Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PmxUTTtJSBn8Z5FRnNONz7eBA_w.roa
File: PmxUTTtJSBn8Z5FRnNONz7eBA_w.roa (raw, json)
Hash identifier: qbclu9oL4w2yjqLypcpKzJ+jY+p1ryyWzkwN7Zxdt8c=
Subject key identifier: 3E:6C:54:4D:3B:49:48:19:FC:67:91:51:9C:D3:8D:CF:B7:81:03:FC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0195376AD492521132E441B98E795E6772BC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PmxUTTtJSBn8Z5FRnNONz7eBA_w.roa
Signing time: Mon 24 Feb 2025 10:05:02 +0000
ROA not before: Mon 24 Feb 2025 10:05:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152368
IP address blocks: 89.213.45.0/24 maxlen: 24
89.213.127.0/24 maxlen: 24
89.213.160.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 26 Feb 2025 13:32:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:37:6a:d4:92:52:11:32:e4:41:b9:8e:79:5e:67:72:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 24 10:05:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e6c544d3b494819fc6791519cd38dcfb78103fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:f9:11:ba:41:fe:6b:c8:88:9e:5a:8b:9d:bc:
ad:93:62:9e:bf:b4:b9:7f:d1:9d:ce:b6:9d:94:7e:
5f:da:98:13:ce:99:50:9d:0a:24:34:01:e4:a5:7e:
1f:2b:d9:34:fb:02:81:d3:3c:e3:60:9b:f1:d9:02:
33:b7:90:b0:00:e6:89:aa:3c:b9:2d:95:75:74:d8:
45:bd:f6:53:f7:35:7d:de:36:61:9d:f7:ee:52:e4:
9e:85:6d:0f:fc:2d:90:d0:1a:d4:c8:6d:5b:c7:55:
b9:67:7b:bd:c6:53:27:69:18:e7:e7:77:3d:f5:c9:
05:82:a8:31:01:f2:35:d7:1b:18:ce:9f:90:dd:48:
f1:23:95:78:0a:dd:55:c3:c8:f7:bd:f2:a6:30:24:
67:a1:6b:38:11:6e:c0:95:f2:53:82:a8:9c:77:1d:
f8:ec:3c:e3:61:7e:8d:a4:72:2a:e3:bb:5e:8c:07:
9c:90:d0:ee:ab:8a:0b:00:4a:10:da:cf:f2:4b:ea:
35:6a:77:56:d8:85:26:ef:a6:61:27:e5:b0:8b:5d:
c7:dd:f2:45:e6:4d:c8:b2:66:06:6f:1a:1b:7f:6e:
80:ad:4b:4c:88:b2:fd:ad:6c:8a:28:f9:8a:f0:cf:
90:dd:ce:ea:26:c0:5b:7b:fb:96:98:ba:69:67:1d:
09:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:6C:54:4D:3B:49:48:19:FC:67:91:51:9C:D3:8D:CF:B7:81:03:FC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/PmxUTTtJSBn8Z5FRnNONz7eBA_w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.45.0/24
89.213.127.0/24
89.213.160.0/24
Signature Algorithm: sha256WithRSAEncryption
29:63:e0:f7:c8:5f:f0:87:65:ea:a7:e4:21:c4:95:8e:23:17:
12:27:4d:19:36:0c:f0:c6:03:d7:34:47:33:50:eb:a7:c6:b3:
3d:2b:7a:12:e4:14:9c:7e:fd:56:55:bf:29:94:f6:65:09:f8:
6c:f6:4d:3a:85:4b:28:0f:73:06:97:36:a1:d0:62:7f:ff:cd:
65:5a:c2:3a:54:8f:5d:48:03:e7:72:ed:c4:80:31:25:b4:04:
80:e8:55:92:cd:6d:a9:6c:32:e8:ed:83:eb:84:50:e1:b1:28:
85:9e:fd:3e:e8:7b:3a:e5:05:5e:15:90:ee:d1:5a:63:61:f6:
53:d4:96:e6:85:6f:ac:d5:ff:35:be:39:d2:99:af:90:02:2b:
63:22:78:b0:13:b8:d3:f7:ae:d9:20:71:f4:53:21:55:a9:0f:
51:75:91:62:9d:f9:f9:d2:9c:39:99:ce:c6:d5:6b:57:57:10:
b4:90:55:bf:0e:c1:c3:2b:fa:ec:59:a5:fc:4f:c7:bf:be:f7:
8d:dd:03:49:60:04:db:c6:bb:15:34:2d:97:bf:aa:a6:39:38:
d1:10:e2:a3:54:cb:7d:e4:f5:7c:7d:22:33:99:ef:41:9d:ba:
ae:41:50:70:7b:05:1e:82:0f:a6:f2:42:90:9d:1d:c2:6e:a7:
b8:04:63:21
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZU3atSSUhEy5EG5jnleZ3K8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjI0MTAwNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTZjNTQ0ZDNiNDk0ODE5ZmM2NzkxNTE5Y2QzOGRjZmI3ODEwM2ZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyvkRukH+a8iInlqLnbytk2Kev7S5
f9GdzradlH5f2pgTzplQnQokNAHkpX4fK9k0+wKB0zzjYJvx2QIzt5CwAOaJqjy5
LZV1dNhFvfZT9zV93jZhnffuUuSehW0P/C2Q0BrUyG1bx1W5Z3u9xlMnaRjn53c9
9ckFgqgxAfI11xsYzp+Q3UjxI5V4Ct1Vw8j3vfKmMCRnoWs4EW7AlfJTgqicdx34
7DzjYX6NpHIq47tejAeckNDuq4oLAEoQ2s/yS+o1andW2IUm76ZhJ+Wwi13H3fJF
5k3IsmYGbxobf26ArUtMiLL9rWyKKPmK8M+Q3c7qJsBbe/uWmLppZx0JuQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFD5sVE07SUgZ/GeRUZzTjc+3gQP8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUG14VVRUdEpTQm44WjVGUm5OT056N2VCQV93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdUtAwQA
WdV/AwQAWdWgMA0GCSqGSIb3DQEBCwUAA4IBAQApY+D3yF/wh2Xqp+QhxJWOIxcS
J00ZNgzwxgPXNEczUOunxrM9K3oS5BScfv1WVb8plPZlCfhs9k06hUsoD3MGlzah
0GJ//81lWsI6VI9dSAPncu3EgDEltASA6FWSzW2pbDLo7YPrhFDhsSiFnv0+6Hs6
5QVeFZDu0VpjYfZT1JbmhW+s1f81vjnSma+QAitjIniwE7jT967ZIHH0UyFVqQ9R
dZFinfn50pw5mc7G1WtXVxC0kFW/DsHDK/rsWaX8T8e/vveN3QNJYATbxrsVNC2X
v6qmOTjREOKjVMt95PV8fSIzme9BnbquQVBwewUegg+m8kKQnR3Cbqe4BGMh
-----END CERTIFICATE-----
Generated at Sun Apr 13 05:27:35 2025 by rpki-client