Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/83lQJxyRD9ewM73gAnwurM_p6yc.roa
File: 83lQJxyRD9ewM73gAnwurM_p6yc.roa (raw, json)
Hash identifier: +bUtDJ3PqKt+M8+e/KIoWoRiN6qZFDydbRAqhLw7EEI=
Subject key identifier: F3:79:50:27:1C:91:0F:D7:B0:33:BD:E0:02:7C:2E:AC:CF:E9:EB:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193AC5E24758DD833E8217B3626800CD421
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/83lQJxyRD9ewM73gAnwurM_p6yc.roa
Signing time: Mon 09 Dec 2024 17:01:10 +0000
ROA not before: Mon 09 Dec 2024 17:01:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215269
IP address blocks: 89.213.49.0/24 maxlen: 24
89.213.51.0/24 maxlen: 24
109.176.254.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ac:5e:24:75:8d:d8:33:e8:21:7b:36:26:80:0c:d4:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 9 17:01:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f37950271c910fd7b033bde0027c2eaccfe9eb27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fc:49:5e:8c:75:bb:26:63:f7:d0:c4:71:08:e0:
8e:aa:74:35:49:a0:29:ba:22:93:d0:2d:96:bf:2c:
87:42:5d:8f:a9:62:a0:13:72:c8:8e:35:81:ea:5c:
8e:11:44:ec:de:06:be:55:63:4e:0c:11:c6:a2:4d:
e6:12:40:42:b7:9a:3d:8f:86:3e:f2:a8:8e:f7:57:
d1:c2:cf:a0:e4:44:70:ee:a2:82:66:2c:47:df:48:
87:83:4c:1f:12:f0:fa:35:64:e0:ee:c3:ec:f9:5e:
29:ca:31:80:9b:c2:2e:30:d9:cf:02:95:cd:74:65:
35:c3:18:47:5e:57:7c:dd:da:ba:51:f2:c3:ef:7f:
42:a8:91:fa:4d:42:4b:f6:3b:33:b7:fd:fa:81:ff:
ad:5c:00:83:49:95:67:a3:e3:ed:77:c5:81:9c:45:
d5:f3:b2:38:17:6e:45:2b:07:d0:82:c0:4d:49:1d:
ac:75:e9:95:21:42:36:9b:e6:13:49:c5:58:84:c0:
ce:a3:a9:05:30:e6:e5:d9:b7:b5:e7:ea:8c:24:2d:
96:44:60:fb:5e:71:67:fb:88:19:48:93:bd:19:c6:
5e:21:d6:46:15:f1:2b:59:42:33:fd:5d:10:60:22:
93:87:11:45:54:75:05:74:d0:ad:8c:5c:4c:30:65:
80:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:79:50:27:1C:91:0F:D7:B0:33:BD:E0:02:7C:2E:AC:CF:E9:EB:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/83lQJxyRD9ewM73gAnwurM_p6yc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.49.0/24
89.213.51.0/24
109.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
98:de:3e:07:d9:7c:8a:91:57:26:d1:db:d1:7b:f4:07:80:6e:
2f:b8:62:96:b0:e5:8c:c5:49:f2:25:85:8b:f9:a5:ca:e7:2e:
80:d0:82:63:70:98:07:a0:1f:44:58:60:db:68:5c:3a:87:f1:
37:a1:0a:2c:ce:57:2d:e7:30:f6:05:03:49:ea:a3:7e:77:f4:
72:07:62:92:5b:99:eb:77:72:af:bc:1d:01:7f:10:3c:1b:5c:
88:ef:b8:43:ec:93:2a:66:bb:ef:dc:c5:30:dc:38:c3:81:fc:
d0:23:5b:4a:98:58:33:ed:0d:ca:b0:a0:8d:9a:71:66:61:fb:
de:36:b7:61:d3:47:51:2d:e1:df:07:2c:28:5f:36:fa:88:a9:
94:ae:4d:db:bd:50:8f:44:fd:c9:15:d3:98:02:d8:4f:79:00:
65:1a:db:4e:13:ca:35:dd:de:38:d0:77:4e:3c:e8:5a:83:a6:
61:03:e6:38:f0:c8:ae:0a:4a:bd:bb:cf:09:e8:2c:b7:4b:72:
f4:c2:60:9e:9d:cd:a8:0a:f1:57:22:a6:1c:7d:2f:7c:77:d7:
89:ff:37:b9:20:f3:34:bd:7f:34:e2:99:6f:c6:c4:f9:93:ad:
18:21:29:26:3d:22:13:6f:e6:0f:e5:9a:86:60:fa:e6:e6:b3:
33:e0:0a:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZOsXiR1jdgz6CF7NiaADNQhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA5MTcwMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzc5NTAyNzFjOTEwZmQ3YjAzM2JkZTAwMjdjMmVhY2NmZTllYjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA/ElejHW7JmP30MRxCOCOqnQ1SaAp
uiKT0C2WvyyHQl2PqWKgE3LIjjWB6lyOEUTs3ga+VWNODBHGok3mEkBCt5o9j4Y+
8qiO91fRws+g5ERw7qKCZixH30iHg0wfEvD6NWTg7sPs+V4pyjGAm8IuMNnPApXN
dGU1wxhHXld83dq6UfLD739CqJH6TUJL9jszt/36gf+tXACDSZVno+Ptd8WBnEXV
87I4F25FKwfQgsBNSR2sdemVIUI2m+YTScVYhMDOo6kFMObl2be15+qMJC2WRGD7
XnFn+4gZSJO9GcZeIdZGFfErWUIz/V0QYCKThxFFVHUFdNCtjFxMMGWA8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPN5UCcckQ/XsDO94AJ8LqzP6esnMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvODNsUUp4eVJEOWV3TTczZ0Fud3VyTV9wNnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdUxAwQA
WdUzAwQBbbD+MA0GCSqGSIb3DQEBCwUAA4IBAQCY3j4H2XyKkVcm0dvRe/QHgG4v
uGKWsOWMxUnyJYWL+aXK5y6A0IJjcJgHoB9EWGDbaFw6h/E3oQoszlct5zD2BQNJ
6qN+d/RyB2KSW5nrd3KvvB0BfxA8G1yI77hD7JMqZrvv3MUw3DjDgfzQI1tKmFgz
7Q3KsKCNmnFmYfveNrdh00dRLeHfBywoXzb6iKmUrk3bvVCPRP3JFdOYAthPeQBl
GttOE8o13d440HdOPOhag6ZhA+Y48MiuCkq9u88J6Cy3S3L0wmCenc2oCvFXIqYc
fS98d9eJ/ze5IPM0vX804plvxsT5k60YISkmPSITb+YP5ZqGYPrm5rMz4ArL
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:43 2025 by rpki-client