Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5uKXZejCKNsG_VqCvg8q3KJol5M.roa
File: 5uKXZejCKNsG_VqCvg8q3KJol5M.roa (raw, json)
Hash identifier: EbjVDuBk41iEMcRFoMasD7rcS0gLhDB+HOaUcqC14tk=
Subject key identifier: E6:E2:97:65:E8:C2:28:DB:06:FD:5A:82:BE:0F:2A:DC:A2:68:97:93
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906AFDD691E021985F38DA220F1D019313
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5uKXZejCKNsG_VqCvg8q3KJol5M.roa
Signing time: Sun 30 Jun 2024 21:12:18 +0000
ROA not before: Sun 30 Jun 2024 21:12:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215304
IP address blocks: 89.213.123.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 15 Jul 2024 08:14:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6a:fd:d6:91:e0:21:98:5f:38:da:22:0f:1d:01:93:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:12:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6e29765e8c228db06fd5a82be0f2adca2689793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:be:df:f9:1e:51:24:54:5f:d0:64:25:2c:1d:
d6:08:b2:fd:a9:b2:7d:a4:64:36:0a:a9:1b:a8:07:
83:b9:49:b2:d1:48:ce:67:49:0f:a0:9d:23:b4:b7:
52:13:dc:61:32:06:c1:56:68:96:f9:78:83:1b:e7:
bc:64:60:9f:57:b4:ca:f1:ab:8b:4b:d7:fa:4f:af:
4a:79:89:88:a7:96:2b:de:4d:dd:84:6a:16:3a:be:
d4:e0:fb:82:94:5c:6b:77:85:6c:35:e9:8a:01:37:
da:d4:16:c0:78:7d:dd:7a:90:80:62:2a:93:ec:bc:
8c:15:71:ad:d6:46:f5:7e:80:61:b4:83:35:57:e5:
a0:1d:5f:f3:71:71:bd:be:24:d3:8d:59:46:f9:ff:
44:92:41:03:b3:99:9c:06:47:33:b3:97:40:5e:9b:
8b:c5:0b:7a:7a:df:35:38:89:3a:9d:eb:1a:ef:69:
50:b6:16:37:45:07:81:3e:56:20:f1:88:cc:78:0b:
21:ea:54:d7:bc:70:52:d0:d9:61:68:31:7e:b4:a2:
03:56:1e:af:dd:45:8d:74:33:67:bd:47:90:d3:a8:
c8:99:1f:8e:83:98:4a:90:a5:d5:67:40:82:ad:76:
ae:7d:49:64:98:99:da:1d:14:69:5d:4e:ee:b2:55:
e2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:E2:97:65:E8:C2:28:DB:06:FD:5A:82:BE:0F:2A:DC:A2:68:97:93
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5uKXZejCKNsG_VqCvg8q3KJol5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.123.0/24
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
22:06:a7:c4:72:93:05:fd:13:f1:f2:b6:70:51:07:84:3e:71:
a1:b2:76:e3:77:80:73:63:30:be:8e:94:c3:ac:b5:4a:a0:26:
8d:2a:0a:f2:58:2d:07:58:11:cc:78:6e:71:3d:3e:31:8d:84:
25:ea:85:ac:1d:04:f5:95:85:b3:21:4d:83:5d:00:35:00:f9:
55:43:37:be:0d:24:22:14:24:81:e0:c7:f9:8c:b1:82:51:35:
fc:34:2e:e6:0b:a4:4a:3f:f1:1e:49:68:09:a0:40:aa:ae:4d:
84:97:42:c7:2d:21:2f:ed:07:f8:fb:1f:30:2b:77:cc:aa:b7:
82:2f:2c:60:83:1c:ef:40:a4:13:62:c5:14:86:74:c0:a1:11:
0f:9a:88:2d:51:be:39:ab:f8:d1:b1:f9:19:0d:3d:8d:34:61:
40:b7:6c:42:28:f9:2e:d3:92:19:66:63:06:2d:4e:31:95:21:
3a:79:31:c5:dd:4e:d9:fc:22:48:c8:e0:f4:b1:06:86:be:60:
9d:6a:22:92:fe:1d:97:ce:e7:51:d1:6e:48:e4:10:2b:27:6f:
df:8e:69:9e:e7:9d:ff:09:a5:9a:81:1b:5f:3b:87:b5:8e:ed:
94:f6:23:fb:6e:79:c3:ff:59:35:89:7a:37:fd:97:23:f8:88:
9e:b8:13:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBq/daR4CGYXzjaIg8dAZMTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjExMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmUyOTc2NWU4YzIyOGRiMDZmZDVhODJiZTBmMmFkY2EyNjg5NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAur7f+R5RJFRf0GQlLB3WCLL9qbJ9
pGQ2CqkbqAeDuUmy0UjOZ0kPoJ0jtLdSE9xhMgbBVmiW+XiDG+e8ZGCfV7TK8auL
S9f6T69KeYmIp5Yr3k3dhGoWOr7U4PuClFxrd4VsNemKATfa1BbAeH3depCAYiqT
7LyMFXGt1kb1foBhtIM1V+WgHV/zcXG9viTTjVlG+f9EkkEDs5mcBkczs5dAXpuL
xQt6et81OIk6nesa72lQthY3RQeBPlYg8YjMeAsh6lTXvHBS0NlhaDF+tKIDVh6v
3UWNdDNnvUeQ06jImR+Og5hKkKXVZ0CCrXaufUlkmJnaHRRpXU7uslXi9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFObil2XowijbBv1agr4PKtyiaJeTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNXVLWFplakNLTnNHX1ZxQ3ZnOHEzS0pvbDVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdV7AwQA
2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQAiBqfEcpMF/RPx8rZwUQeEPnGhsnbjd4Bz
YzC+jpTDrLVKoCaNKgryWC0HWBHMeG5xPT4xjYQl6oWsHQT1lYWzIU2DXQA1APlV
Qze+DSQiFCSB4Mf5jLGCUTX8NC7mC6RKP/EeSWgJoECqrk2El0LHLSEv7Qf4+x8w
K3fMqreCLyxggxzvQKQTYsUUhnTAoREPmogtUb45q/jRsfkZDT2NNGFAt2xCKPku
05IZZmMGLU4xlSE6eTHF3U7Z/CJIyOD0sQaGvmCdaiKS/h2XzudR0W5I5BArJ2/f
jmme553/CaWagRtfO4e1ju2U9iP7bnnD/1k1iXo3/Zcj+IieuBPc
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:42 2025 by rpki-client