Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa
File: Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa (raw, json)
Hash identifier: XgS12TE7amRHjo8nv8AHQEpyj3U0MXz0yz6JH8a6fkY=
Subject key identifier: 3E:0E:44:2E:C5:7C:27:D2:0A:CF:3B:F4:55:55:DF:E5:80:AA:CA:C9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E8AB86931248E9EE98C0E79418FB91AD0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa
Signing time: Fri 29 Mar 2024 14:58:45 +0000
ROA not before: Fri 29 Mar 2024 14:58:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16125
IP address blocks: 89.213.254.0/23 maxlen: 32
Validation: Failed, certificate revoked on Fri 29 Mar 2024 16:34:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:8a:b8:69:31:24:8e:9e:e9:8c:0e:79:41:8f:b9:1a:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 29 14:58:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3e0e442ec57c27d20acf3bf45555dfe580aacac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:e8:ee:4d:b2:fc:2f:74:ca:d0:2f:d8:33:74:
4a:a9:80:33:cc:e4:dc:78:c5:13:5d:94:ce:7f:1f:
12:2c:75:0c:cc:5e:df:2d:2d:f5:19:b1:e5:f1:a8:
48:22:85:fe:19:30:4a:2b:e9:a5:9a:3b:25:ee:ca:
29:3e:0e:c7:22:2c:23:64:38:93:a7:d1:42:8c:c5:
af:01:b7:b4:37:3c:66:9f:37:e0:61:bd:8f:df:89:
cc:9c:8c:13:f6:02:b4:62:9f:b1:27:2d:8c:d6:96:
96:4a:e6:bd:ec:71:2a:77:40:25:9d:7b:0f:14:0b:
18:dc:52:80:56:f9:77:4b:5a:84:e4:4f:0d:78:e0:
80:b1:32:50:7e:6d:4f:74:cc:e1:db:b2:bc:97:ce:
a7:2e:03:18:4c:a0:36:de:20:04:3c:44:a9:59:49:
fb:de:f9:fa:55:d7:a1:31:ac:3a:7d:9e:49:1b:8e:
78:d4:ef:b1:8b:e1:4d:61:ce:a6:1c:0f:dd:73:d2:
b2:f4:fc:a5:0d:9f:a8:6d:7a:9b:1c:c8:79:d4:a1:
bb:37:ab:4c:18:4e:87:bb:eb:e4:d4:80:06:78:bf:
70:c0:40:92:2e:96:9e:75:80:3d:e3:d6:de:63:34:
4d:67:34:70:38:32:ba:2d:1f:08:78:25:65:00:6f:
e1:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:0E:44:2E:C5:7C:27:D2:0A:CF:3B:F4:55:55:DF:E5:80:AA:CA:C9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Pg5ELsV8J9IKzzv0VVXf5YCqysk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.254.0/23
Signature Algorithm: sha256WithRSAEncryption
3a:4a:96:fc:b2:97:e7:d6:72:59:44:18:4b:d1:61:55:80:f7:
1e:3e:96:5f:01:37:48:d0:41:ce:4f:c0:0e:4c:26:03:42:e0:
76:b5:8f:7b:1b:77:b4:a9:3e:be:ed:d9:4b:82:37:0b:71:76:
72:e0:96:25:2e:bb:76:ae:81:89:c1:55:3c:17:a5:e1:57:83:
32:94:8d:c9:2f:39:cf:23:ea:98:fc:0b:97:70:72:7f:8d:73:
b4:0d:35:91:15:12:9d:a1:b1:e3:cc:54:27:d6:04:9d:a5:77:
4f:34:19:ed:cc:8d:b1:7e:48:40:6e:7f:0b:28:32:79:68:b3:
a7:2f:e0:00:40:d9:88:34:7f:f6:57:72:96:10:7c:54:27:eb:
1a:4d:bb:88:71:28:75:d9:c1:a3:fb:53:23:3d:59:ce:49:9e:
e7:30:d7:39:9d:bf:e6:06:8e:b6:62:82:45:ff:8b:7d:da:06:
04:07:25:e0:d0:75:b2:8a:7a:23:83:76:41:3a:c9:34:6c:ea:
f5:ed:94:99:c6:8b:29:91:23:dc:80:2f:7e:e5:c3:a7:40:66:
2b:a3:35:6f:77:95:cf:32:b0:83:6a:49:76:1f:e1:da:9b:44:
a5:8f:c9:ae:99:9b:5b:69:a8:52:6b:02:2d:f2:58:7e:f3:4f:
fd:55:9d:8a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6KuGkxJI6e6YwOeUGPuRrQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI5MTQ1ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTBlNDQyZWM1N2MyN2QyMGFjZjNiZjQ1NTU1ZGZlNTgwYWFjYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhujuTbL8L3TK0C/YM3RKqYAzzOTc
eMUTXZTOfx8SLHUMzF7fLS31GbHl8ahIIoX+GTBKK+mlmjsl7sopPg7HIiwjZDiT
p9FCjMWvAbe0NzxmnzfgYb2P34nMnIwT9gK0Yp+xJy2M1paWSua97HEqd0AlnXsP
FAsY3FKAVvl3S1qE5E8NeOCAsTJQfm1PdMzh27K8l86nLgMYTKA23iAEPESpWUn7
3vn6VdehMaw6fZ5JG4541O+xi+FNYc6mHA/dc9Ky9PylDZ+obXqbHMh51KG7N6tM
GE6Hu+vk1IAGeL9wwECSLpaedYA949beYzRNZzRwODK6LR8IeCVlAG/hZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD4ORC7FfCfSCs879FVV3+WAqsrJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUGc1RUxzVjhKOUlLenp2MFZWWGY1WUNxeXNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWdX+MA0G
CSqGSIb3DQEBCwUAA4IBAQA6Spb8spfn1nJZRBhL0WFVgPcePpZfATdI0EHOT8AO
TCYDQuB2tY97G3e0qT6+7dlLgjcLcXZy4JYlLrt2roGJwVU8F6XhV4MylI3JLznP
I+qY/AuXcHJ/jXO0DTWRFRKdobHjzFQn1gSdpXdPNBntzI2xfkhAbn8LKDJ5aLOn
L+AAQNmINH/2V3KWEHxUJ+saTbuIcSh12cGj+1MjPVnOSZ7nMNc5nb/mBo62YoJF
/4t92gYEByXg0HWyinojg3ZBOsk0bOr17ZSZxospkSPcgC9+5cOnQGYrozVvd5XP
MrCDakl2H+Ham0Slj8mumZtbaahSawIt8lh+80/9VZ2K
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:43 2025 by rpki-client