Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FQfgxeQhFi2lVZ-rFFT5QDml_tA.roa
File: FQfgxeQhFi2lVZ-rFFT5QDml_tA.roa (raw, json)
Hash identifier: 89bdvvBcuv9BrGjg7hpube2+1cs/IZ+WYM+WcYPdZzc=
Subject key identifier: 15:07:E0:C5:E4:21:16:2D:A5:55:9F:AB:14:54:F9:40:39:A5:FE:D0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3495FE63FE72F8B6547B07E0D64406B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FQfgxeQhFi2lVZ-rFFT5QDml_tA.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210542
IP address blocks: 89.213.129.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 07:49:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5f:e6:3f:e7:2f:8b:65:47:b0:7e:0d:64:40:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1507e0c5e421162da5559fab1454f94039a5fed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:d7:59:63:8f:ce:9b:67:3a:e2:05:ee:a5:20:
92:38:09:83:b8:ec:88:a9:bf:16:5b:f6:33:42:15:
c5:05:05:f9:28:e1:16:c1:0c:78:68:18:49:d3:68:
af:cf:0c:26:88:c1:b0:b3:45:ba:bd:b3:e5:ff:ed:
54:63:3a:dd:42:7a:9f:32:c2:1e:33:97:b7:a0:2a:
44:fd:47:04:90:93:a9:c1:6b:5a:ed:25:52:b4:b4:
d9:fc:af:19:e5:46:f6:be:fc:af:2e:6d:96:05:84:
d1:fe:57:04:e4:06:fd:c1:b4:6f:ef:ea:9e:79:50:
7e:bb:3b:36:d8:48:16:42:84:d3:cc:0b:fb:19:fb:
f8:dd:33:b4:d3:84:24:cf:5a:04:ee:0a:8f:a9:25:
92:c8:dd:ab:09:0b:0c:35:84:09:c6:31:a6:b6:03:
ba:8c:ce:0d:02:eb:f3:ec:43:fa:cd:1e:65:77:e7:
ef:fc:7d:0e:33:51:0e:aa:bf:d6:a4:18:86:8a:12:
8c:70:c1:b0:1b:eb:66:e9:94:c2:81:24:f6:9a:ba:
bd:d2:33:86:3e:73:8b:17:4e:57:ed:f4:69:80:a6:
ed:17:23:8a:7f:06:c7:68:2a:25:f0:50:6d:51:f4:
07:16:75:06:cc:14:4e:a4:bc:82:07:08:27:2f:47:
41:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:07:E0:C5:E4:21:16:2D:A5:55:9F:AB:14:54:F9:40:39:A5:FE:D0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FQfgxeQhFi2lVZ-rFFT5QDml_tA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.129.0/24
Signature Algorithm: sha256WithRSAEncryption
93:6f:43:01:0c:1d:41:ba:3c:eb:41:4c:9c:68:5e:6c:69:60:
e2:b6:5b:e3:52:e7:49:0e:4f:6a:f3:2a:7a:4a:06:d6:9a:c8:
1f:8e:95:a8:e9:8c:e9:8a:83:d1:fe:f0:d6:6b:5d:35:93:32:
65:12:8b:76:12:fb:62:db:e2:d9:91:68:17:81:34:4d:ed:fe:
ca:b4:01:58:b7:e5:ae:4c:ec:51:27:fc:2f:43:23:f0:08:cb:
82:25:c4:de:22:44:a5:d2:b7:45:30:a1:21:dc:da:f3:0e:59:
da:bc:9a:03:6f:33:49:66:4f:d6:0e:f8:2a:25:d5:d1:07:85:
df:92:04:8a:9b:d6:43:5a:dd:3c:9b:c7:d8:86:ca:5e:4a:c8:
75:0e:37:16:ac:b3:10:17:ec:c8:3e:5b:82:45:ad:49:dd:db:
35:a1:f8:5a:39:82:e3:61:f6:b2:bb:e7:f0:1f:c1:54:ef:ae:
1d:5c:f0:2e:32:8c:5a:f9:46:e2:ac:32:3b:18:69:94:3b:fa:
8e:24:0f:ea:43:e6:13:b1:d1:1c:41:24:41:61:71:11:b7:5c:
b8:58:7f:e7:6f:c2:ef:00:ef:2a:13:b1:b1:b2:06:49:b2:76:
9d:4e:a2:07:00:ef:06:12:c8:b0:3b:4e:a4:be:99:94:55:ef:
51:28:d2:35
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSV/mP+cvi2VHsH4NZEBrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTA3ZTBjNWU0MjExNjJkYTU1NTlmYWIxNDU0Zjk0MDM5YTVmZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhtdZY4/Om2c64gXupSCSOAmDuOyI
qb8WW/YzQhXFBQX5KOEWwQx4aBhJ02ivzwwmiMGws0W6vbPl/+1UYzrdQnqfMsIe
M5e3oCpE/UcEkJOpwWta7SVStLTZ/K8Z5Ub2vvyvLm2WBYTR/lcE5Ab9wbRv7+qe
eVB+uzs22EgWQoTTzAv7Gfv43TO004Qkz1oE7gqPqSWSyN2rCQsMNYQJxjGmtgO6
jM4NAuvz7EP6zR5ld+fv/H0OM1EOqr/WpBiGihKMcMGwG+tm6ZTCgST2mrq90jOG
PnOLF05X7fRpgKbtFyOKfwbHaCol8FBtUfQHFnUGzBROpLyCBwgnL0dB2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUH4MXkIRYtpVWfqxRU+UA5pf7QMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRlFmZ3hlUWhGaTJsVlotckZGVDVRRG1sX3RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWBMA0G
CSqGSIb3DQEBCwUAA4IBAQCTb0MBDB1BujzrQUycaF5saWDitlvjUudJDk9q8yp6
SgbWmsgfjpWo6YzpioPR/vDWa101kzJlEot2Evti2+LZkWgXgTRN7f7KtAFYt+Wu
TOxRJ/wvQyPwCMuCJcTeIkSl0rdFMKEh3NrzDlnavJoDbzNJZk/WDvgqJdXRB4Xf
kgSKm9ZDWt08m8fYhspeSsh1DjcWrLMQF+zIPluCRa1J3ds1ofhaOYLjYfayu+fw
H8FU764dXPAuMoxa+UbirDI7GGmUO/qOJA/qQ+YTsdEcQSRBYXERt1y4WH/nb8Lv
AO8qE7GxsgZJsnadTqIHAO8GEsiwO06kvpmUVe9RKNI1
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:25 2025 by rpki-client