Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AFT8a9UWefr3gp3mV9DGnZrhpsg.roa
File: AFT8a9UWefr3gp3mV9DGnZrhpsg.roa (raw, json)
Hash identifier: uWl6bPgE2A13Wgt7SXGY3uQ7wPFig6cX3lvZ+d93+2g=
Subject key identifier: 00:54:FC:6B:D5:16:79:FA:F7:82:9D:E6:57:D0:C6:9D:9A:E1:A6:C8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3494E8F836E38162D9BAACB221D1507
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AFT8a9UWefr3gp3mV9DGnZrhpsg.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 89.213.173.0/24 maxlen: 24
89.213.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 10:19:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4e:8f:83:6e:38:16:2d:9b:aa:cb:22:1d:15:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0054fc6bd51679faf7829de657d0c69d9ae1a6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c9:7e:4f:29:b9:72:69:c2:01:ad:b8:15:10:
fd:7b:b7:f5:e7:7c:1f:1e:12:09:55:4b:ee:61:97:
0c:00:3e:f4:bf:39:a0:ce:2c:a9:c6:8f:c5:ab:f0:
c1:fa:d6:38:b8:d7:d7:72:c9:f0:ac:7b:15:d4:9e:
2e:86:f4:02:43:19:3c:8a:19:74:4e:75:5a:18:3e:
9d:ec:71:b7:ea:82:8c:d5:57:64:15:40:86:a9:d3:
ad:76:4d:22:b2:11:f0:c4:da:f1:40:ff:4e:c4:c5:
37:b4:f9:c5:76:ae:6e:df:ba:4b:a3:d9:fc:44:49:
46:49:57:5f:fd:84:6c:61:ef:47:7d:64:5d:b1:19:
9f:bc:2c:68:26:16:1c:77:fe:4d:e6:18:b3:b2:c4:
34:d7:a7:b3:64:54:0f:b7:77:41:c9:aa:ce:c0:30:
0c:13:0d:f5:a3:2d:b2:c6:08:e4:21:be:d2:50:c4:
91:30:17:37:ad:81:6b:0b:cf:fa:a7:85:48:da:d7:
b9:23:f6:ed:fe:d6:b0:74:c6:09:15:be:a8:89:22:
a5:d3:e4:26:a8:07:21:05:76:bb:7f:b9:be:92:91:
b5:ef:79:20:ca:76:35:93:e7:fb:42:7b:a0:36:62:
3d:ab:b2:c5:0c:63:b7:ea:06:e0:07:eb:64:1f:71:
2a:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:54:FC:6B:D5:16:79:FA:F7:82:9D:E6:57:D0:C6:9D:9A:E1:A6:C8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/AFT8a9UWefr3gp3mV9DGnZrhpsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.172.0/23
Signature Algorithm: sha256WithRSAEncryption
29:ef:24:27:c0:be:9a:a1:9d:8a:3b:65:7d:48:4f:a9:7a:4e:
87:a8:ae:7a:a7:e4:85:bd:24:00:f4:68:3b:70:5f:10:60:2d:
39:ad:ea:76:28:41:e8:eb:27:b7:d3:fe:cb:40:b3:f9:95:1b:
43:15:3b:1f:49:d3:d2:7d:ba:bd:00:65:f0:3b:78:b7:e9:26:
52:fb:fd:b4:c4:ce:9f:33:3e:fc:f6:3a:5f:8f:96:74:6f:b0:
7c:d7:db:e0:27:fe:ab:c1:14:a8:dc:5a:b9:bf:34:97:0e:2c:
5b:b8:1f:48:1e:6e:a5:26:b2:97:f3:fb:c6:b3:be:14:e2:e0:
ac:35:1f:4c:0a:73:03:0a:db:00:4d:fb:1e:33:62:00:ea:22:
4e:35:3d:ee:22:c9:33:91:74:9f:45:4c:bd:dc:93:41:22:0d:
5a:8a:aa:10:b8:72:ea:52:c2:fc:79:b0:5c:76:ae:64:44:1a:
36:67:6c:ea:3b:52:24:84:13:0a:1f:8b:54:06:2b:8c:c6:11:
4d:e6:21:f3:b0:f5:fe:d5:5e:0a:87:52:75:e8:cd:5a:62:77:
e7:eb:e3:9f:75:dd:25:ee:0e:0a:14:4e:55:32:8a:8d:ab:47:
7a:89:78:de:50:66:fd:82:19:7b:72:79:de:56:26:e4:af:6a:
d2:b7:1b:75
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSU6Pg244Fi2bqssiHRUHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU0ZmM2YmQ1MTY3OWZhZjc4MjlkZTY1N2QwYzY5ZDlhZTFhNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMl+Tym5cmnCAa24FRD9e7f153wf
HhIJVUvuYZcMAD70vzmgziypxo/Fq/DB+tY4uNfXcsnwrHsV1J4uhvQCQxk8ihl0
TnVaGD6d7HG36oKM1VdkFUCGqdOtdk0ishHwxNrxQP9OxMU3tPnFdq5u37pLo9n8
RElGSVdf/YRsYe9HfWRdsRmfvCxoJhYcd/5N5hizssQ016ezZFQPt3dByarOwDAM
Ew31oy2yxgjkIb7SUMSRMBc3rYFrC8/6p4VI2te5I/bt/tawdMYJFb6oiSKl0+Qm
qAchBXa7f7m+kpG173kgynY1k+f7QnugNmI9q7LFDGO36gbgB+tkH3EqQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFABU/GvVFnn694Kd5lfQxp2a4abIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQUZUOGE5VVdlZnIzZ3AzbVY5REduWnJocHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWdWsMA0G
CSqGSIb3DQEBCwUAA4IBAQAp7yQnwL6aoZ2KO2V9SE+pek6HqK56p+SFvSQA9Gg7
cF8QYC05rep2KEHo6ye30/7LQLP5lRtDFTsfSdPSfbq9AGXwO3i36SZS+/20xM6f
Mz789jpfj5Z0b7B819vgJ/6rwRSo3Fq5vzSXDixbuB9IHm6lJrKX8/vGs74U4uCs
NR9MCnMDCtsATfseM2IA6iJONT3uIskzkXSfRUy93JNBIg1aiqoQuHLqUsL8ebBc
dq5kRBo2Z2zqO1IkhBMKH4tUBiuMxhFN5iHzsPX+1V4Kh1J16M1aYnfn6+Ofdd0l
7g4KFE5VMoqNq0d6iXjeUGb9ghl7cnneVibkr2rStxt1
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:34:57 2025 by rpki-client