Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G4Zx-lRPxwA9u_grZf-Ek8iRw-0.roa
File: G4Zx-lRPxwA9u_grZf-Ek8iRw-0.roa (raw, json)
Hash identifier: GprOVSOb9j39tbl+gmHnqpRiPAA/6gQEpm6mL2hcgFQ=
Subject key identifier: 1B:86:71:FA:54:4F:C7:00:3D:BB:F8:2B:65:FF:84:93:C8:91:C3:ED
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193F3C0493B3DE180A964CC8B4A71754A79
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G4Zx-lRPxwA9u_grZf-Ek8iRw-0.roa
Signing time: Mon 23 Dec 2024 13:41:25 +0000
ROA not before: Mon 23 Dec 2024 13:41:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58289
IP address blocks: 89.213.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:f3:c0:49:3b:3d:e1:80:a9:64:cc:8b:4a:71:75:4a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 23 13:41:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1b8671fa544fc7003dbbf82b65ff8493c891c3ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:5c:d5:91:ba:28:a0:1e:68:98:b7:ed:cc:ea:
70:d0:01:1a:ac:58:34:4e:69:5d:2c:af:9b:fa:46:
66:aa:f7:d9:82:17:10:16:1c:8e:f8:eb:1c:a5:3e:
50:f0:ec:7e:5f:81:e9:fa:ad:6f:f7:b0:bb:49:f4:
1f:2f:00:d5:bd:8b:5c:4e:96:7a:8b:09:69:43:b5:
af:f1:22:f1:94:30:ad:af:61:24:b0:6e:cc:4f:dc:
43:bb:8f:02:f6:ff:b5:80:14:cd:7d:80:1a:e3:3f:
83:79:4c:db:7a:a8:f9:2d:80:f0:35:34:eb:76:9a:
71:db:41:02:e2:d5:a3:dd:96:d0:11:ab:e9:3c:80:
e2:d6:61:29:aa:c8:3f:25:e8:68:d2:e7:ff:5c:6e:
36:4f:e8:9b:8c:77:4c:e4:95:d1:64:d0:19:99:68:
cc:45:8d:92:c1:3e:5d:20:de:d2:98:84:00:82:dc:
53:c1:27:91:fd:fd:f7:f3:cd:91:b6:97:ed:ae:e6:
8b:bd:9c:d6:3f:0b:00:9d:0c:de:1e:be:45:f9:ef:
5f:3b:34:3c:01:11:c4:e7:39:a5:e3:ac:74:d1:12:
95:9c:dc:40:21:ff:69:b3:1f:2f:29:ad:4e:12:8f:
37:ba:7e:c9:a5:69:c4:fe:e6:95:10:53:7e:fd:c4:
f2:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:86:71:FA:54:4F:C7:00:3D:BB:F8:2B:65:FF:84:93:C8:91:C3:ED
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G4Zx-lRPxwA9u_grZf-Ek8iRw-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.196.0/24
Signature Algorithm: sha256WithRSAEncryption
04:1f:3f:e5:eb:dd:ad:e3:ab:8c:07:58:99:a3:92:42:24:89:
1a:f5:be:d0:6b:4f:1a:33:bf:08:d9:a4:de:69:ab:3b:af:27:
58:02:56:d3:14:8b:0c:fc:15:86:0a:5e:71:c6:35:9f:56:07:
a0:fc:38:e5:c5:93:a4:89:87:32:0d:f2:e2:27:79:43:82:0d:
67:82:bc:60:84:b8:5c:38:c8:41:f9:b7:69:3e:5c:5d:99:44:
67:18:34:fd:2d:2d:be:21:21:e5:60:74:1a:05:4d:6d:71:e0:
0a:23:fd:5e:d7:71:cb:36:01:a7:fd:c0:c3:57:61:49:ee:39:
d2:b5:f9:78:7a:be:e8:c9:a7:07:76:2e:c2:4f:8e:f2:d5:e1:
87:c0:3f:8a:53:30:e7:cf:10:57:43:1c:ad:d9:43:df:97:00:
97:8c:ac:55:af:47:79:9c:49:52:d8:b8:82:6c:60:83:35:d2:
45:07:a2:5e:e0:b1:37:7b:d3:8b:f6:01:bc:b6:97:14:e2:c7:
af:3e:b9:3a:58:e1:2d:ad:77:95:ef:45:b4:e3:72:b2:b8:a8:
aa:87:73:e1:9d:d2:dd:33:f1:8f:8f:b2:b9:c3:27:b2:f3:e0:
96:91:d3:7d:35:9f:9b:d3:8c:1a:df:db:72:97:07:eb:68:b7:
32:60:f7:a8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZPzwEk7PeGAqWTMi0pxdUp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjIzMTM0MTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjg2NzFmYTU0NGZjNzAwM2RiYmY4MmI2NWZmODQ5M2M4OTFjM2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVzVkboooB5omLftzOpw0AEarFg0
TmldLK+b+kZmqvfZghcQFhyO+OscpT5Q8Ox+X4Hp+q1v97C7SfQfLwDVvYtcTpZ6
iwlpQ7Wv8SLxlDCtr2EksG7MT9xDu48C9v+1gBTNfYAa4z+DeUzbeqj5LYDwNTTr
dppx20EC4tWj3ZbQEavpPIDi1mEpqsg/Jeho0uf/XG42T+ibjHdM5JXRZNAZmWjM
RY2SwT5dIN7SmIQAgtxTwSeR/f33882RtpftruaLvZzWPwsAnQzeHr5F+e9fOzQ8
ARHE5zml46x00RKVnNxAIf9psx8vKa1OEo83un7JpWnE/uaVEFN+/cTyJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBuGcfpUT8cAPbv4K2X/hJPIkcPtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRzRaeC1sUlB4d0E5dV9nclpmLUVrOGlSdy0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdXEMA0G
CSqGSIb3DQEBCwUAA4IBAQAEHz/l692t46uMB1iZo5JCJIka9b7Qa08aM78I2aTe
aas7rydYAlbTFIsM/BWGCl5xxjWfVgeg/DjlxZOkiYcyDfLiJ3lDgg1ngrxghLhc
OMhB+bdpPlxdmURnGDT9LS2+ISHlYHQaBU1tceAKI/1e13HLNgGn/cDDV2FJ7jnS
tfl4er7oyacHdi7CT47y1eGHwD+KUzDnzxBXQxyt2UPflwCXjKxVr0d5nElS2LiC
bGCDNdJFB6Je4LE3e9OL9gG8tpcU4sevPrk6WOEtrXeV70W043KyuKiqh3PhndLd
M/GPj7K5wyey8+CWkdN9NZ+b04wa39tylwfraLcyYPeo
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:34 2025 by rpki-client