Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KJDUaVfohJ_XB8x7W2ibEvBDwDE.roa
File: KJDUaVfohJ_XB8x7W2ibEvBDwDE.roa (raw, json)
Hash identifier: KuEGfAq3im0capYkrrDyw5i7MP21mskd+Bl4igLjDzA=
Subject key identifier: 28:90:D4:69:57:E8:84:9F:D7:07:CC:7B:5B:68:9B:12:F0:43:C0:31
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143F5125D5F63E8CD8CDC1B66AF85D5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KJDUaVfohJ_XB8x7W2ibEvBDwDE.roa
Signing time: Wed 01 Jan 2025 09:48:09 +0000
ROA not before: Wed 01 Jan 2025 09:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135402
IP address blocks: 89.213.197.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:38:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:f5:12:5d:5f:63:e8:cd:8c:dc:1b:66:af:85:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2890d46957e8849fd707cc7b5b689b12f043c031
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d7:34:53:9e:0f:a1:98:f8:16:c3:fd:00:41:
9d:18:5b:84:d1:ff:f3:37:a0:06:4b:54:ce:78:c7:
b1:84:69:74:61:09:18:32:12:f3:ad:44:25:e3:f8:
ba:c0:ab:cc:6b:ef:7d:5c:fa:3d:3c:2e:75:cc:41:
02:42:f2:10:89:c7:77:a7:d5:29:25:1c:45:a4:a8:
ee:e9:ba:7c:8b:ad:ab:14:b7:7b:fe:2d:07:9e:96:
b2:51:82:cf:f7:81:79:f6:33:65:35:7e:d0:73:ea:
ce:8e:8b:f4:bb:ef:d3:e3:a6:71:ec:ed:82:e7:26:
12:d7:6a:6c:ba:45:f4:7e:f1:ae:d9:7d:3d:74:9a:
a7:88:54:dd:62:48:42:9b:c8:54:cf:41:c2:a4:48:
dc:32:59:a9:47:be:b8:1f:9e:9a:1f:8a:55:c4:10:
8f:3e:31:b2:cc:b4:19:61:df:6b:06:b4:f4:98:76:
a6:47:e3:70:d3:fb:e8:6d:92:be:20:07:52:11:a7:
82:a8:c0:d9:e7:c3:2b:67:17:e3:70:cd:91:81:97:
af:72:74:47:62:39:2c:0e:a6:e7:44:0b:e7:17:f5:
8d:96:4d:61:b4:8c:fc:47:9e:00:6b:01:f2:ab:d3:
02:2e:e4:60:b5:61:a1:8c:4f:b9:57:7c:a6:c2:4f:
b3:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:90:D4:69:57:E8:84:9F:D7:07:CC:7B:5B:68:9B:12:F0:43:C0:31
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/KJDUaVfohJ_XB8x7W2ibEvBDwDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.197.0/24
Signature Algorithm: sha256WithRSAEncryption
79:4b:fe:6a:4e:9d:28:5b:38:be:6f:19:f9:a2:9e:21:39:50:
d5:1d:54:c2:55:62:c8:77:ed:b2:6d:d1:36:7f:f1:33:09:ac:
52:af:4f:b6:bd:bd:5e:62:c1:5a:2f:75:39:d6:06:14:22:19:
f4:42:aa:92:9b:2e:a8:35:21:ce:21:58:24:38:e2:41:7b:f7:
ef:57:91:d8:b6:12:f5:c7:fe:06:a1:08:30:78:d1:a6:96:c5:
21:37:64:74:d2:08:d3:00:f5:48:2a:65:5a:9e:22:01:0c:f6:
35:bf:9a:be:06:0a:95:be:52:56:75:ad:d9:69:c7:95:42:33:
e0:6c:e4:e7:a0:88:6e:1c:1e:f3:44:23:62:9c:65:6a:4e:ce:
49:22:b5:b3:38:01:a2:89:31:26:73:2c:e5:fc:64:42:df:6c:
71:7b:b9:ef:81:d5:fb:33:c3:31:7a:00:55:86:87:b8:06:96:
17:ec:25:0c:4f:08:e6:f3:50:33:52:49:53:34:95:ed:1e:b4:
ae:16:09:f5:83:eb:30:ca:ce:06:e4:70:a0:7d:6c:ee:30:b3:
6c:fe:4b:cd:bc:b6:84:ac:06:e1:af:6f:f9:be:14:61:ea:97:
73:89:56:6f:5f:2e:d8:e5:cc:59:cd:6e:a0:28:bf:23:37:cc:
e2:e5:0c:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ/USXV9j6M2M3Btmr4XVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODkwZDQ2OTU3ZTg4NDlmZDcwN2NjN2I1YjY4OWIxMmYwNDNjMDMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9c0U54PoZj4FsP9AEGdGFuE0f/z
N6AGS1TOeMexhGl0YQkYMhLzrUQl4/i6wKvMa+99XPo9PC51zEECQvIQicd3p9Up
JRxFpKju6bp8i62rFLd7/i0HnpayUYLP94F59jNlNX7Qc+rOjov0u+/T46Zx7O2C
5yYS12psukX0fvGu2X09dJqniFTdYkhCm8hUz0HCpEjcMlmpR764H56aH4pVxBCP
PjGyzLQZYd9rBrT0mHamR+Nw0/vobZK+IAdSEaeCqMDZ58MrZxfjcM2RgZevcnRH
YjksDqbnRAvnF/WNlk1htIz8R54AawHyq9MCLuRgtWGhjE+5V3ymwk+zuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCiQ1GlX6ISf1wfMe1tomxLwQ8AxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS0pEVWFWZm9oSl9YQjh4N1cyaWJFdkJEd0RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdXFMA0G
CSqGSIb3DQEBCwUAA4IBAQB5S/5qTp0oWzi+bxn5op4hOVDVHVTCVWLId+2ybdE2
f/EzCaxSr0+2vb1eYsFaL3U51gYUIhn0QqqSmy6oNSHOIVgkOOJBe/fvV5HYthL1
x/4GoQgweNGmlsUhN2R00gjTAPVIKmVaniIBDPY1v5q+BgqVvlJWda3ZaceVQjPg
bOTnoIhuHB7zRCNinGVqTs5JIrWzOAGiiTEmcyzl/GRC32xxe7nvgdX7M8MxegBV
hoe4BpYX7CUMTwjm81AzUklTNJXtHrSuFgn1g+swys4G5HCgfWzuMLNs/kvNvLaE
rAbhr2/5vhRh6pdziVZvXy7Y5cxZzW6gKL8jN8zi5Qzn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:55 2025 by rpki-client