Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa
File: CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa (raw, json)
Hash identifier: jbjbIcCCEpX9mN7HEvYgFYN5lrPtTWGmPDyUUtQfT10=
Subject key identifier: 0A:95:D0:49:C9:44:C8:7C:74:D3:37:B8:5A:C8:DC:42:65:82:67:F6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC349557AC510DC55ACB1A36F657172F8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa
Signing time: Mon 01 Jan 2024 04:30:12 +0000
ROA not before: Mon 01 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60504
IP address blocks: 89.213.0.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 03 Apr 2024 07:29:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:55:7a:c5:10:dc:55:ac:b1:a3:6f:65:71:72:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a95d049c944c87c74d337b85ac8dc42658267f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:bc:45:fc:1c:ea:71:a7:82:33:84:99:2e:7a:
b8:87:f2:0b:e7:bc:cd:0f:35:1f:44:4a:36:e8:79:
54:29:97:78:7e:47:d6:1e:30:cd:ca:f9:18:cc:2a:
ab:24:af:8d:58:83:f3:50:d0:4d:05:fc:4e:10:c6:
6f:dc:6d:f8:42:b8:ae:fb:d4:cd:ed:db:80:3a:41:
5e:07:fa:4b:ae:e1:14:54:4d:d9:22:1b:a9:0e:4c:
03:cd:06:18:6a:4a:b4:f3:fd:4b:8e:f8:ba:c1:bc:
2a:10:29:98:b8:98:81:d1:1d:ed:51:7a:5a:40:36:
f2:a1:62:59:3e:cb:a2:55:a3:65:32:80:5e:b1:b5:
6e:35:83:ed:9d:95:e4:da:45:79:48:68:0d:28:e8:
00:48:e0:a9:98:94:ad:b8:36:46:51:d7:0e:7a:05:
86:3b:bd:16:65:48:34:98:d8:11:eb:af:bf:c3:32:
14:ff:40:4f:33:b3:c2:86:78:29:db:9e:b8:bc:7c:
c1:52:72:87:17:5d:08:f9:84:db:55:4f:93:75:20:
63:41:c0:d1:b5:23:22:99:5a:65:51:ab:24:04:ad:
ce:34:ae:b5:c2:53:e0:4c:f2:2f:30:4b:22:3e:8e:
d2:be:fa:b3:09:dd:45:79:b1:8d:d8:96:51:33:79:
53:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:95:D0:49:C9:44:C8:7C:74:D3:37:B8:5A:C8:DC:42:65:82:67:F6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CpXQSclEyHx00ze4WsjcQmWCZ_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:7b:d0:74:51:80:53:c9:a2:59:18:6c:20:98:61:bb:ab:5d:
f4:31:3e:d1:b2:5e:de:46:64:ba:03:5f:ce:69:74:e2:39:c5:
18:55:9e:0a:3a:ed:c8:de:a0:b7:3b:dc:52:d7:1d:0f:4e:f1:
37:9f:7a:0c:5e:d5:9e:82:57:18:e8:7a:fa:e3:b4:92:be:36:
4f:90:41:df:5c:f6:51:2c:f6:ff:da:00:21:eb:6d:41:2a:33:
67:78:f4:5b:80:13:85:20:7f:0b:89:46:7c:c9:d7:8a:e1:6b:
09:ae:65:1e:ca:1c:ab:7e:a1:69:df:0e:c4:cb:45:4b:b6:a5:
21:96:8c:df:c7:65:f8:9d:e2:36:e2:0c:17:b3:9d:c9:46:f0:
59:44:d8:fb:a1:e9:82:be:0a:b1:c7:bd:21:d8:03:07:75:8f:
58:0e:f4:09:cf:70:da:ea:2f:36:85:74:08:a9:5a:88:fc:02:
1c:47:4f:69:13:64:35:69:18:55:77:38:51:fd:aa:75:ec:f7:
a8:a0:8b:cb:6b:85:8c:28:0c:02:70:21:19:83:49:50:d1:b4:
18:a4:1c:0f:63:d7:f7:e3:d2:1c:43:3e:8a:5f:93:8c:c5:9b:
88:02:65:3a:4c:54:53:da:0d:ea:1d:0c:f7:9d:c4:90:88:10:
3e:15:90:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVV6xRDcVayxo29lcXL4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTk1ZDA0OWM5NDRjODdjNzRkMzM3Yjg1YWM4ZGM0MjY1ODI2N2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAurxF/BzqcaeCM4SZLnq4h/IL57zN
DzUfREo26HlUKZd4fkfWHjDNyvkYzCqrJK+NWIPzUNBNBfxOEMZv3G34Qriu+9TN
7duAOkFeB/pLruEUVE3ZIhupDkwDzQYYakq08/1Ljvi6wbwqECmYuJiB0R3tUXpa
QDbyoWJZPsuiVaNlMoBesbVuNYPtnZXk2kV5SGgNKOgASOCpmJStuDZGUdcOegWG
O70WZUg0mNgR66+/wzIU/0BPM7PChngp2564vHzBUnKHF10I+YTbVU+TdSBjQcDR
tSMimVplUaskBK3ONK61wlPgTPIvMEsiPo7SvvqzCd1FebGN2JZRM3lTLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAqV0EnJRMh8dNM3uFrI3EJlgmf2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ3BYUVNjbEV5SHgwMHplNFdzamNRbVdDWl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWdUAMA0G
CSqGSIb3DQEBCwUAA4IBAQA6e9B0UYBTyaJZGGwgmGG7q130MT7Rsl7eRmS6A1/O
aXTiOcUYVZ4KOu3I3qC3O9xS1x0PTvE3n3oMXtWeglcY6Hr647SSvjZPkEHfXPZR
LPb/2gAh621BKjNnePRbgBOFIH8LiUZ8ydeK4WsJrmUeyhyrfqFp3w7Ey0VLtqUh
lozfx2X4neI24gwXs53JRvBZRNj7oemCvgqxx70h2AMHdY9YDvQJz3Da6i82hXQI
qVqI/AIcR09pE2Q1aRhVdzhR/ap17PeooIvLa4WMKAwCcCEZg0lQ0bQYpBwPY9f3
49IcQz6KX5OMxZuIAmU6TFRT2g3qHQz3ncSQiBA+FZDW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:06 2025 by rpki-client