Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IjZHR3_EHC1VNEMCSYunFWFt2IY.roa
File: IjZHR3_EHC1VNEMCSYunFWFt2IY.roa (raw, json)
Hash identifier: 3/k5DRj4q9iZs2ZXEV6JgbO2rvr1PXZCohD7Nq3ff84=
Subject key identifier: 22:36:47:47:7F:C4:1C:2D:55:34:43:02:49:8B:A7:15:61:6D:D8:86
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01953767798BB7169722996F593401052FC0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IjZHR3_EHC1VNEMCSYunFWFt2IY.roa
Signing time: Mon 24 Feb 2025 10:01:22 +0000
ROA not before: Mon 24 Feb 2025 10:01:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25198
IP address blocks: 89.213.127.0/24 maxlen: 24
213.210.62.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 23 Mar 2025 08:32:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:67:79:8b:b7:16:97:22:99:6f:59:34:01:05:2f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 24 10:01:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=223647477fc41c2d55344302498ba715616dd886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:6c:d8:bf:50:9a:09:ef:ea:78:7c:7a:3d:ef:
43:e8:82:88:8e:6d:69:61:56:76:a4:a6:9f:22:a9:
cd:fa:2f:da:a1:00:21:45:c6:fa:93:80:31:d3:d9:
c0:94:24:f0:1f:88:47:38:93:0a:35:d8:b1:d5:9c:
07:c8:89:53:07:b8:4d:65:13:03:6d:83:10:64:82:
02:46:02:e3:e3:b1:a8:44:b3:48:05:c3:4a:46:48:
8c:c1:1e:bb:b6:a0:70:32:71:30:bc:be:3c:d1:7c:
72:d1:9d:0b:fa:d2:f4:31:59:26:7a:d8:16:7e:51:
2c:f2:f5:41:80:c5:6b:7b:94:d1:55:a3:82:b0:b5:
94:f7:12:fe:1a:fa:67:a2:ef:17:c4:e5:32:7c:f8:
e1:c8:da:23:2e:fd:4a:47:0e:34:22:e0:6b:82:ac:
45:59:29:5f:7a:f7:cd:eb:fd:71:2f:84:41:12:81:
6e:a4:82:06:fc:7b:64:82:fa:b9:00:18:d5:80:1a:
a9:b0:3e:bb:97:96:1f:c6:b9:82:87:3b:d1:fd:29:
d9:60:39:39:b0:33:4a:9f:5d:ed:7b:c0:f7:2a:78:
62:2e:23:1d:ee:e5:0b:01:e9:7d:1c:cf:f0:a5:0a:
29:29:cf:80:75:28:a0:ea:56:65:68:06:6e:04:bb:
ec:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:36:47:47:7F:C4:1C:2D:55:34:43:02:49:8B:A7:15:61:6D:D8:86
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/IjZHR3_EHC1VNEMCSYunFWFt2IY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.127.0/24
213.210.62.0/24
Signature Algorithm: sha256WithRSAEncryption
40:5c:4e:c1:2c:eb:9d:ce:dc:99:0a:59:04:35:f2:c4:92:c8:
6b:2f:16:d3:90:0b:2f:0a:29:a1:8a:a4:01:0d:38:84:f1:51:
89:4b:06:b0:5b:fb:71:5b:b7:6c:60:e4:09:8b:cb:74:c1:0e:
05:f4:a9:2d:ed:9f:5f:4b:b1:8d:a4:c5:bd:64:cd:c8:db:20:
d6:0f:ee:51:1c:18:c5:be:d7:31:be:5c:5e:f1:40:7c:67:40:
44:99:df:f1:ab:74:97:5f:ab:e7:45:0f:ab:e3:48:c2:4f:c6:
17:a1:15:ee:7f:7a:9d:e3:4a:11:a2:7f:91:9a:f9:92:60:c0:
71:51:35:8a:46:a4:80:17:5e:bd:d9:26:8e:8e:31:04:be:62:
d7:13:68:b9:24:30:a0:28:8f:3f:89:75:55:a3:70:ed:71:76:
3c:0f:8d:0a:75:67:99:2f:1e:25:e4:2d:81:f7:5c:82:26:70:
be:49:ad:3b:41:37:14:04:fc:d2:c7:08:a3:49:d4:b4:49:a1:
35:46:dd:b6:56:d9:28:a8:9d:2f:da:52:ad:f3:1b:4a:bf:b5:
28:20:66:d2:fd:db:9a:6a:ce:eb:07:61:f5:eb:55:fd:72:d0:
5d:33:f3:1e:f9:57:50:88:29:e4:50:cd:f1:ba:7d:ba:f3:e0:
e7:6a:7f:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZU3Z3mLtxaXIplvWTQBBS/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI0MTAwMTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM2NDc0NzdmYzQxYzJkNTUzNDQzMDI0OThiYTcxNTYxNmRkODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1mzYv1CaCe/qeHx6Pe9D6IKIjm1p
YVZ2pKafIqnN+i/aoQAhRcb6k4Ax09nAlCTwH4hHOJMKNdix1ZwHyIlTB7hNZRMD
bYMQZIICRgLj47GoRLNIBcNKRkiMwR67tqBwMnEwvL480Xxy0Z0L+tL0MVkmetgW
flEs8vVBgMVre5TRVaOCsLWU9xL+Gvpnou8XxOUyfPjhyNojLv1KRw40IuBrgqxF
WSlfevfN6/1xL4RBEoFupIIG/Htkgvq5ABjVgBqpsD67l5YfxrmChzvR/SnZYDk5
sDNKn13te8D3KnhiLiMd7uULAel9HM/wpQopKc+AdSig6lZlaAZuBLvsfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCI2R0d/xBwtVTRDAkmLpxVhbdiGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSWpaSFIzX0VIQzFWTkVNQ1NZdW5GV0Z0MklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdV/AwQA
1dI+MA0GCSqGSIb3DQEBCwUAA4IBAQBAXE7BLOudztyZClkENfLEkshrLxbTkAsv
CimhiqQBDTiE8VGJSwawW/txW7dsYOQJi8t0wQ4F9Kkt7Z9fS7GNpMW9ZM3I2yDW
D+5RHBjFvtcxvlxe8UB8Z0BEmd/xq3SXX6vnRQ+r40jCT8YXoRXuf3qd40oRon+R
mvmSYMBxUTWKRqSAF1692SaOjjEEvmLXE2i5JDCgKI8/iXVVo3DtcXY8D40KdWeZ
Lx4l5C2B91yCJnC+Sa07QTcUBPzSxwijSdS0SaE1Rt22VtkoqJ0v2lKt8xtKv7Uo
IGbS/duaas7rB2H161X9ctBdM/Me+VdQiCnkUM3xun268+Dnan98
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:27:21 2025 by rpki-client