Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C9ss9v5Y3KP3a8JLlHiH4psb1cw.roa
File: C9ss9v5Y3KP3a8JLlHiH4psb1cw.roa (raw, json)
Hash identifier: pGn/OgAZAzyzzs60VF4EIqM2iaKIj6KRMWznyX4zVjg=
Subject key identifier: 0B:DB:2C:F6:FE:58:DC:A3:F7:6B:C2:4B:94:78:87:E2:9B:1B:D5:CC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC34966DFB5DC2F86B349D25F4EF35698
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C9ss9v5Y3KP3a8JLlHiH4psb1cw.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 265919
IP address blocks: 89.213.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jul 2024 19:45:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:66:df:b5:dc:2f:86:b3:49:d2:5f:4e:f3:56:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bdb2cf6fe58dca3f76bc24b947887e29b1bd5cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:d7:f4:2b:47:65:26:68:a7:0d:c4:7c:79:9d:
68:37:ee:29:f8:52:cf:73:55:d2:ce:a2:2a:b1:a2:
61:de:db:dc:73:ae:85:57:5d:ad:f0:3c:d5:a6:8b:
41:db:bc:40:00:56:b0:da:c6:15:4e:4f:df:ba:7d:
32:86:3f:da:dc:a5:1a:0a:5c:68:fc:49:8a:ac:07:
c7:62:55:7c:2f:36:68:36:72:a1:c0:40:f9:b3:48:
71:da:bd:4f:89:47:61:89:0f:79:29:7c:13:1c:d6:
ed:b7:ea:45:ea:d9:05:bf:35:b4:60:10:99:29:9d:
b1:c8:6e:06:1a:5a:3e:71:7c:49:bb:3e:66:01:bc:
5e:34:c0:0b:85:a6:76:97:3d:b4:e3:43:8d:54:20:
59:35:dc:8d:a1:e7:f8:fb:1e:72:3c:91:ae:37:1a:
db:84:73:80:aa:cc:71:41:48:37:fb:ac:e9:1c:79:
0e:69:df:2d:9b:71:81:99:a9:32:06:f8:78:88:25:
1d:1c:16:bf:03:e4:7c:99:33:09:38:82:47:6e:44:
fc:85:2a:dd:fa:11:d3:ad:26:c4:c1:53:3d:47:a4:
22:94:80:4e:3d:ce:cb:3b:12:68:67:37:60:f3:fe:
21:4f:24:b5:80:aa:8f:04:e2:ee:e1:96:b0:86:2d:
95:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:DB:2C:F6:FE:58:DC:A3:F7:6B:C2:4B:94:78:87:E2:9B:1B:D5:CC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/C9ss9v5Y3KP3a8JLlHiH4psb1cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.5.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:ac:36:07:83:de:0b:bc:5c:8f:1f:aa:f4:00:a6:b4:1c:ef:
ed:a2:44:fc:57:1d:ea:13:be:82:d7:78:bd:ce:5c:02:9d:be:
f3:23:b2:40:6f:67:45:41:a5:35:36:ac:35:81:e0:68:bd:56:
d6:42:a8:d9:c3:f2:b9:09:7d:1a:32:86:9f:5f:95:13:5a:58:
3c:1a:bb:13:d2:81:5b:e5:41:5e:e5:d2:db:23:89:46:33:0a:
75:e4:c3:0d:d1:6c:b4:04:f4:d2:5c:16:b4:ce:c6:42:61:dd:
e5:7a:bd:33:a3:2e:83:6b:4b:91:2c:e6:d0:40:7a:5b:be:37:
10:ae:ef:24:cc:aa:0e:ce:20:64:6a:c8:cb:8e:64:b6:f0:a9:
c6:7c:db:9d:b1:f0:c8:3e:b1:06:70:68:9a:34:2e:eb:03:1d:
1a:be:a8:f5:d7:ec:3d:1d:f4:5b:85:e7:4f:ca:75:88:9d:e1:
0f:ec:e2:23:48:c4:c6:5b:a0:7d:8a:1b:cd:88:35:fa:f3:29:
1f:62:6c:c2:7f:4b:45:9a:8b:f6:83:2a:f2:17:25:97:16:2e:
3e:44:24:6b:9d:96:e6:5e:aa:86:a0:aa:b3:93:92:03:1d:ef:
f5:79:e5:5a:00:45:5a:3c:7f:8a:d8:24:3e:bd:05:7a:13:15:
ed:07:d6:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWbftdwvhrNJ0l9O81aYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmRiMmNmNmZlNThkY2EzZjc2YmMyNGI5NDc4ODdlMjliMWJkNWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoNf0K0dlJminDcR8eZ1oN+4p+FLP
c1XSzqIqsaJh3tvcc66FV12t8DzVpotB27xAAFaw2sYVTk/fun0yhj/a3KUaClxo
/EmKrAfHYlV8LzZoNnKhwED5s0hx2r1PiUdhiQ95KXwTHNbtt+pF6tkFvzW0YBCZ
KZ2xyG4GGlo+cXxJuz5mAbxeNMALhaZ2lz2040ONVCBZNdyNoef4+x5yPJGuNxrb
hHOAqsxxQUg3+6zpHHkOad8tm3GBmakyBvh4iCUdHBa/A+R8mTMJOIJHbkT8hSrd
+hHTrSbEwVM9R6QilIBOPc7LOxJoZzdg8/4hTyS1gKqPBOLu4Zawhi2VSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAvbLPb+WNyj92vCS5R4h+KbG9XMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQzlzczl2NVkzS1AzYThKTGxIaUg0cHNiMWN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdUFMA0G
CSqGSIb3DQEBCwUAA4IBAQChrDYHg94LvFyPH6r0AKa0HO/tokT8Vx3qE76C13i9
zlwCnb7zI7JAb2dFQaU1Nqw1geBovVbWQqjZw/K5CX0aMoafX5UTWlg8GrsT0oFb
5UFe5dLbI4lGMwp15MMN0Wy0BPTSXBa0zsZCYd3ler0zoy6Da0uRLObQQHpbvjcQ
ru8kzKoOziBkasjLjmS28KnGfNudsfDIPrEGcGiaNC7rAx0avqj11+w9HfRbhedP
ynWIneEP7OIjSMTGW6B9ihvNiDX68ykfYmzCf0tFmov2gyryFyWXFi4+RCRrnZbm
XqqGoKqzk5IDHe/1eeVaAEVaPH+K2CQ+vQV6ExXtB9Z5
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:43 2025 by rpki-client