Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa
File: K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa (raw, json)
Hash identifier: vbi7YczxPdT3omAsWCKr+YCg+XXgQjvBVUeSuPT6wAM=
Subject key identifier: 2B:FD:4A:62:BA:54:3B:2F:12:F4:B6:13:AE:FA:11:45:95:EE:49:75
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E5B09AF71858972FC23A1C70EFD5B06D2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa
Signing time: Wed 20 Mar 2024 08:45:45 +0000
ROA not before: Wed 20 Mar 2024 08:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200373
IP address blocks: 89.213.228.0/22 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 20 Mar 2024 16:48:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5b:09:af:71:85:89:72:fc:23:a1:c7:0e:fd:5b:06:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 20 08:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2bfd4a62ba543b2f12f4b613aefa114595ee4975
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:7e:58:1a:0b:a0:f3:12:6b:89:ef:f9:f3:33:
64:d1:43:ca:78:19:6f:dc:95:68:5b:76:11:42:29:
ad:d9:ab:e6:da:63:56:85:7e:f7:a7:a1:b4:1d:3b:
d2:54:db:02:25:06:67:9e:90:a9:4d:ef:66:2b:0a:
02:37:11:0f:3d:b0:76:6a:62:db:2a:1a:9d:6b:42:
54:40:1c:a8:74:42:04:cd:aa:79:df:40:92:11:98:
52:e3:cc:ed:91:2f:8d:ca:5e:cb:cd:59:f0:9d:8d:
32:38:c8:ea:2f:49:60:f5:95:e5:b4:3b:fe:79:14:
48:13:5c:e1:5a:bb:25:14:51:95:18:29:15:13:dd:
af:9a:67:99:79:0f:41:0c:7c:94:4e:0b:c9:57:ad:
8a:97:40:68:ee:16:da:0e:17:9a:fb:70:47:9b:c4:
9f:d3:c2:68:ff:ee:37:cb:44:b9:2e:f2:1d:c0:7e:
94:35:c2:49:00:83:3a:27:e7:f8:ca:9e:11:c8:0b:
69:42:63:4e:bd:9d:6d:54:c8:b2:22:a7:27:ee:e1:
18:09:e7:32:92:d2:a3:ad:16:a9:9d:c4:43:ef:6c:
52:9d:c7:bb:3b:d4:54:8c:dc:e5:e8:0b:57:93:b0:
f3:ae:b8:aa:6c:d8:a8:eb:16:14:85:6b:d1:69:0b:
80:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:FD:4A:62:BA:54:3B:2F:12:F4:B6:13:AE:FA:11:45:95:EE:49:75
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/K_1KYrpUOy8S9LYTrvoRRZXuSXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.228.0-89.213.239.255
Signature Algorithm: sha256WithRSAEncryption
45:43:74:80:bf:22:d9:7b:e3:25:90:d2:24:69:29:2e:be:a9:
60:43:67:3f:94:1a:98:b4:d6:8b:5f:e8:cb:62:31:ce:86:53:
6d:38:ad:d3:b1:a0:1a:3f:a7:e8:f1:15:3b:59:da:2d:89:95:
1f:55:c7:d5:1a:97:d2:8a:bd:82:a4:65:0f:e8:e6:20:c7:5f:
16:92:f9:7f:62:9b:19:a6:59:9d:39:e4:4e:5a:0e:0f:0f:7f:
29:f6:61:ad:02:a1:fd:e4:dd:81:db:73:30:53:e3:da:ff:11:
c7:67:3a:cd:e5:73:da:9c:33:96:6a:ca:98:76:74:e9:fc:e8:
0f:2f:ce:98:d7:8e:a5:da:88:e2:db:c1:c9:06:b0:88:81:54:
ae:d0:a5:5f:df:7c:cb:ee:94:fd:8e:ee:74:26:b2:c3:7c:72:
8a:7d:4f:62:68:11:f4:a7:38:c4:fe:18:89:3f:77:83:9b:33:
85:e8:5a:38:96:a5:76:c6:ce:29:e9:f5:c3:ec:e1:41:90:96:
4d:ea:b0:36:38:e3:84:e5:fb:74:25:3f:df:50:b5:46:50:7a:
96:34:d9:67:fa:66:3f:80:cb:d5:c4:59:04:3d:6d:f3:7e:51:
ec:0b:7b:c1:e8:a9:bb:9b:c9:5e:21:98:db:a4:66:3f:8b:d8:
6c:f4:29:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY5bCa9xhYly/COhxw79WwbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIwMDg0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYmZkNGE2MmJhNTQzYjJmMTJmNGI2MTNhZWZhMTE0NTk1ZWU0OTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7X5YGgug8xJrie/58zNk0UPKeBlv
3JVoW3YRQimt2avm2mNWhX73p6G0HTvSVNsCJQZnnpCpTe9mKwoCNxEPPbB2amLb
Khqda0JUQByodEIEzap530CSEZhS48ztkS+Nyl7LzVnwnY0yOMjqL0lg9ZXltDv+
eRRIE1zhWrslFFGVGCkVE92vmmeZeQ9BDHyUTgvJV62Kl0Bo7hbaDhea+3BHm8Sf
08Jo/+43y0S5LvIdwH6UNcJJAIM6J+f4yp4RyAtpQmNOvZ1tVMiyIqcn7uEYCecy
ktKjrRapncRD72xSnce7O9RUjNzl6AtXk7DzrriqbNio6xYUhWvRaQuAVwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCv9SmK6VDsvEvS2E676EUWV7kl1MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvS18xS1lycFVPeThTOUxZVHJ2b1JSWlh1U1hVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAJZ1eQD
BARZ1eAwDQYJKoZIhvcNAQELBQADggEBAEVDdIC/Itl74yWQ0iRpKS6+qWBDZz+U
Gpi01otf6MtiMc6GU204rdOxoBo/p+jxFTtZ2i2JlR9Vx9Ual9KKvYKkZQ/o5iDH
XxaS+X9imxmmWZ055E5aDg8Pfyn2Ya0Cof3k3YHbczBT49r/EcdnOs3lc9qcM5Zq
yph2dOn86A8vzpjXjqXaiOLbwckGsIiBVK7QpV/ffMvulP2O7nQmssN8cop9T2Jo
EfSnOMT+GIk/d4ObM4XoWjiWpXbGzinp9cPs4UGQlk3qsDY444Tl+3QlP99QtUZQ
epY02Wf6Zj+Ay9XEWQQ9bfN+UewLe8HoqbubyV4hmNukZj+L2Gz0KeQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:28:04 2025 by rpki-client