Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PAHeEMyyUg0hZghQ2hhaZotbUVE.roa
File: PAHeEMyyUg0hZghQ2hhaZotbUVE.roa (raw, json)
Hash identifier: fGhwj/2joC5ExQKHSgymJM04Q08b5Scsaj7z1wr9roA=
Subject key identifier: 3C:01:DE:10:CC:B2:52:0D:21:66:08:50:DA:18:5A:66:8B:5B:51:51
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F34C8AA059D87D7DA3D5F27CEFE318F44
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PAHeEMyyUg0hZghQ2hhaZotbUVE.roa
Signing time: Wed 01 May 2024 15:31:56 +0000
ROA not before: Wed 01 May 2024 15:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63150
IP address blocks: 89.213.150.0/24 maxlen: 24
194.105.89.0/24 maxlen: 24
213.218.228.0/24 maxlen: 24
213.218.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 May 2024 13:03:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:34:c8:aa:05:9d:87:d7:da:3d:5f:27:ce:fe:31:8f:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 1 15:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3c01de10ccb2520d21660850da185a668b5b5151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:8b:4d:49:d3:17:17:f4:7d:54:45:70:e0:8e:
ad:9f:36:c3:c8:96:82:ff:93:4c:90:20:62:df:08:
df:ad:19:7f:b0:e7:1a:fb:37:fa:77:e2:02:aa:c4:
59:20:38:cc:00:3a:09:6d:73:12:68:82:5e:db:be:
fc:f9:b0:4e:30:d1:58:dc:88:82:11:eb:67:90:2a:
ef:6b:63:cd:89:76:b0:b1:83:d6:c0:39:7d:42:bd:
e9:0a:8b:c2:77:dc:54:bc:ce:ce:2b:b6:67:21:9c:
dc:53:4f:de:2e:6d:94:fe:9e:d3:ac:e6:e0:4c:be:
09:da:74:17:df:17:cf:5d:bf:b1:c2:8d:45:3c:bb:
10:74:76:82:83:5e:d8:85:9d:a2:40:60:b5:b6:6b:
a0:03:41:59:9a:19:36:88:53:91:35:e5:f9:0f:34:
f7:54:87:ec:7d:c6:be:2f:48:ff:ac:b1:c5:c0:87:
a6:82:2d:9e:2e:f1:0b:80:b5:c0:9f:78:02:d9:89:
eb:0d:3a:2f:97:a9:cd:3a:7d:f2:9a:7e:37:b7:7c:
1f:3b:fb:6d:a2:aa:0a:fc:eb:86:75:10:81:10:6d:
60:bc:1e:45:80:a8:ba:7d:e3:05:a9:8d:91:07:4e:
85:a8:f0:45:f3:91:b6:b7:50:cb:16:fd:ce:b1:57:
ec:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:01:DE:10:CC:B2:52:0D:21:66:08:50:DA:18:5A:66:8B:5B:51:51
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PAHeEMyyUg0hZghQ2hhaZotbUVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.150.0/24
194.105.89.0/24
213.218.228.0/24
213.218.255.0/24
Signature Algorithm: sha256WithRSAEncryption
23:38:3d:3c:c1:32:13:82:bf:94:20:41:b4:a9:f2:5d:ac:61:
ee:47:76:e1:39:56:1b:e3:44:7f:e4:dd:e8:39:aa:f9:95:84:
32:b0:83:51:a2:83:92:1b:54:c5:a9:f6:08:d8:58:72:ec:ff:
94:12:2a:ac:8e:7a:e1:b3:06:60:72:a5:d8:86:95:ff:65:75:
84:75:25:56:a9:4c:67:53:53:d8:30:62:6c:ab:a5:e7:9d:1e:
89:ef:5d:ba:ed:4f:c2:ce:ff:e1:e0:38:5e:24:8a:df:e2:2c:
21:6f:4f:03:e0:88:15:34:f0:ee:2b:e3:d6:3e:8e:a9:fd:15:
08:38:b8:46:64:38:2e:eb:24:57:67:dd:dd:d9:91:87:f3:60:
f9:08:dd:02:20:a5:9b:6b:3a:c3:11:34:ea:c8:8b:03:bb:57:
21:fc:10:27:3e:25:ba:1d:93:a9:5b:54:36:86:a8:13:b6:62:
40:26:f4:75:e0:4d:53:4b:1d:8b:46:ce:92:17:bb:3e:68:28:
9c:35:e7:79:f4:f4:ed:84:23:d1:f1:d9:f3:71:9b:ef:d0:e9:
0f:a1:d8:67:9d:8e:a4:d8:25:ca:ea:7f:90:70:c9:c3:0b:d0:
f9:2b:6c:c4:9a:de:fe:a5:32:6b:db:e2:00:53:15:9c:01:c4:
66:0c:be:28
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY80yKoFnYfX2j1fJ87+MY9EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAxMTUzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzAxZGUxMGNjYjI1MjBkMjE2NjA4NTBkYTE4NWE2NjhiNWI1MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlItNSdMXF/R9VEVw4I6tnzbDyJaC
/5NMkCBi3wjfrRl/sOca+zf6d+ICqsRZIDjMADoJbXMSaIJe2778+bBOMNFY3IiC
EetnkCrva2PNiXawsYPWwDl9Qr3pCovCd9xUvM7OK7ZnIZzcU0/eLm2U/p7TrObg
TL4J2nQX3xfPXb+xwo1FPLsQdHaCg17YhZ2iQGC1tmugA0FZmhk2iFORNeX5DzT3
VIfsfca+L0j/rLHFwIemgi2eLvELgLXAn3gC2YnrDTovl6nNOn3ymn43t3wfO/tt
oqoK/OuGdRCBEG1gvB5FgKi6feMFqY2RB06FqPBF85G2t1DLFv3OsVfsawIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDwB3hDMslINIWYIUNoYWmaLW1FRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUEFIZUVNeXlVZzBoWmdoUTJoaGFab3RiVVZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdWWAwQA
wmlZAwQA1drkAwQA1dr/MA0GCSqGSIb3DQEBCwUAA4IBAQAjOD08wTITgr+UIEG0
qfJdrGHuR3bhOVYb40R/5N3oOar5lYQysINRooOSG1TFqfYI2Fhy7P+UEiqsjnrh
swZgcqXYhpX/ZXWEdSVWqUxnU1PYMGJsq6XnnR6J71267U/Czv/h4DheJIrf4iwh
b08D4IgVNPDuK+PWPo6p/RUIOLhGZDgu6yRXZ93d2ZGH82D5CN0CIKWbazrDETTq
yIsDu1ch/BAnPiW6HZOpW1Q2hqgTtmJAJvR14E1TSx2LRs6SF7s+aCicNed59PTt
hCPR8dnzcZvv0OkPodhnnY6k2CXK6n+QcMnDC9D5K2zEmt7+pTJr2+IAUxWcAcRm
DL4o
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:56 2025 by rpki-client