpi+ZaXanJCu
IuzIvF2iIv+d7ITlk2sGfyK5iqBPvgJE6OcgTc1tla8d
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:47 2025 by rpki-client