Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0n1CPjiXD1GVFM3Ax9woTUgFKx8.roa
File: 0n1CPjiXD1GVFM3Ax9woTUgFKx8.roa (raw, json)
Hash identifier: p9fJByBlt1Q0LyTxCX04SC7aljapxJNfVrUyXwB1YSE=
Subject key identifier: D2:7D:42:3E:38:97:0F:51:95:14:CD:C0:C7:DC:28:4D:48:05:2B:1F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193A665B2038DDB6503BC6CDD0681A23455
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0n1CPjiXD1GVFM3Ax9woTUgFKx8.roa
Signing time: Sun 08 Dec 2024 13:11:42 +0000
ROA not before: Sun 08 Dec 2024 13:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215269
IP address blocks: 89.213.49.0/24 maxlen: 24
89.213.51.0/24 maxlen: 24
109.176.254.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 09 Dec 2024 08:56:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a6:65:b2:03:8d:db:65:03:bc:6c:dd:06:81:a2:34:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 8 13:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d27d423e38970f519514cdc0c7dc284d48052b1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ce:61:d0:79:22:c9:b6:dc:b0:0e:6b:28:98:
3b:43:d3:ac:e0:5f:82:9b:1a:f3:fc:0c:48:17:4c:
3c:d9:29:5a:e3:95:ba:6d:8b:2a:25:66:d2:36:f4:
82:fd:3a:eb:8b:eb:c7:c5:83:37:49:eb:f6:9d:cb:
6d:e3:88:6f:6e:72:24:db:7f:e6:b5:fb:8f:36:25:
76:05:1d:dc:30:53:66:49:86:32:47:cd:ef:f8:50:
a4:55:a3:a1:21:23:10:65:c9:e9:37:4d:6a:d7:00:
93:84:21:fd:a4:a7:08:9f:31:06:37:c4:24:48:31:
8b:de:58:88:53:0e:dc:c7:60:8b:21:c2:88:97:d2:
bb:08:4d:92:c1:0c:59:8a:24:87:8f:d8:dd:43:23:
aa:32:70:95:ef:cc:40:bf:b0:da:d7:98:52:ab:81:
09:eb:5c:c3:1b:1b:93:de:85:23:70:3b:02:82:51:
25:42:fd:3f:90:07:29:fd:95:6f:c9:32:f5:d7:8c:
64:35:00:de:d9:86:82:a4:8a:fa:94:c1:57:69:1d:
0a:b3:76:06:d4:9b:e3:9b:aa:f5:ab:86:99:cd:57:
b8:ff:55:99:23:6b:9d:ec:2e:7b:13:19:d4:50:e0:
a0:39:bd:b3:66:35:14:dd:df:b4:5a:96:9b:92:c1:
c9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:7D:42:3E:38:97:0F:51:95:14:CD:C0:C7:DC:28:4D:48:05:2B:1F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0n1CPjiXD1GVFM3Ax9woTUgFKx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.49.0/24
89.213.51.0/24
109.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:05:62:3e:99:fb:6e:28:57:8c:7b:31:eb:55:f9:bd:18:e0:
af:8e:65:fe:4e:ea:bf:d3:16:59:23:b8:12:dd:a2:bc:ef:b4:
9c:38:18:f4:08:4e:4e:85:ff:e7:b4:d3:42:86:19:76:2f:c2:
ad:dc:65:9b:65:2a:6c:51:ec:7b:6b:70:05:b5:81:3d:e9:5a:
ff:d1:97:cc:88:53:d9:17:0f:72:5c:8b:15:52:d5:02:30:c7:
02:6d:aa:51:3e:83:a6:2a:e1:c7:2f:89:5d:c4:24:93:00:e4:
35:6f:b8:9b:6a:54:10:3a:b6:1f:3b:f6:c8:30:05:ae:52:0e:
20:d2:e8:79:93:c5:91:85:f4:ce:33:5b:52:27:41:a1:f9:ec:
93:4a:3c:70:7c:a5:7a:25:e7:5e:49:be:ee:5c:84:9c:a6:42:
91:8f:7e:88:d4:cc:f8:2d:1b:e0:12:64:84:f7:ae:d0:bc:9a:
d9:ef:0a:dd:56:ba:57:48:92:c6:e5:c7:60:a1:3a:39:9e:61:
a5:53:9d:cd:d5:1a:36:93:b5:e8:78:45:a3:ba:da:78:1d:0f:
4a:ff:00:84:02:64:2d:f3:91:b9:9b:80:d8:aa:2a:61:96:37:
c3:3b:6d:71:76:43:5a:97:d6:0f:3a:39:5b:04:ea:f4:f6:c1:
af:f4:b1:39
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOmZbIDjdtlA7xs3QaBojRVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA4MTMxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjdkNDIzZTM4OTcwZjUxOTUxNGNkYzBjN2RjMjg0ZDQ4MDUyYjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9s5h0HkiybbcsA5rKJg7Q9Os4F+C
mxrz/AxIF0w82Sla45W6bYsqJWbSNvSC/Trri+vHxYM3Sev2nctt44hvbnIk23/m
tfuPNiV2BR3cMFNmSYYyR83v+FCkVaOhISMQZcnpN01q1wCThCH9pKcInzEGN8Qk
SDGL3liIUw7cx2CLIcKIl9K7CE2SwQxZiiSHj9jdQyOqMnCV78xAv7Da15hSq4EJ
61zDGxuT3oUjcDsCglElQv0/kAcp/ZVvyTL114xkNQDe2YaCpIr6lMFXaR0Ks3YG
1Jvjm6r1q4aZzVe4/1WZI2ud7C57ExnUUOCgOb2zZjUU3d+0WpabksHJIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNJ9Qj44lw9RlRTNwMfcKE1IBSsfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMG4xQ1BqaVhEMUdWRk0zQXg5d29UVWdGS3g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdUxAwQA
WdUzAwQBbbD+MA0GCSqGSIb3DQEBCwUAA4IBAQANBWI+mftuKFeMezHrVfm9GOCv
jmX+Tuq/0xZZI7gS3aK877ScOBj0CE5Ohf/ntNNChhl2L8Kt3GWbZSpsUex7a3AF
tYE96Vr/0ZfMiFPZFw9yXIsVUtUCMMcCbapRPoOmKuHHL4ldxCSTAOQ1b7ibalQQ
OrYfO/bIMAWuUg4g0uh5k8WRhfTOM1tSJ0Gh+eyTSjxwfKV6JedeSb7uXIScpkKR
j36I1Mz4LRvgEmSE967QvJrZ7wrdVrpXSJLG5cdgoTo5nmGlU53N1Ro2k7XoeEWj
utp4HQ9K/wCEAmQt85G5m4DYqiphljfDO21xdkNal9YPOjlbBOr09sGv9LE5
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:43 2025 by rpki-client