Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8nzuLgiJiOwFprAH6OCEQE6QGbU.roa
File: 8nzuLgiJiOwFprAH6OCEQE6QGbU.roa (raw, json)
Hash identifier: LQgR0vjG3GdGj2U5N8CRV8b0O4qvq31L+6sZS6k6Neg=
Subject key identifier: F2:7C:EE:2E:08:89:88:EC:05:A6:B0:07:E8:E0:84:40:4E:90:19:B5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FB93CD6B71422877B32E37648C345BDF9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8nzuLgiJiOwFprAH6OCEQE6QGbU.roa
Signing time: Mon 27 May 2024 08:48:43 +0000
ROA not before: Mon 27 May 2024 08:48:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211318
IP address blocks: 89.213.146.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 16:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:3c:d6:b7:14:22:87:7b:32:e3:76:48:c3:45:bd:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 27 08:48:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f27cee2e088988ec05a6b007e8e084404e9019b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:6d:04:48:cb:ab:5f:da:3f:6e:f5:3b:4e:9b:
62:8c:e8:06:0b:03:86:c0:67:43:50:de:b3:3b:c8:
e7:a5:14:d1:4f:48:41:2a:1e:87:8f:b1:da:e4:a5:
6b:a0:b1:bf:c6:0c:4a:44:60:e7:68:f4:e7:c5:12:
47:77:95:1b:45:ac:a4:22:a2:0b:2e:6f:a2:6f:c0:
70:0d:e0:c7:ca:f5:31:80:ec:4c:a4:66:0b:6c:d7:
5e:ba:e4:76:f1:96:ed:d3:12:b3:36:c1:68:48:fa:
e6:4c:8a:2a:aa:95:d8:46:7b:a8:1e:df:70:79:1b:
b9:6a:6d:00:89:ae:4d:89:c9:da:69:59:5c:e9:8a:
4f:a2:e0:4d:da:69:d1:b9:68:da:57:4a:30:bc:04:
e5:b3:d6:d0:f2:72:9a:73:1a:f3:20:a1:a7:9c:3a:
ce:eb:95:69:ee:8a:e5:56:45:1a:14:ca:c2:cf:18:
5b:da:7b:52:49:fb:4f:2f:0a:49:a9:54:97:a0:d2:
c1:73:83:44:de:00:81:e8:7d:6a:71:ee:e6:f2:54:
e0:ab:5d:85:64:7c:f2:44:46:df:49:b9:bb:67:a6:
9c:52:50:bc:05:32:33:3e:70:bf:ac:5d:20:7b:b7:
7f:f0:ff:d5:4b:cf:50:67:6e:84:01:5f:b2:7c:ce:
0b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:7C:EE:2E:08:89:88:EC:05:A6:B0:07:E8:E0:84:40:4E:90:19:B5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8nzuLgiJiOwFprAH6OCEQE6QGbU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.146.0/24
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:ea:fd:43:8c:71:7f:51:0e:f1:bc:ca:e7:5b:6f:0a:2e:fb:
e8:fe:67:ca:91:af:9e:35:42:82:c0:a2:bc:92:14:3a:0f:a4:
9b:11:b8:8f:62:63:0b:d0:49:93:7e:5e:c9:d6:bd:0a:0a:d3:
cd:b6:4c:e0:f1:d0:fe:75:4c:0b:c1:b0:47:55:4e:e6:5c:c7:
24:0b:58:11:b7:b7:ec:11:4f:01:67:4c:21:54:20:80:ab:1d:
27:21:9e:76:79:a7:f4:55:1a:cb:c6:a7:ce:27:2b:f9:57:62:
4d:f0:84:d8:80:9d:ab:0b:a8:ca:a1:da:c0:23:bd:1d:4c:01:
04:65:f9:1e:71:36:4b:52:c4:fd:0f:d8:3e:9d:09:c4:24:82:
b7:2d:59:8d:d8:d5:f1:c3:a3:69:1a:af:b0:0d:58:4c:eb:ed:
7f:05:9f:16:f1:8f:0e:a3:6d:d7:5f:0c:ef:5c:1e:a4:45:f1:
b9:37:d3:0b:ec:6b:c5:00:9b:54:b3:28:c0:d2:89:50:71:64:
1b:48:c1:25:f6:46:cf:12:66:13:00:7a:36:b6:45:62:3d:8a:
2a:e9:2f:8c:ed:1b:e6:e1:3f:c7:bb:59:1e:dc:db:68:04:41:
5f:eb:43:1c:2b:61:12:45:f5:48:89:90:b7:f3:17:1b:72:e8:
bc:5e:e3:7d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+5PNa3FCKHezLjdkjDRb35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI3MDg0ODQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjdjZWUyZTA4ODk4OGVjMDVhNmIwMDdlOGUwODQ0MDRlOTAxOWI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyG0ESMurX9o/bvU7TptijOgGCwOG
wGdDUN6zO8jnpRTRT0hBKh6Hj7Ha5KVroLG/xgxKRGDnaPTnxRJHd5UbRaykIqIL
Lm+ib8BwDeDHyvUxgOxMpGYLbNdeuuR28Zbt0xKzNsFoSPrmTIoqqpXYRnuoHt9w
eRu5am0Aia5NicnaaVlc6YpPouBN2mnRuWjaV0owvATls9bQ8nKacxrzIKGnnDrO
65Vp7orlVkUaFMrCzxhb2ntSSftPLwpJqVSXoNLBc4NE3gCB6H1qce7m8lTgq12F
ZHzyREbfSbm7Z6acUlC8BTIzPnC/rF0ge7d/8P/VS89QZ26EAV+yfM4LyQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPJ87i4IiYjsBaawB+jghEBOkBm1MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOG56dUxnaUppT3dGcHJBSDZPQ0VRRTZRR2JVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWSAwQA
bbD9MA0GCSqGSIb3DQEBCwUAA4IBAQBr6v1DjHF/UQ7xvMrnW28KLvvo/mfKka+e
NUKCwKK8khQ6D6SbEbiPYmML0EmTfl7J1r0KCtPNtkzg8dD+dUwLwbBHVU7mXMck
C1gRt7fsEU8BZ0whVCCAqx0nIZ52eaf0VRrLxqfOJyv5V2JN8ITYgJ2rC6jKodrA
I70dTAEEZfkecTZLUsT9D9g+nQnEJIK3LVmN2NXxw6NpGq+wDVhM6+1/BZ8W8Y8O
o23XXwzvXB6kRfG5N9ML7GvFAJtUsyjA0olQcWQbSMEl9kbPEmYTAHo2tkViPYoq
6S+M7Rvm4T/Hu1ke3NtoBEFf60McK2ESRfVIiZC38xcbcui8XuN9
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:40 2025 by rpki-client