Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ToJlZNCjW2rJKp3vdrIx4APEV4c.roa
File: ToJlZNCjW2rJKp3vdrIx4APEV4c.roa (raw, json)
Hash identifier: 8RAbYQ6l9mNqaGgoAK6LFmwBol/WXYD6qzJyKwra6U8=
Subject key identifier: 4E:82:65:64:D0:A3:5B:6A:C9:2A:9D:EF:76:B2:31:E0:03:C4:57:87
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421443AB23BA31A7D563F23293BE872D1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ToJlZNCjW2rJKp3vdrIx4APEV4c.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 272833
IP address blocks: 89.213.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 Jan 2025 11:27:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3a:b2:3b:a3:1a:7d:56:3f:23:29:3b:e8:72:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4e826564d0a35b6ac92a9def76b231e003c45787
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:8f:9d:a6:ac:16:d7:32:f8:26:a3:d9:d2:0a:
24:1f:17:b5:35:c4:d9:a7:78:34:54:91:24:df:55:
ea:d6:4d:e0:7a:dd:82:1e:95:22:9f:8c:79:41:1f:
bf:e2:d0:60:68:61:ed:70:4c:e3:e6:0d:f3:e4:63:
01:e8:47:1d:d9:0a:47:98:10:0b:54:58:5c:85:88:
57:21:5e:e6:6f:06:cb:4d:44:3b:4f:24:7e:80:26:
96:8f:0b:2a:20:6e:e6:9a:7e:ae:39:86:41:77:bc:
e3:39:f4:94:be:aa:7f:c0:20:46:a0:42:e0:75:32:
ab:21:3a:9e:05:1d:37:a3:ac:bd:89:61:1f:25:91:
69:3e:1e:e5:04:e6:53:5a:3f:34:cd:ee:c1:08:2b:
07:e4:ba:b5:37:2b:6d:2d:13:34:76:11:84:28:1a:
49:c6:4d:11:30:8a:56:3e:4d:bd:a0:e8:74:97:a5:
36:0e:c0:51:b1:09:92:1b:d8:ff:be:5e:fe:3f:45:
3b:4a:ef:13:a3:ea:3a:9c:e3:e8:4a:85:db:26:28:
a9:43:29:9b:bc:47:5d:cc:6a:3a:5c:5c:dd:00:00:
ed:32:c6:0f:c1:a3:e6:f3:b2:0f:f9:88:01:f3:e5:
11:ff:67:ec:21:42:4e:b4:15:55:31:a9:36:9d:2d:
10:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:82:65:64:D0:A3:5B:6A:C9:2A:9D:EF:76:B2:31:E0:03:C4:57:87
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ToJlZNCjW2rJKp3vdrIx4APEV4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.159.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:12:99:8b:92:e9:66:53:ff:ee:f0:89:24:00:8d:ee:7b:04:
be:73:53:7c:6c:01:13:c1:2b:34:ce:86:5f:03:29:59:eb:a9:
b9:da:c6:d6:06:9e:fd:7c:80:55:87:e1:f3:99:7d:1a:53:fc:
d5:63:71:0b:ab:55:85:fa:cf:05:4f:7d:b7:a6:b5:f1:74:be:
da:39:c4:e4:29:cc:d0:1d:1d:13:ad:ef:c9:97:3f:39:0c:d3:
af:58:45:b7:c4:03:15:ce:38:d0:d6:57:3a:80:d7:e8:5e:f0:
0e:53:f3:26:20:de:29:ad:3f:51:16:4d:bb:1d:0f:f4:c8:1a:
72:0a:16:95:b5:b9:b5:0d:ae:53:33:9a:7e:d7:28:5b:1c:15:
d1:e1:6c:b7:57:22:26:e5:27:5d:3d:93:30:28:55:67:ac:a1:
3d:ab:cd:5d:3a:5d:5b:37:71:b2:5b:72:a0:9f:66:b8:b9:95:
41:fa:84:cc:6b:a5:ab:25:ba:cf:78:1d:9a:0f:7f:8c:68:5e:
76:94:7c:dc:05:47:45:b2:a9:ce:ae:6d:72:6f:19:32:67:ec:
ed:fa:fa:69:64:69:b1:01:aa:87:22:4e:a6:71:1b:3b:e7:43:
21:da:45:26:80:ff:06:31:7c:05:c3:86:fb:d2:cf:e2:c4:6c:
8a:c9:ad:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDqyO6MafVY/Iyk76HLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTgyNjU2NGQwYTM1YjZhYzkyYTlkZWY3NmIyMzFlMDAzYzQ1Nzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtY+dpqwW1zL4JqPZ0gokHxe1NcTZ
p3g0VJEk31Xq1k3get2CHpUin4x5QR+/4tBgaGHtcEzj5g3z5GMB6Ecd2QpHmBAL
VFhchYhXIV7mbwbLTUQ7TyR+gCaWjwsqIG7mmn6uOYZBd7zjOfSUvqp/wCBGoELg
dTKrITqeBR03o6y9iWEfJZFpPh7lBOZTWj80ze7BCCsH5Lq1NyttLRM0dhGEKBpJ
xk0RMIpWPk29oOh0l6U2DsBRsQmSG9j/vl7+P0U7Su8To+o6nOPoSoXbJiipQymb
vEddzGo6XFzdAADtMsYPwaPm87IP+YgB8+UR/2fsIUJOtBVVMak2nS0QOwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6CZWTQo1tqySqd73ayMeADxFeHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVG9KbFpOQ2pXMnJKS3AzdmRySXg0QVBFVjRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWfMA0G
CSqGSIb3DQEBCwUAA4IBAQCbEpmLkulmU//u8IkkAI3uewS+c1N8bAETwSs0zoZf
AylZ66m52sbWBp79fIBVh+HzmX0aU/zVY3ELq1WF+s8FT323prXxdL7aOcTkKczQ
HR0Tre/Jlz85DNOvWEW3xAMVzjjQ1lc6gNfoXvAOU/MmIN4prT9RFk27HQ/0yBpy
ChaVtbm1Da5TM5p+1yhbHBXR4Wy3VyIm5SddPZMwKFVnrKE9q81dOl1bN3GyW3Kg
n2a4uZVB+oTMa6WrJbrPeB2aD3+MaF52lHzcBUdFsqnOrm1ybxkyZ+zt+vppZGmx
AaqHIk6mcRs750Mh2kUmgP8GMXwFw4b70s/ixGyKya0r
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:56 2025 by rpki-client