Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7ic2baG660ISybe9MMaItiLk_CE.roa
File: 7ic2baG660ISybe9MMaItiLk_CE.roa (raw, json)
Hash identifier: K3Ufk92Fiw1jfiqd9fPM4VS5T0Qj5DBFwtLIrrx6pAQ=
Subject key identifier: EE:27:36:6D:A1:BA:EB:42:12:C9:B7:BD:30:C6:88:B6:22:E4:FC:21
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3496975CE73DF9CC58E0F67FF6AB9E9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7ic2baG660ISybe9MMaItiLk_CE.roa
Signing time: Mon 01 Jan 2024 04:30:17 +0000
ROA not before: Mon 01 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397630
IP address blocks: 89.213.162.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 15 Nov 2024 17:06:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:69:75:ce:73:df:9c:c5:8e:0f:67:ff:6a:b9:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee27366da1baeb4212c9b7bd30c688b622e4fc21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:64:2f:74:c4:28:a2:b5:54:ca:d5:b4:53:97:
1d:19:e4:60:76:86:6c:fc:03:ca:1b:13:22:2c:f9:
81:f7:11:e5:be:67:6c:42:42:72:18:45:07:25:95:
9f:af:36:b7:f6:7e:67:d4:c4:a7:66:2a:93:74:a5:
88:75:8a:b1:d5:57:0a:1f:e1:df:7f:cd:24:ce:a1:
ef:79:ee:9b:ee:7d:bf:f6:2e:d0:24:f0:70:30:5e:
27:57:ba:87:18:6d:81:36:d4:48:73:5b:01:d1:af:
74:b3:fd:58:4c:96:c1:a8:22:9e:31:4a:b4:d1:ec:
a0:fc:dd:f1:6a:21:2d:24:da:88:2f:a5:ea:2c:59:
f5:5e:12:6a:85:65:32:eb:9a:80:39:f3:64:a7:68:
f8:cf:37:cb:ca:53:a5:37:07:87:46:e6:8a:4d:86:
99:a6:09:e5:5f:65:96:1d:b4:46:05:74:b7:f4:53:
b8:9b:52:94:83:b8:4d:8c:a3:88:45:66:03:eb:5f:
c8:40:31:95:d3:65:05:1e:c5:a3:9d:28:04:1b:19:
ea:02:7b:ca:e3:b2:68:a2:2a:9b:45:30:c8:49:65:
f3:03:12:df:0b:e5:6f:7f:e2:f8:a1:b8:21:de:ca:
dd:ee:c8:4a:26:3d:ac:0f:98:78:fa:80:6d:5c:9b:
17:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:27:36:6D:A1:BA:EB:42:12:C9:B7:BD:30:C6:88:B6:22:E4:FC:21
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7ic2baG660ISybe9MMaItiLk_CE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.162.0/24
Signature Algorithm: sha256WithRSAEncryption
73:d4:38:59:23:6a:e2:70:99:6c:b1:e2:ba:7b:c4:df:28:ae:
13:38:81:b6:46:4c:fd:77:48:d1:e3:01:ca:7b:e8:31:b7:f3:
06:d2:38:c3:50:38:28:75:bb:b7:93:cf:44:89:bd:26:ec:d0:
62:f6:5b:f1:0a:54:10:93:62:ed:df:2a:f2:e0:20:3c:33:22:
56:61:b9:86:3d:74:7c:0b:9d:d2:05:04:85:fd:c3:41:9c:9b:
a4:a7:f0:2a:9d:f3:1f:02:7f:55:9e:bc:ba:3d:eb:83:1c:ce:
02:a7:68:06:3f:b2:66:77:71:38:2c:8c:56:da:8c:9b:3f:c8:
4b:5c:8c:d7:92:89:60:92:83:ba:27:96:06:f0:48:94:3a:db:
95:a9:f1:a6:08:db:7d:95:5e:38:5f:8b:3f:e1:87:9d:82:53:
e9:62:1b:fe:e2:82:50:39:57:dd:70:3c:39:98:02:e7:58:4a:
d9:d6:71:be:2f:5c:25:09:fc:6c:67:3a:9c:f6:6e:b2:7a:25:
06:6c:cf:6d:ed:a1:a9:57:16:46:8b:c6:80:0d:59:0d:d1:1b:
f2:e1:d7:15:be:69:04:97:5b:af:26:8e:c2:b7:b9:a6:a4:2a:
5d:da:5d:02:d7:ed:4f:52:2f:11:13:84:9a:5c:87:a3:e5:f2:
6a:a1:00:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWl1znPfnMWOD2f/arnpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTI3MzY2ZGExYmFlYjQyMTJjOWI3YmQzMGM2ODhiNjIyZTRmYzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGQvdMQoorVUytW0U5cdGeRgdoZs
/APKGxMiLPmB9xHlvmdsQkJyGEUHJZWfrza39n5n1MSnZiqTdKWIdYqx1VcKH+Hf
f80kzqHvee6b7n2/9i7QJPBwMF4nV7qHGG2BNtRIc1sB0a90s/1YTJbBqCKeMUq0
0eyg/N3xaiEtJNqIL6XqLFn1XhJqhWUy65qAOfNkp2j4zzfLylOlNweHRuaKTYaZ
pgnlX2WWHbRGBXS39FO4m1KUg7hNjKOIRWYD61/IQDGV02UFHsWjnSgEGxnqAnvK
47JooiqbRTDISWXzAxLfC+Vvf+L4obgh3srd7shKJj2sD5h4+oBtXJsXqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO4nNm2huutCEsm3vTDGiLYi5PwhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN2ljMmJhRzY2MElTeWJlOU1NYUl0aUxrX0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWiMA0G
CSqGSIb3DQEBCwUAA4IBAQBz1DhZI2ricJlsseK6e8TfKK4TOIG2Rkz9d0jR4wHK
e+gxt/MG0jjDUDgodbu3k89Eib0m7NBi9lvxClQQk2Lt3yry4CA8MyJWYbmGPXR8
C53SBQSF/cNBnJukp/AqnfMfAn9Vnry6PeuDHM4Cp2gGP7Jmd3E4LIxW2oybP8hL
XIzXkolgkoO6J5YG8EiUOtuVqfGmCNt9lV44X4s/4YedglPpYhv+4oJQOVfdcDw5
mALnWErZ1nG+L1wlCfxsZzqc9m6yeiUGbM9t7aGpVxZGi8aADVkN0Rvy4dcVvmkE
l1uvJo7Ct7mmpCpd2l0C1+1PUi8RE4SaXIej5fJqoQA4
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:42 2025 by rpki-client