Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-qcWshSZsAsZG6ElB7UFL4XM93U.roa
File: 1-qcWshSZsAsZG6ElB7UFL4XM93U.roa (raw, json)
Hash identifier: vnkiJSs5nCorBNGDryrQNP5g9QSScafr4sQre9cEdwE=
Subject key identifier: FA:A7:16:B2:14:99:B0:0B:19:1B:A1:25:07:B5:05:2F:85:CC:F7:75
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B3DAB0099492DD6BBD14169E4D48EDA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-qcWshSZsAsZG6ElB7UFL4XM93U.roa
Signing time: Fri 06 Dec 2024 09:12:10 +0000
ROA not before: Fri 06 Dec 2024 09:12:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44803
IP address blocks: 89.28.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:3d:ab:00:99:49:2d:d6:bb:d1:41:69:e4:d4:8e:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:12:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=faa716b21499b00b191ba12507b5052f85ccf775
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:80:13:3e:07:e4:4e:a5:a3:06:2f:cb:57:99:
bf:1c:db:5e:c1:19:8c:be:d1:de:4f:ac:6d:53:c7:
3a:64:b4:0d:3e:fc:18:25:ef:9d:e3:19:8b:a5:4e:
ff:70:de:85:e8:8f:dd:80:ec:16:c7:af:ed:83:54:
c4:54:a8:28:b7:a1:f0:d7:f3:d9:95:da:48:c1:76:
6e:f3:be:66:6a:ef:21:3a:67:d4:7a:18:32:ca:08:
60:b0:07:22:63:e7:a1:54:83:8c:cf:a2:c6:fe:91:
b3:e3:62:d0:77:97:c4:e3:74:23:23:70:ea:6d:45:
80:16:63:9c:8f:34:f5:6e:f0:03:85:70:4a:1f:ba:
b7:de:7a:8c:1d:f1:a7:d0:d6:c9:03:b1:35:c7:24:
d6:a1:29:21:58:0e:96:49:a6:99:7a:1f:ff:58:f6:
79:64:6e:c4:ff:42:33:91:01:a2:5f:c7:08:36:7e:
6b:73:58:00:3e:9a:d6:61:63:eb:30:c0:dc:75:39:
83:8c:d0:82:4d:fc:3e:de:18:14:c5:ef:dd:20:dc:
c9:e1:af:dc:1e:da:f3:fd:a1:6b:40:84:97:76:9c:
41:f7:db:71:1a:bc:f7:8a:55:e1:db:a2:e5:09:ce:
66:9b:06:98:12:99:de:29:40:7a:5b:f7:33:75:8e:
13:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:A7:16:B2:14:99:B0:0B:19:1B:A1:25:07:B5:05:2F:85:CC:F7:75
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-qcWshSZsAsZG6ElB7UFL4XM93U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.236.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:74:9d:36:9f:70:58:27:95:47:36:89:b9:be:52:08:6a:07:
b3:30:da:f9:fc:75:41:e6:cf:e6:bb:d4:be:e2:7e:21:31:02:
d7:2b:be:d3:5f:31:39:2e:02:09:93:7f:ce:fc:fb:26:53:92:
c7:29:e3:a7:a6:1f:96:b2:e8:b9:d9:74:e9:d8:52:6f:bd:e9:
b5:f0:21:ff:e9:6a:54:2f:08:72:83:82:85:43:cb:e0:96:b0:
c4:75:94:4b:9d:3f:a2:41:74:76:e6:13:30:55:81:86:86:7b:
4e:96:aa:0a:2d:39:99:42:27:a0:8f:99:98:35:6b:a2:d2:48:
ff:99:8b:1b:a2:37:c0:f6:6f:5f:ce:1c:60:5c:83:03:7b:ce:
bb:69:19:92:eb:8b:ad:5f:b7:36:17:33:02:97:77:2d:f0:7f:
d8:64:41:8b:84:06:63:84:db:75:3c:6e:13:07:73:d2:f6:8a:
17:65:b0:ca:72:f0:53:9c:7b:47:5b:68:5a:7b:28:c7:73:44:
27:99:dc:be:71:6b:cb:7d:2a:e3:06:bb:c0:90:54:01:ce:d2:
9d:cd:28:15:24:4f:22:d1:a8:9f:16:d0:16:15:2b:f7:85:80:
d9:05:6b:08:14:97:87:1a:80:be:2d:01:4d:55:9a:71:e7:dc:
35:05:70:79
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZObPasAmUkt1rvRQWnk1I7aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkxMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWE3MTZiMjE0OTliMDBiMTkxYmExMjUwN2I1MDUyZjg1Y2NmNzc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIATPgfkTqWjBi/LV5m/HNtewRmM
vtHeT6xtU8c6ZLQNPvwYJe+d4xmLpU7/cN6F6I/dgOwWx6/tg1TEVKgot6Hw1/PZ
ldpIwXZu875mau8hOmfUehgyyghgsAciY+ehVIOMz6LG/pGz42LQd5fE43QjI3Dq
bUWAFmOcjzT1bvADhXBKH7q33nqMHfGn0NbJA7E1xyTWoSkhWA6WSaaZeh//WPZ5
ZG7E/0IzkQGiX8cINn5rc1gAPprWYWPrMMDcdTmDjNCCTfw+3hgUxe/dINzJ4a/c
Htrz/aFrQISXdpxB99txGrz3ilXh26LlCc5mmwaYEpneKUB6W/czdY4TrQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqnFrIUmbALGRuhJQe1BS+FzPd1MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1xY1dzaFNac0FzWkc2RWxCN1VGTDRYTTkzVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkc7DAN
BgkqhkiG9w0BAQsFAAOCAQEAinSdNp9wWCeVRzaJub5SCGoHszDa+fx1QebP5rvU
vuJ+ITEC1yu+018xOS4CCZN/zvz7JlOSxynjp6YflrLoudl06dhSb73ptfAh/+lq
VC8IcoOChUPL4JawxHWUS50/okF0duYTMFWBhoZ7TpaqCi05mUInoI+ZmDVrotJI
/5mLG6I3wPZvX84cYFyDA3vOu2kZkuuLrV+3NhczApd3LfB/2GRBi4QGY4TbdTxu
Ewdz0vaKF2WwynLwU5x7R1toWnsox3NEJ5ncvnFry30q4wa7wJBUAc7Snc0oFSRP
ItGonxbQFhUr94WA2QVrCBSXhxqAvi0BTVWacefcNQVweQ==
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:29:44 2025 by rpki-client