Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Lw7um2lREz-N7d8sY_JKmnAC3Z4.roa
File: Lw7um2lREz-N7d8sY_JKmnAC3Z4.roa (raw, json)
Hash identifier: ist/YHThhPl8kp+t/eRNR0sRfBVEiuYsZiKne5md2qQ=
Subject key identifier: 2F:0E:EE:9B:69:51:13:3F:8D:ED:DF:2C:63:F2:4A:9A:70:02:DD:9E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019113FBF5706F41F74F35B20C71E7385B16
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Lw7um2lREz-N7d8sY_JKmnAC3Z4.roa
Signing time: Fri 02 Aug 2024 16:46:04 +0000
ROA not before: Fri 02 Aug 2024 16:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 89.213.50.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 10 Sep 2024 13:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:fb:f5:70:6f:41:f7:4f:35:b2:0c:71:e7:38:5b:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 2 16:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f0eee9b6951133f8deddf2c63f24a9a7002dd9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:fb:b3:b6:67:3b:dc:cc:2e:b0:96:09:61:95:
5e:0f:12:5a:14:c4:35:e6:54:e3:0e:9b:4c:2f:34:
b8:5b:a3:28:29:a4:50:92:7d:eb:45:34:63:24:8d:
29:fc:b7:6a:2d:cc:b1:24:c4:bb:a8:16:a2:3c:44:
17:0f:d1:03:d4:e0:52:f5:9d:9d:2c:a7:ec:39:d3:
65:34:40:38:2d:72:ab:29:fb:dd:c9:55:37:85:f7:
d7:e1:70:a0:a4:1f:50:24:3e:01:81:65:73:8c:31:
48:e7:4a:58:f8:9f:37:5a:68:7d:3c:13:83:c7:c5:
b3:99:97:34:96:d3:ab:d2:a8:1e:64:9e:94:71:08:
ec:13:03:48:95:e8:ac:b7:32:4d:35:0b:1a:82:31:
2d:65:87:df:ff:c1:94:42:41:93:6b:a2:45:76:e4:
bf:b8:58:70:5b:db:b6:c8:ac:63:79:34:05:c5:77:
2c:9a:f6:4f:ca:5d:9a:e6:6b:ab:c0:17:26:62:4f:
30:6d:43:b9:b8:d0:55:36:f8:3e:32:da:ff:b6:bc:
41:ad:fd:78:ae:84:18:22:c9:dd:2e:82:0e:0a:3d:
3c:d9:34:80:f2:34:12:98:7c:47:c1:9c:4b:e6:03:
73:93:9c:3d:76:73:bc:7d:25:b2:70:0e:42:09:fd:
25:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:0E:EE:9B:69:51:13:3F:8D:ED:DF:2C:63:F2:4A:9A:70:02:DD:9E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Lw7um2lREz-N7d8sY_JKmnAC3Z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.50.0/24
213.218.234.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
14:65:83:c9:4a:72:79:ff:f6:ab:a2:77:c5:49:2b:5b:74:e5:
f4:84:91:a2:b9:a0:ad:ee:81:56:44:48:ae:0b:5e:1a:d9:18:
b6:69:04:92:ee:9d:d4:85:ff:2c:64:59:37:d0:ea:49:5e:70:
19:93:e6:c5:7d:62:94:ef:0e:c7:7c:e4:71:9d:eb:7b:c1:6f:
af:60:a7:bb:14:44:a0:b1:04:3e:ca:d6:e8:54:91:53:c0:f2:
38:28:c0:eb:ab:4a:30:8a:09:0e:b4:87:4b:ee:31:5d:3b:42:
17:24:6c:ae:ac:3a:41:63:50:7e:87:af:0a:6b:16:5b:9c:c5:
52:46:6d:17:7c:c4:82:e8:d0:e0:36:fc:92:d2:69:c4:14:3f:
61:9f:ba:96:d4:36:71:8e:8e:ec:14:a2:71:6b:c0:2c:27:f8:
06:fc:b7:a7:09:67:dc:64:e1:53:03:6f:df:7b:95:5b:bb:5d:
d9:2a:9d:5d:d1:6e:02:19:ee:47:78:0d:07:4d:0f:0f:e0:1e:
46:ed:5b:32:e9:35:57:44:6d:0a:80:40:06:c6:c7:57:c0:68:
a3:f3:3a:f1:59:9b:ad:bc:32:e1:79:33:de:32:ef:3c:94:68:
6d:08:77:45:bc:ea:b9:c7:aa:f4:97:e2:2f:7b:7a:4d:cc:6b:
12:6c:7e:81
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZET+/Vwb0H3TzWyDHHnOFsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODAyMTY0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjBlZWU5YjY5NTExMzNmOGRlZGRmMmM2M2YyNGE5YTcwMDJkZDllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvuztmc73MwusJYJYZVeDxJaFMQ1
5lTjDptMLzS4W6MoKaRQkn3rRTRjJI0p/LdqLcyxJMS7qBaiPEQXD9ED1OBS9Z2d
LKfsOdNlNEA4LXKrKfvdyVU3hffX4XCgpB9QJD4BgWVzjDFI50pY+J83Wmh9PBOD
x8WzmZc0ltOr0qgeZJ6UcQjsEwNIleistzJNNQsagjEtZYff/8GUQkGTa6JFduS/
uFhwW9u2yKxjeTQFxXcsmvZPyl2a5murwBcmYk8wbUO5uNBVNvg+Mtr/trxBrf14
roQYIsndLoIOCj082TSA8jQSmHxHwZxL5gNzk5w9dnO8fSWycA5CCf0lOwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC8O7ptpURM/je3fLGPySppwAt2eMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTHc3dW0ybFJFei1ON2Q4c1lfSkttbkFDM1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdUyAwQA
1drqAwQA2ZFEMA0GCSqGSIb3DQEBCwUAA4IBAQAUZYPJSnJ5//aronfFSStbdOX0
hJGiuaCt7oFWREiuC14a2Ri2aQSS7p3Uhf8sZFk30OpJXnAZk+bFfWKU7w7HfORx
net7wW+vYKe7FESgsQQ+ytboVJFTwPI4KMDrq0owigkOtIdL7jFdO0IXJGyurDpB
Y1B+h68KaxZbnMVSRm0XfMSC6NDgNvyS0mnEFD9hn7qW1DZxjo7sFKJxa8AsJ/gG
/LenCWfcZOFTA2/fe5Vbu13ZKp1d0W4CGe5HeA0HTQ8P4B5G7Vsy6TVXRG0KgEAG
xsdXwGij8zrxWZutvDLheTPeMu88lGhtCHdFvOq5x6r0l+Ive3pNzGsSbH6B
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:19 2025 by rpki-client