Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E2LHQHtQZqSZ5kL8kdXhewCp4_Y.roa
File: E2LHQHtQZqSZ5kL8kdXhewCp4_Y.roa (raw, json)
Hash identifier: 5kjV/jNbIcsTztqziOX0LvweCGKGP1aabZTUmdAz0m4=
Subject key identifier: 13:62:C7:40:7B:50:66:A4:99:E6:42:FC:91:D5:E1:7B:00:A9:E3:F6
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906373E8FE3DDD13C4206D893A876BE44A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E2LHQHtQZqSZ5kL8kdXhewCp4_Y.roa
Signing time: Sat 29 Jun 2024 10:04:18 +0000
ROA not before: Sat 29 Jun 2024 10:04:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51847
IP address blocks: 89.213.49.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 16:11:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:63:73:e8:fe:3d:dd:13:c4:20:6d:89:3a:87:6b:e4:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 29 10:04:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1362c7407b5066a499e642fc91d5e17b00a9e3f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:3d:c6:9f:7d:56:aa:1e:5e:af:33:14:d0:7c:
b1:a9:0d:9f:ed:fb:26:9a:ca:c0:5d:d5:1d:84:79:
19:d2:fa:77:5f:eb:37:51:f1:01:4d:f5:f8:2e:80:
50:ba:58:c7:2a:f7:9b:37:69:fe:8d:df:21:7c:30:
1f:64:d2:c7:b7:69:d5:d8:07:23:88:e4:75:87:6f:
a0:39:f1:51:68:8b:a4:fa:c6:34:3e:10:ae:45:eb:
5c:17:52:55:62:41:9f:a7:24:60:27:2f:85:b9:42:
61:eb:5f:93:35:98:44:57:8e:58:07:0f:d6:09:82:
15:d3:4c:4a:54:7b:cc:21:4f:10:25:e6:aa:62:4a:
97:92:06:e7:14:64:b0:b8:e3:e7:91:e6:d2:8c:0c:
7d:ae:d1:af:6e:d5:ef:89:43:37:4d:55:1f:1c:2f:
7d:d9:1b:9a:33:a0:7f:29:fe:20:7e:39:aa:ce:f0:
ca:a7:9b:1f:84:f8:a8:e4:51:b5:c4:f1:32:ec:8c:
b3:17:a1:41:c5:d1:f7:92:4f:d4:a7:73:5e:7d:c0:
a8:04:01:40:c4:e2:79:bf:32:03:e0:5c:17:9c:c1:
f0:85:fa:9e:be:c6:14:d6:fa:21:4f:c7:f8:58:8c:
50:2f:d5:e0:7a:42:8b:9d:99:1b:a1:e6:27:6a:e5:
73:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:62:C7:40:7B:50:66:A4:99:E6:42:FC:91:D5:E1:7B:00:A9:E3:F6
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/E2LHQHtQZqSZ5kL8kdXhewCp4_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.49.0/24
89.213.123.0/24
89.213.129.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:57:5d:a7:f2:8c:b8:83:1d:3f:51:db:6d:2c:6b:de:88:b9:
85:34:28:18:c8:43:f8:1f:62:57:8d:0b:ab:bd:ee:77:de:c6:
49:09:f1:3d:75:ac:5e:78:71:04:94:62:b4:47:35:52:3c:56:
36:00:57:14:e7:3a:46:d9:f7:f2:b6:0e:5b:07:9b:f9:f6:1e:
fe:0e:eb:f2:7f:5a:b3:08:6b:e0:67:77:b3:60:21:d7:78:7d:
67:73:10:ea:f7:c4:8d:d3:2e:04:48:b5:05:5d:27:c8:05:aa:
9b:fb:b0:0b:e3:fb:93:f4:29:24:b7:fa:2d:57:3c:1c:48:f2:
91:fd:0d:55:df:3d:b4:48:50:00:fb:16:d8:55:62:f0:59:9a:
68:bd:e4:65:24:85:74:53:4b:1a:b4:74:48:9e:43:11:79:a5:
14:8e:e0:e6:41:e5:d3:dc:05:af:21:5d:21:c0:39:38:ab:ef:
ca:cc:0d:54:dc:33:94:fa:5a:17:04:9b:5f:99:9f:8b:6f:05:
56:eb:5b:1c:01:ce:bc:0c:ee:c4:22:b8:4d:56:fc:bd:0c:bb:
9a:23:8e:75:96:5c:3d:5d:58:89:f9:19:44:6e:54:5f:3d:e3:
1d:b0:e6:c4:3f:ae:0a:2f:27:02:13:5a:ec:03:4a:ab:81:49:
04:79:43:2c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZBjc+j+Pd0TxCBtiTqHa+RKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjI5MTAwNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzYyYzc0MDdiNTA2NmE0OTllNjQyZmM5MWQ1ZTE3YjAwYTllM2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7j3Gn31Wqh5erzMU0HyxqQ2f7fsm
msrAXdUdhHkZ0vp3X+s3UfEBTfX4LoBQuljHKvebN2n+jd8hfDAfZNLHt2nV2Acj
iOR1h2+gOfFRaIuk+sY0PhCuRetcF1JVYkGfpyRgJy+FuUJh61+TNZhEV45YBw/W
CYIV00xKVHvMIU8QJeaqYkqXkgbnFGSwuOPnkebSjAx9rtGvbtXviUM3TVUfHC99
2RuaM6B/Kf4gfjmqzvDKp5sfhPio5FG1xPEy7IyzF6FBxdH3kk/Up3NefcCoBAFA
xOJ5vzID4FwXnMHwhfqevsYU1vohT8f4WIxQL9XgekKLnZkboeYnauVz6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBNix0B7UGakmeZC/JHV4XsAqeP2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRTJMSFFIdFFacVNaNWtMOGtkWGhld0NwNF9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdUxAwQA
WdV7AwQAWdWBMA0GCSqGSIb3DQEBCwUAA4IBAQArV12n8oy4gx0/UdttLGveiLmF
NCgYyEP4H2JXjQurve533sZJCfE9daxeeHEElGK0RzVSPFY2AFcU5zpG2ffytg5b
B5v59h7+Duvyf1qzCGvgZ3ezYCHXeH1ncxDq98SN0y4ESLUFXSfIBaqb+7AL4/uT
9Ckkt/otVzwcSPKR/Q1V3z20SFAA+xbYVWLwWZpoveRlJIV0U0satHRInkMReaUU
juDmQeXT3AWvIV0hwDk4q+/KzA1U3DOU+loXBJtfmZ+LbwVW61scAc68DO7EIrhN
Vvy9DLuaI451llw9XViJ+RlEblRfPeMdsObEP64KLycCE1rsA0qrgUkEeUMs
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:03:39 2025 by rpki-client