Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwrE8GF1hWy1b7ACK09_3ViKyQ.roa
File: KGwrE8GF1hWy1b7ACK09_3ViKyQ.roa (raw, json)
Hash identifier: RBWjzGtP/6GV5tAnV5fIqMKXE28HDz4G2Nhhlz6Vl50=
Subject key identifier: 28:6C:2B:13:C1:85:D6:15:B2:D5:BE:C0:08:AD:3D:FF:75:62:2B:24
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193A66ED9DA3987C358ED0FBC1BDDAE7338
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwrE8GF1hWy1b7ACK09_3ViKyQ.roa
Signing time: Sun 08 Dec 2024 13:21:42 +0000
ROA not before: Sun 08 Dec 2024 13:21:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213200
IP address blocks: 89.213.131.0/24 maxlen: 24
109.176.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:a6:6e:d9:da:39:87:c3:58:ed:0f:bc:1b:dd:ae:73:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 8 13:21:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=286c2b13c185d615b2d5bec008ad3dff75622b24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:f7:97:35:dc:b4:f7:80:dc:6d:66:ec:43:12:
51:64:9b:d2:33:be:a5:9a:79:68:61:8f:79:91:42:
68:7b:93:ae:73:b8:c4:84:2e:16:ca:58:f0:5d:a8:
ce:f2:d4:cf:ac:1c:60:8d:c8:62:66:61:80:45:62:
fa:57:44:93:aa:dd:1d:93:12:73:a8:21:92:23:97:
f1:28:08:ad:2d:e6:fd:04:e4:dc:59:f4:54:53:39:
f9:75:a9:89:73:0a:5e:5c:6e:9d:50:f4:14:46:f4:
3c:a5:da:bd:81:c2:0b:16:ae:5b:b2:c2:9b:db:68:
3c:51:fc:de:6c:3a:b1:ee:c2:ea:a0:c2:ea:ec:94:
df:60:9c:8c:86:58:db:87:81:dd:de:c1:fc:e7:f8:
0f:65:20:1f:52:1d:b7:83:c2:b3:ab:af:7a:f0:94:
ad:d9:c2:aa:80:d3:16:73:a2:f9:00:73:74:38:49:
cc:4f:3f:f3:90:a7:0d:ba:a4:62:e0:0d:fa:30:49:
13:dd:52:fc:d9:76:f7:7e:e9:95:ac:e9:c3:cc:45:
aa:b6:b4:14:e9:c0:17:9b:22:51:47:5c:f8:b0:a7:
a9:21:8c:2f:ec:10:bd:0b:7a:5c:69:58:5f:ed:62:
a2:ac:70:65:28:fc:d4:29:44:43:61:67:c2:e7:b2:
aa:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:6C:2B:13:C1:85:D6:15:B2:D5:BE:C0:08:AD:3D:FF:75:62:2B:24
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KGwrE8GF1hWy1b7ACK09_3ViKyQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.131.0/24
109.176.202.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f0:15:bc:b3:5d:4b:0c:83:45:e7:3d:78:61:7a:e5:b5:fe:
07:f1:50:64:87:89:d7:1f:84:34:19:75:05:d5:29:7e:b9:46:
8c:8e:9c:03:ac:d8:ab:90:e9:be:d3:94:fb:fe:29:e9:33:24:
f0:f3:c8:68:a7:0c:20:66:eb:f8:17:d4:fa:51:75:91:0f:f2:
19:d1:e9:f4:41:a1:4c:5c:49:ad:bd:83:10:a1:d7:d4:b7:42:
58:12:59:8e:ce:f8:74:e9:09:ac:2c:62:fe:de:f7:51:b1:28:
4f:3c:5f:aa:41:e2:11:1c:bb:15:c8:19:14:06:8a:8c:c5:85:
62:91:4a:f6:4b:96:23:e7:bc:7e:54:30:8a:9f:d2:25:cd:2c:
a6:9e:e3:64:41:7a:f4:f2:89:31:7d:0f:5a:7d:e1:7f:46:b5:
63:c4:1a:41:01:d8:85:05:ac:dd:1d:6e:fc:82:82:84:62:40:
ae:9e:67:11:b9:0f:1b:15:23:5d:57:72:d5:ce:c8:3f:84:91:
86:d4:fc:78:c7:8b:eb:53:20:1a:c5:3a:54:ab:31:fe:e1:4b:
fb:38:ad:d2:22:41:32:9e:19:58:15:2a:ac:3a:f9:52:45:8a:
3b:ab:24:27:fa:64:a5:08:0f:af:ca:9c:1d:6a:84:b3:f3:60:
5f:d0:f3:7c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOmbtnaOYfDWO0PvBvdrnM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA4MTMyMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODZjMmIxM2MxODVkNjE1YjJkNWJlYzAwOGFkM2RmZjc1NjIyYjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk/eXNdy094DcbWbsQxJRZJvSM76l
mnloYY95kUJoe5Ouc7jEhC4WyljwXajO8tTPrBxgjchiZmGARWL6V0STqt0dkxJz
qCGSI5fxKAitLeb9BOTcWfRUUzn5damJcwpeXG6dUPQURvQ8pdq9gcILFq5bssKb
22g8UfzebDqx7sLqoMLq7JTfYJyMhljbh4Hd3sH85/gPZSAfUh23g8Kzq6968JSt
2cKqgNMWc6L5AHN0OEnMTz/zkKcNuqRi4A36MEkT3VL82Xb3fumVrOnDzEWqtrQU
6cAXmyJRR1z4sKepIYwv7BC9C3pcaVhf7WKirHBlKPzUKURDYWfC57Kq3wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFChsKxPBhdYVstW+wAitPf91YiskMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS0d3ckU4R0YxaFd5MWI3QUNLMDlfM1ZpS3lRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWDAwQA
bbDKMA0GCSqGSIb3DQEBCwUAA4IBAQAJ8BW8s11LDINF5z14YXrltf4H8VBkh4nX
H4Q0GXUF1Sl+uUaMjpwDrNirkOm+05T7/inpMyTw88hopwwgZuv4F9T6UXWRD/IZ
0en0QaFMXEmtvYMQodfUt0JYElmOzvh06QmsLGL+3vdRsShPPF+qQeIRHLsVyBkU
BoqMxYVikUr2S5Yj57x+VDCKn9IlzSymnuNkQXr08okxfQ9afeF/RrVjxBpBAdiF
BazdHW78goKEYkCunmcRuQ8bFSNdV3LVzsg/hJGG1Px4x4vrUyAaxTpUqzH+4Uv7
OK3SIkEynhlYFSqsOvlSRYo7qyQn+mSlCA+vypwdaoSz82Bf0PN8
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:35:05 2025 by rpki-client