Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NaViHB75vugjg7ychkXqoM6TmEg.roa
File: NaViHB75vugjg7ychkXqoM6TmEg.roa (raw, json)
Hash identifier: 9pp5n7p1XReN/bBKzPazrOJqhwGvK7zjGT9XqiIhpg4=
Subject key identifier: 35:A5:62:1C:1E:F9:BE:E8:23:83:BC:9C:86:45:EA:A0:CE:93:98:48
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194B2840FC113D034FCC3F4B53B5B2EC0CD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NaViHB75vugjg7ychkXqoM6TmEg.roa
Signing time: Wed 29 Jan 2025 14:43:06 +0000
ROA not before: Wed 29 Jan 2025 14:43:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60504
IP address blocks: 89.213.0.0/22 maxlen: 24
213.130.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 05 Feb 2025 16:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b2:84:0f:c1:13:d0:34:fc:c3:f4:b5:3b:5b:2e:c0:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 29 14:43:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35a5621c1ef9bee82383bc9c8645eaa0ce939848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8a:34:ba:9f:8d:d9:65:6a:5d:c9:8c:c8:68:
61:b4:61:0d:2a:62:7c:0c:f2:a9:a1:44:0b:2a:b4:
a7:9d:98:7f:2d:7a:1d:76:20:a0:d2:9f:60:8e:0a:
16:ac:25:ea:26:f2:ef:63:7f:59:0a:21:dd:79:d0:
23:bd:4f:6d:b8:71:63:9b:41:d7:9f:6c:df:f2:ee:
b3:78:6b:2e:70:ad:f3:38:bc:40:a0:32:b5:e2:1b:
a8:49:7b:70:39:da:b1:69:2a:ed:04:5e:d5:5c:84:
34:98:92:e0:78:45:db:54:a0:9a:6b:99:79:a1:2b:
41:b1:58:ef:d8:33:48:94:91:72:ad:eb:ce:5c:42:
29:52:c6:9f:89:b0:bb:fd:d0:b1:50:01:78:11:fe:
77:27:d3:67:90:ad:10:c0:80:f7:b0:bc:ee:61:02:
00:63:38:74:6c:bb:3c:12:97:0e:36:52:3a:24:c4:
5a:15:55:fd:f4:6f:11:e4:70:c5:20:e2:89:2f:88:
99:3f:ac:1a:3d:45:66:c2:3f:e7:76:8a:fc:55:d3:
bd:c5:0c:06:2f:c1:aa:8d:a9:e9:63:ae:74:f3:fe:
63:e6:fb:52:6b:8d:06:da:43:a4:16:ee:27:d0:a6:
14:cc:5b:a4:01:d2:df:f7:85:e0:ac:08:80:68:71:
3f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:A5:62:1C:1E:F9:BE:E8:23:83:BC:9C:86:45:EA:A0:CE:93:98:48
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NaViHB75vugjg7ychkXqoM6TmEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.0.0/22
213.130.140.0/22
Signature Algorithm: sha256WithRSAEncryption
31:80:2c:0e:33:18:f8:48:73:4e:2d:03:9d:96:86:12:13:19:
ca:f1:c7:e1:0d:36:56:5e:d4:11:54:2a:a9:23:42:0e:33:1a:
8a:94:e8:ac:b8:b1:cc:6d:5b:84:01:98:8b:98:2a:a5:65:a3:
0c:42:6d:70:1b:40:67:6a:29:de:91:62:6c:b5:76:2a:94:7f:
45:dd:77:4f:58:bd:64:a0:f3:64:61:b3:00:a8:d1:21:07:89:
14:16:ab:0d:60:cd:59:2d:25:bf:fe:81:73:7d:79:46:8f:15:
a5:c0:40:12:42:7e:f3:6e:15:f0:5a:e5:d7:db:06:b6:4c:da:
f8:69:3e:74:7a:99:9b:63:f3:28:0c:8f:23:f7:03:f9:c3:8a:
d9:8d:7d:85:f0:7f:ac:a9:88:62:1a:0a:17:a6:22:52:ab:2b:
12:af:82:95:c8:bc:18:df:38:9f:e4:0f:d8:cc:a9:15:37:a5:
f6:fe:63:67:52:04:a1:76:d2:a5:24:7e:e3:2d:94:e7:e4:c0:
df:4a:71:23:55:cd:e0:e6:b3:3f:5a:95:78:ee:ef:ae:b2:d0:
ac:70:94:8b:bf:bd:62:4f:83:ea:a3:a0:f6:e3:1e:28:aa:fa:
99:16:5a:2c:2c:77:15:f0:73:08:23:bc:39:76:5d:d4:44:df:
f0:d7:09:78
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSyhA/BE9A0/MP0tTtbLsDNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTI5MTQ0MzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWE1NjIxYzFlZjliZWU4MjM4M2JjOWM4NjQ1ZWFhMGNlOTM5ODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr4o0up+N2WVqXcmMyGhhtGENKmJ8
DPKpoUQLKrSnnZh/LXoddiCg0p9gjgoWrCXqJvLvY39ZCiHdedAjvU9tuHFjm0HX
n2zf8u6zeGsucK3zOLxAoDK14huoSXtwOdqxaSrtBF7VXIQ0mJLgeEXbVKCaa5l5
oStBsVjv2DNIlJFyrevOXEIpUsafibC7/dCxUAF4Ef53J9NnkK0QwID3sLzuYQIA
Yzh0bLs8EpcONlI6JMRaFVX99G8R5HDFIOKJL4iZP6waPUVmwj/ndor8VdO9xQwG
L8GqjanpY6508/5j5vtSa40G2kOkFu4n0KYUzFukAdLf94XgrAiAaHE/4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDWlYhwe+b7oI4O8nIZF6qDOk5hIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTmFWaUhCNzV2dWdqZzd5Y2hrWHFvTTZUbUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWdUAAwQC
1YKMMA0GCSqGSIb3DQEBCwUAA4IBAQAxgCwOMxj4SHNOLQOdloYSExnK8cfhDTZW
XtQRVCqpI0IOMxqKlOisuLHMbVuEAZiLmCqlZaMMQm1wG0BnainekWJstXYqlH9F
3XdPWL1koPNkYbMAqNEhB4kUFqsNYM1ZLSW//oFzfXlGjxWlwEASQn7zbhXwWuXX
2wa2TNr4aT50epmbY/MoDI8j9wP5w4rZjX2F8H+sqYhiGgoXpiJSqysSr4KVyLwY
3zif5A/YzKkVN6X2/mNnUgShdtKlJH7jLZTn5MDfSnEjVc3g5rM/WpV47u+ustCs
cJSLv71iT4Pqo6D24x4oqvqZFlosLHcV8HMII7w5dl3URN/w1wl4
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:11 2025 by rpki-client