Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa
File: 0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa (raw, json)
Hash identifier: b/avJwQKEtkNm7PuaMW0NlG9A4Lp31UzSZMS5olfVkc=
Subject key identifier: D2:B5:AE:7E:EC:66:78:AF:1F:77:13:D6:D0:48:70:E0:73:F8:81:A2
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D0CEAA5B438C8BAEB023CC5D299496AAF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa
Signing time: Mon 15 Jan 2024 11:38:40 +0000
ROA not before: Mon 15 Jan 2024 11:38:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215727
IP address blocks: 89.213.157.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 22:55:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0c:ea:a5:b4:38:c8:ba:eb:02:3c:c5:d2:99:49:6a:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 15 11:38:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2b5ae7eec6678af1f7713d6d04870e073f881a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:23:57:bd:49:f6:5b:2c:94:94:14:31:a9:3a:
09:a8:2e:04:57:d3:0b:a5:58:50:d2:00:c8:68:c4:
04:c7:30:20:51:6d:ac:05:12:5b:08:22:9e:e3:21:
95:9e:dc:0a:3d:f5:cb:f5:8c:70:51:31:7a:98:41:
1c:ca:f5:2c:24:0e:27:5a:7a:b4:2d:9f:ba:b2:40:
d0:0a:4f:9a:c9:a5:95:e3:15:a6:6c:4d:cf:e6:b9:
46:f5:32:86:96:3c:83:84:07:f0:cf:c1:df:e8:01:
84:79:c2:76:53:66:3c:53:a7:de:f6:58:0e:ae:79:
54:6d:65:79:51:7a:18:ba:a0:22:a5:c4:46:3e:3c:
83:3b:cd:5b:6b:b7:a4:1c:76:57:96:57:7f:3f:b5:
e8:df:0d:88:d5:5d:53:93:f6:35:a2:9e:fe:b6:97:
97:d6:d0:31:e7:51:b1:51:04:53:d3:0f:5f:52:bf:
d0:a8:b0:92:b1:43:75:13:a4:64:8c:44:78:09:f2:
6c:42:fc:82:92:f2:85:e2:9b:55:48:08:77:d9:fa:
36:cb:e2:70:4b:6b:24:7a:cc:f6:af:33:88:08:eb:
3e:2e:1e:3a:31:66:37:ab:4b:28:e8:9b:bb:38:fa:
de:51:78:2f:7f:48:21:1f:5e:a6:66:54:4d:bb:35:
92:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:B5:AE:7E:EC:66:78:AF:1F:77:13:D6:D0:48:70:E0:73:F8:81:A2
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0rWufuxmeK8fdxPW0Ehw4HP4gaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.157.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:51:b7:f3:44:bb:b6:07:0b:89:fe:c5:1e:b5:90:c1:4a:e2:
70:94:c6:45:b7:9d:e1:7d:69:96:1b:cd:21:30:37:bd:51:28:
59:2b:ef:7f:6a:e6:f1:fa:d4:6f:8a:13:22:fb:8c:f9:42:d2:
09:04:7f:0d:96:72:48:ab:79:2c:62:de:60:55:92:eb:1e:ee:
62:f3:d4:ca:44:f3:ac:d2:1b:b4:99:ae:82:a9:05:9f:f7:e0:
e8:65:65:55:86:d7:ca:d8:78:1f:c7:b1:65:23:e4:bf:dc:f9:
04:ca:6a:e1:57:2c:0e:89:48:b8:a1:2c:be:49:b8:33:d3:31:
bf:ba:0e:16:3d:b2:94:14:52:04:cc:ec:82:a8:7c:4d:6a:e4:
50:fd:51:bd:2d:d8:5e:45:4f:9e:dd:01:61:13:a5:f3:3f:35:
9a:53:cf:d1:27:d5:0b:9f:d6:e1:29:6e:02:18:32:2b:05:44:
d1:88:83:7a:4d:8d:83:ee:1a:7f:a4:95:26:26:4a:ab:c8:74:
09:3f:13:9d:70:19:20:33:e2:52:c8:c0:20:d5:48:a4:24:2e:
7b:ab:c1:fc:61:79:43:ad:ee:1c:2a:1c:13:a7:03:91:d0:85:
55:1d:3d:5a:37:45:1e:35:c5:ce:38:66:b5:b5:7d:a1:d4:e8:
3a:96:96:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0M6qW0OMi66wI8xdKZSWqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTE1MTEzODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmI1YWU3ZWVjNjY3OGFmMWY3NzEzZDZkMDQ4NzBlMDczZjg4MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7SNXvUn2WyyUlBQxqToJqC4EV9ML
pVhQ0gDIaMQExzAgUW2sBRJbCCKe4yGVntwKPfXL9YxwUTF6mEEcyvUsJA4nWnq0
LZ+6skDQCk+ayaWV4xWmbE3P5rlG9TKGljyDhAfwz8Hf6AGEecJ2U2Y8U6fe9lgO
rnlUbWV5UXoYuqAipcRGPjyDO81ba7ekHHZXlld/P7Xo3w2I1V1Tk/Y1op7+tpeX
1tAx51GxUQRT0w9fUr/QqLCSsUN1E6RkjER4CfJsQvyCkvKF4ptVSAh32fo2y+Jw
S2skesz2rzOICOs+Lh46MWY3q0so6Ju7OPreUXgvf0ghH16mZlRNuzWSgwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNK1rn7sZnivH3cT1tBIcOBz+IGiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMHJXdWZ1eG1lSzhmZHhQVzBFaHc0SFA0Z2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWdMA0G
CSqGSIb3DQEBCwUAA4IBAQAeUbfzRLu2BwuJ/sUetZDBSuJwlMZFt53hfWmWG80h
MDe9UShZK+9/aubx+tRvihMi+4z5QtIJBH8NlnJIq3ksYt5gVZLrHu5i89TKRPOs
0hu0ma6CqQWf9+DoZWVVhtfK2Hgfx7FlI+S/3PkEymrhVywOiUi4oSy+Sbgz0zG/
ug4WPbKUFFIEzOyCqHxNauRQ/VG9LdheRU+e3QFhE6XzPzWaU8/RJ9ULn9bhKW4C
GDIrBUTRiIN6TY2D7hp/pJUmJkqryHQJPxOdcBkgM+JSyMAg1UikJC57q8H8YXlD
re4cKhwTpwOR0IVVHT1aN0UeNcXOOGa1tX2h1Og6lpYm
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:38 2025 by rpki-client