Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2ZH9qD4JPAKLLptpfoGh0aJYhE8.roa
File: 2ZH9qD4JPAKLLptpfoGh0aJYhE8.roa (raw, json)
Hash identifier: BwNkqLLcmSKaoZpSlUQYKUY9Ef5TY6G4vp2y3l4PUsU=
Subject key identifier: D9:91:FD:A8:3E:09:3C:02:8B:2E:9B:69:7E:81:A1:D1:A2:58:84:4F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190A7B23DC38EF073B2D6EEF298E88FD21B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2ZH9qD4JPAKLLptpfoGh0aJYhE8.roa
Signing time: Fri 12 Jul 2024 16:06:34 +0000
ROA not before: Fri 12 Jul 2024 16:06:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 89.213.50.0/24 maxlen: 24
89.213.120.0/24 maxlen: 24
213.210.39.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 09:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a7:b2:3d:c3:8e:f0:73:b2:d6:ee:f2:98:e8:8f:d2:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 12 16:06:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d991fda83e093c028b2e9b697e81a1d1a258844f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f0:bd:5e:fc:62:82:1e:bd:74:88:75:bb:a9:
40:ee:88:61:4b:59:3e:74:a4:58:a1:14:b1:82:38:
31:75:0b:af:e3:02:a4:c3:b3:60:06:6d:c6:63:41:
f5:69:57:d0:02:ac:8a:23:3b:51:9b:fd:c2:99:f0:
f0:d1:a1:17:f0:e5:5f:7c:d7:cb:4a:51:52:ac:69:
be:eb:1d:07:6e:04:9c:f5:08:91:b5:60:7a:20:78:
07:c6:16:86:b7:6c:34:de:c1:75:8d:fb:aa:b9:e6:
dd:f1:8e:4f:a4:a1:dd:59:a9:98:64:e4:fc:e4:d8:
af:08:58:89:3f:3b:84:f7:a6:db:88:9d:65:02:49:
ac:10:96:f5:97:89:37:f8:9c:be:54:d3:ad:73:19:
1c:1a:ba:78:a8:fe:1e:94:7e:7a:b0:35:de:78:8c:
7a:27:3b:cf:cb:a9:0e:60:d9:1b:aa:35:c7:18:1e:
08:0f:df:89:73:8b:8e:dc:a6:98:3b:e7:d2:07:9e:
56:f9:7b:c3:83:9a:5d:7c:3f:33:71:63:8c:e1:13:
3d:4a:69:79:46:9c:27:cc:9a:b2:f9:29:9a:8f:8d:
55:ae:9a:29:ae:84:b6:f2:5f:31:89:89:b6:bf:a8:
1b:5e:7a:65:77:88:25:1a:a2:cb:63:07:b4:7a:d9:
34:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:91:FD:A8:3E:09:3C:02:8B:2E:9B:69:7E:81:A1:D1:A2:58:84:4F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2ZH9qD4JPAKLLptpfoGh0aJYhE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.50.0/24
89.213.120.0/24
213.210.39.0/24
213.218.234.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
90:a4:22:a1:03:e6:7a:b9:01:70:27:21:30:79:91:ad:c4:7f:
de:58:5c:b1:0b:22:81:f9:97:ac:d3:fc:b9:e4:24:a1:a9:02:
86:29:25:a2:64:45:21:77:cc:6e:bb:ef:ea:08:ed:32:bc:2d:
b4:1e:bb:29:42:5f:52:42:ce:d9:bc:9c:af:89:ed:ce:4c:0e:
eb:65:49:e2:7e:3d:97:3c:9a:23:21:45:1e:fb:67:b1:8d:a6:
30:e9:52:e8:0e:48:d3:c4:20:2e:35:c0:44:74:3f:e1:6e:90:
23:80:c1:3a:93:88:dd:d3:61:cf:e1:9e:ff:2e:05:f9:0d:f0:
10:77:9e:ef:16:f3:4d:ce:45:09:8d:25:1b:a5:8e:92:2c:6f:
7c:1e:87:e0:91:a4:bd:6c:fa:59:75:86:44:5b:d5:03:27:f8:
84:ec:b5:6d:b1:82:dc:93:c7:14:ab:00:3f:44:b2:f8:f7:d4:
ad:f0:fc:1b:50:de:b8:04:b9:dc:f8:30:a3:80:b7:a9:74:88:
28:99:2c:5d:ab:a0:38:fd:d8:a4:d8:a2:a6:f4:f9:f8:a8:0f:
fe:a5:54:61:d9:ec:12:72:2c:55:8c:b5:3f:8b:fd:11:7c:c6:
55:d3:0b:bc:ca:c7:9c:76:b2:13:35:4e:2c:6e:d1:2e:02:f4:
5f:5f:15:ee
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZCnsj3DjvBzstbu8pjoj9IbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzEyMTYwNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTkxZmRhODNlMDkzYzAyOGIyZTliNjk3ZTgxYTFkMWEyNTg4NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/C9Xvxigh69dIh1u6lA7ohhS1k+
dKRYoRSxgjgxdQuv4wKkw7NgBm3GY0H1aVfQAqyKIztRm/3CmfDw0aEX8OVffNfL
SlFSrGm+6x0HbgSc9QiRtWB6IHgHxhaGt2w03sF1jfuquebd8Y5PpKHdWamYZOT8
5NivCFiJPzuE96bbiJ1lAkmsEJb1l4k3+Jy+VNOtcxkcGrp4qP4elH56sDXeeIx6
JzvPy6kOYNkbqjXHGB4ID9+Jc4uO3KaYO+fSB55W+XvDg5pdfD8zcWOM4RM9Sml5
RpwnzJqy+Smaj41VrpoproS28l8xiYm2v6gbXnpld4glGqLLYwe0etk0FQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNmR/ag+CTwCiy6baX6BodGiWIRPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMlpIOXFENEpQQUtMTHB0cGZvR2gwYUpZaEU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWdUyAwQA
WdV4AwQA1dInAwQA1drqAwQA2ZFEMA0GCSqGSIb3DQEBCwUAA4IBAQCQpCKhA+Z6
uQFwJyEweZGtxH/eWFyxCyKB+Zes0/y55CShqQKGKSWiZEUhd8xuu+/qCO0yvC20
HrspQl9SQs7ZvJyvie3OTA7rZUnifj2XPJojIUUe+2exjaYw6VLoDkjTxCAuNcBE
dD/hbpAjgME6k4jd02HP4Z7/LgX5DfAQd57vFvNNzkUJjSUbpY6SLG98HofgkaS9
bPpZdYZEW9UDJ/iE7LVtsYLck8cUqwA/RLL499St8PwbUN64BLnc+DCjgLepdIgo
mSxdq6A4/dik2KKm9Pn4qA/+pVRh2ewScixVjLU/i/0RfMZV0wu8ysecdrITNU4s
btEuAvRfXxXu
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:42 2025 by rpki-client