Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NdZJT7fczQgK7xP23I4My9MWuR8.roa
File: NdZJT7fczQgK7xP23I4My9MWuR8.roa (raw, json)
Hash identifier: ubMYKhYncfRjrEwaI7PM8rx0D8EYnkRWcqFx7jrpZsY=
Subject key identifier: 35:D6:49:4F:B7:DC:CD:08:0A:EF:13:F6:DC:8E:0C:CB:D3:16:B9:1F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194214432F408B5810514FF81CD364F74C5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NdZJT7fczQgK7xP23I4My9MWuR8.roa
Signing time: Wed 01 Jan 2025 09:48:25 +0000
ROA not before: Wed 01 Jan 2025 09:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215741
IP address blocks: 89.213.169.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 10:58:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:32:f4:08:b5:81:05:14:ff:81:cd:36:4f:74:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35d6494fb7dccd080aef13f6dc8e0ccbd316b91f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:45:90:df:89:5f:27:5c:56:21:fc:eb:ae:af:
8e:e0:2c:6e:1f:91:b9:b9:bd:02:6d:19:9e:e1:cc:
fb:7d:37:ad:d4:f3:58:1e:23:53:c1:42:4f:b3:8b:
e6:37:45:4f:5c:13:66:8e:c0:f9:61:12:63:b9:2c:
63:75:59:ef:c1:b6:ce:24:dd:2c:b4:a2:8a:d2:b1:
73:ee:05:0e:11:71:d2:56:12:45:4f:6e:ec:64:d3:
92:9d:18:12:4a:0c:c0:42:74:9f:38:1c:52:70:36:
11:ed:01:9d:82:bb:c4:ae:d6:28:02:12:54:da:47:
69:98:4b:7b:6a:b8:85:c4:a7:ee:ef:58:e0:aa:5c:
fd:15:f6:c6:fb:5e:14:9f:36:28:a9:c8:80:e3:23:
38:6b:b9:50:68:b6:45:24:e1:a1:f6:33:ab:59:1f:
e5:d9:31:a9:12:f9:2e:82:d7:37:12:59:df:da:4b:
b6:d7:b8:9d:42:57:11:08:38:ca:ae:19:71:98:01:
4c:ed:23:4d:83:e5:e0:6f:76:77:45:57:34:88:d5:
70:53:09:54:10:3b:3f:f2:01:a7:7f:e6:f0:87:c3:
d0:aa:7c:85:c6:ec:83:10:30:52:d9:3f:d2:7c:ed:
3f:a3:65:0e:57:34:4b:d9:41:70:3b:22:ec:84:67:
ba:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D6:49:4F:B7:DC:CD:08:0A:EF:13:F6:DC:8E:0C:CB:D3:16:B9:1F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/NdZJT7fczQgK7xP23I4My9MWuR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.169.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:fc:73:08:63:af:49:25:43:bc:7a:8e:8f:d2:69:ab:6d:19:
24:d1:58:95:4f:49:ee:40:c4:85:26:86:54:86:72:7a:b0:72:
da:88:0b:06:46:b5:11:2b:63:8b:f6:d7:7e:ad:d5:4f:bc:28:
47:01:cb:ce:1f:8b:d8:68:27:6b:e6:f5:c0:51:9d:8f:f5:05:
54:2d:cc:01:ae:bc:fb:a5:9e:db:d1:9b:07:3f:d9:7b:5e:24:
a6:cf:e9:6a:f0:e0:dd:59:e0:b3:52:1e:1c:f4:52:74:26:50:
e9:d5:ef:e6:73:a3:64:f3:fc:73:10:09:3b:e2:5a:86:70:ef:
f7:1b:f5:91:e0:98:94:67:a5:27:28:30:f9:fe:96:0f:18:be:
91:67:9e:14:b9:11:17:dc:4d:76:f8:1e:c0:78:0f:09:19:ec:
c9:04:25:57:f4:05:be:ae:a9:a6:ee:ec:7b:9d:81:0a:fb:e8:
63:97:6f:54:da:03:cb:75:7f:b9:7b:ba:a9:29:2c:1c:81:c7:
c5:cc:f4:db:ce:6c:5d:14:6c:3a:77:83:fc:1b:8c:4b:f8:ae:
c4:9c:c3:14:86:a1:36:c6:ff:e8:4e:0a:f0:55:61:bb:c7:01:
28:ee:1b:f7:fc:db:9e:3e:a7:b9:a5:57:49:fd:a3:57:3f:98:
f7:d6:6b:59
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDL0CLWBBRT/gc02T3TFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQ2NDk0ZmI3ZGNjZDA4MGFlZjEzZjZkYzhlMGNjYmQzMTZiOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2UWQ34lfJ1xWIfzrrq+O4CxuH5G5
ub0CbRme4cz7fTet1PNYHiNTwUJPs4vmN0VPXBNmjsD5YRJjuSxjdVnvwbbOJN0s
tKKK0rFz7gUOEXHSVhJFT27sZNOSnRgSSgzAQnSfOBxScDYR7QGdgrvErtYoAhJU
2kdpmEt7ariFxKfu71jgqlz9FfbG+14UnzYoqciA4yM4a7lQaLZFJOGh9jOrWR/l
2TGpEvkugtc3Elnf2ku217idQlcRCDjKrhlxmAFM7SNNg+Xgb3Z3RVc0iNVwUwlU
EDs/8gGnf+bwh8PQqnyFxuyDEDBS2T/SfO0/o2UOVzRL2UFwOyLshGe6EwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDXWSU+33M0ICu8T9tyODMvTFrkfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTmRaSlQ3ZmN6UWdLN3hQMjNJNE15OU1XdVI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWpMA0G
CSqGSIb3DQEBCwUAA4IBAQAP/HMIY69JJUO8eo6P0mmrbRkk0ViVT0nuQMSFJoZU
hnJ6sHLaiAsGRrURK2OL9td+rdVPvChHAcvOH4vYaCdr5vXAUZ2P9QVULcwBrrz7
pZ7b0ZsHP9l7XiSmz+lq8ODdWeCzUh4c9FJ0JlDp1e/mc6Nk8/xzEAk74lqGcO/3
G/WR4JiUZ6UnKDD5/pYPGL6RZ54UuREX3E12+B7AeA8JGezJBCVX9AW+rqmm7ux7
nYEK++hjl29U2gPLdX+5e7qpKSwcgcfFzPTbzmxdFGw6d4P8G4xL+K7EnMMUhqE2
xv/oTgrwVWG7xwEo7hv3/NuePqe5pVdJ/aNXP5j31mtZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:35 2025 by rpki-client