Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G9HWi7153Om2ufGIqCMxZLb3tok.roa
File: G9HWi7153Om2ufGIqCMxZLb3tok.roa (raw, json)
Hash identifier: CwwgWFI0B2e12ufJjstkMcxphJVbALsj7hlmAaKG9G8=
Subject key identifier: 1B:D1:D6:8B:BD:79:DC:E9:B6:B9:F1:88:A8:23:31:64:B6:F7:B6:89
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191E70E2300A524BC1232ACB22B3A458595
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G9HWi7153Om2ufGIqCMxZLb3tok.roa
Signing time: Thu 12 Sep 2024 16:25:48 +0000
ROA not before: Thu 12 Sep 2024 16:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31898
IP address blocks: 89.213.249.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 01 Nov 2024 15:08:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e7:0e:23:00:a5:24:bc:12:32:ac:b2:2b:3a:45:85:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 12 16:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bd1d68bbd79dce9b6b9f188a8233164b6f7b689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3e:27:bf:a6:6f:cc:2e:6e:f9:5a:33:1c:2e:
fd:bd:3c:85:70:9e:24:a4:28:7d:2e:52:bc:fa:50:
f8:8d:52:85:43:d8:42:df:5f:ac:fc:56:25:7c:e8:
49:bd:6a:ce:e4:39:95:00:6c:2b:1b:ad:9e:6e:70:
a7:8d:8f:64:3d:11:1d:8f:17:fa:ee:26:31:4d:31:
88:01:9e:33:ec:da:89:46:70:0c:a8:ec:2b:f9:96:
1b:e7:5d:fe:ad:01:12:ba:78:c0:5c:9e:90:a7:9f:
78:bc:ed:26:12:ad:31:c6:1c:8b:3b:ca:a1:28:27:
80:71:80:6e:17:44:32:d8:cc:e2:a6:00:f4:8a:10:
25:2c:f0:c3:a7:8d:96:0b:e8:26:6f:04:1b:b2:7b:
c1:8e:bc:56:31:d4:b9:cd:b7:76:5f:60:4d:1f:7e:
55:8d:ca:06:1f:94:33:de:98:fe:52:b8:b7:a1:8d:
db:aa:03:bf:09:0b:ff:82:6d:ae:6c:1f:5d:c3:df:
eb:fb:d1:51:43:df:db:bf:a0:62:86:ea:df:c3:98:
db:f5:19:30:35:1e:50:b1:21:e9:68:dc:7b:2c:85:
f3:67:08:2b:45:25:77:62:7c:4f:32:6b:7e:06:60:
65:d5:08:cd:ff:ae:16:5d:6b:6b:e9:d2:3b:cb:d6:
3d:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:D1:D6:8B:BD:79:DC:E9:B6:B9:F1:88:A8:23:31:64:B6:F7:B6:89
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/G9HWi7153Om2ufGIqCMxZLb3tok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:c0:20:2b:8c:9f:6e:f9:a6:06:e6:95:66:b8:70:5b:c8:88:
d5:d6:7d:78:ae:2e:c9:9a:fa:84:13:a1:61:44:e2:9e:3f:3e:
71:bc:42:68:61:ef:a7:d7:94:4e:49:53:77:30:a6:aa:aa:9e:
d7:88:03:7c:8b:5c:53:d4:80:43:16:51:a7:05:99:e7:4c:3b:
75:95:38:66:60:75:81:f5:4a:a0:72:20:4a:37:34:76:e3:27:
1d:ed:42:52:2e:71:ad:d8:e5:0f:71:1f:00:1f:b8:36:47:19:
9e:a2:b9:6b:88:ef:99:db:21:2c:e9:b3:7a:53:fa:de:dc:ff:
e6:3a:30:46:5f:2b:9a:b6:97:90:0f:cf:24:f0:60:ef:aa:07:
4c:c2:b6:d1:3c:31:89:f8:0c:d4:72:3a:c0:83:cd:90:e4:2e:
7a:81:b9:52:7a:e8:f0:cb:a5:5d:59:39:65:01:56:18:70:c5:
7a:a9:d5:78:e5:7c:8f:aa:d4:0e:bf:6f:14:f9:8d:0f:7b:36:
26:57:e1:46:15:c3:d7:03:61:ef:28:89:66:2d:ab:9d:ea:c8:
82:31:91:44:16:b6:31:f7:4b:a4:7b:76:1e:71:27:60:e0:50:
dd:de:39:c6:a7:51:03:c6:1d:e6:7a:00:43:88:40:c3:d0:f7:
a5:33:6a:8d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHnDiMApSS8EjKssis6RYWVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTEyMTYyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmQxZDY4YmJkNzlkY2U5YjZiOWYxODhhODIzMzE2NGI2ZjdiNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyT4nv6ZvzC5u+VozHC79vTyFcJ4k
pCh9LlK8+lD4jVKFQ9hC31+s/FYlfOhJvWrO5DmVAGwrG62ebnCnjY9kPREdjxf6
7iYxTTGIAZ4z7NqJRnAMqOwr+ZYb513+rQESunjAXJ6Qp594vO0mEq0xxhyLO8qh
KCeAcYBuF0Qy2MzipgD0ihAlLPDDp42WC+gmbwQbsnvBjrxWMdS5zbd2X2BNH35V
jcoGH5Qz3pj+Uri3oY3bqgO/CQv/gm2ubB9dw9/r+9FRQ9/bv6Bihurfw5jb9Rkw
NR5QsSHpaNx7LIXzZwgrRSV3YnxPMmt+BmBl1QjN/64WXWtr6dI7y9Y9MQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBvR1ou9edzptrnxiKgjMWS297aJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRzlIV2k3MTUzT20ydWZHSXFDTXhaTGIzdG9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdX5MA0G
CSqGSIb3DQEBCwUAA4IBAQB8wCArjJ9u+aYG5pVmuHBbyIjV1n14ri7JmvqEE6Fh
ROKePz5xvEJoYe+n15ROSVN3MKaqqp7XiAN8i1xT1IBDFlGnBZnnTDt1lThmYHWB
9UqgciBKNzR24ycd7UJSLnGt2OUPcR8AH7g2RxmeorlriO+Z2yEs6bN6U/re3P/m
OjBGXyuatpeQD88k8GDvqgdMwrbRPDGJ+AzUcjrAg82Q5C56gblSeujwy6VdWTll
AVYYcMV6qdV45XyPqtQOv28U+Y0PezYmV+FGFcPXA2HvKIlmLaud6siCMZFEFrYx
90uke3YecSdg4FDd3jnGp1EDxh3megBDiEDD0PelM2qN
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:05 2025 by rpki-client