
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U9Ew5OXNOrAZTmwpE21Xxux8ORA.roa
File: U9Ew5OXNOrAZTmwpE21Xxux8ORA.roa (raw, json)
Hash identifier: uorv3y/8L99Xzg+7MFd5/oYYcKThjpDiIDJzI80EB8s=
Subject key identifier: 53:D1:30:E4:E5:CD:3A:B0:19:4E:6C:29:13:6D:57:C6:EC:7C:39:10
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143EEEF62FB7D1F1559B87C47DAF7EB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U9Ew5OXNOrAZTmwpE21Xxux8ORA.roa
Signing time: Wed 01 Jan 2025 09:48:07 +0000
ROA not before: Wed 01 Jan 2025 09:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60504
IP address blocks: 89.213.0.0/22 maxlen: 24
89.213.215.0/24 maxlen: 24
213.130.140.0/22 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 Jan 2025 14:43:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ee:ef:62:fb:7d:1f:15:59:b8:7c:47:da:f7:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53d130e4e5cd3ab0194e6c29136d57c6ec7c3910
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:16:0b:ed:49:a6:57:3b:c5:2f:b5:ea:bb:64:
c5:17:ec:e0:36:bd:94:52:ef:79:cd:a0:ee:d8:f1:
aa:cb:fd:10:7f:3e:df:44:6b:57:8c:21:90:ef:0e:
65:9d:82:f6:70:59:4f:27:be:e5:81:0e:09:ae:fd:
04:4a:1b:03:7a:c6:7d:ea:6f:9a:8b:40:70:24:b7:
e1:ea:57:a4:04:36:1f:10:f7:8b:28:66:a3:bd:9b:
c5:6c:2b:d1:ff:e5:8b:27:11:5d:95:fc:9c:fd:56:
19:f5:e8:8e:9d:9f:d6:ec:3e:1e:e8:47:d3:c0:d6:
26:8a:75:76:59:53:da:37:9f:42:34:0a:fc:6d:7b:
72:c5:5b:4e:50:db:a2:9a:53:fd:bf:2b:51:77:93:
22:b0:d5:54:8e:f7:64:42:26:f8:ff:d4:57:b9:b3:
c7:cf:e8:b2:42:06:76:0e:20:8d:64:f3:79:bf:8e:
28:e6:13:2b:e5:fd:d2:72:4f:b0:40:f3:a7:1a:af:
ab:52:d4:26:cf:7c:67:48:94:94:50:8d:40:ea:00:
87:2a:2e:34:da:46:7f:5a:67:e1:ed:b9:2e:0c:27:
87:92:3c:bd:fb:e7:f8:8d:44:d0:b3:82:07:59:7b:
43:2c:2a:b5:31:7d:05:da:bd:1e:cd:3c:90:bb:e4:
b3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:D1:30:E4:E5:CD:3A:B0:19:4E:6C:29:13:6D:57:C6:EC:7C:39:10
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/U9Ew5OXNOrAZTmwpE21Xxux8ORA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.0.0/22
89.213.215.0/24
213.130.140.0/22
Signature Algorithm: sha256WithRSAEncryption
82:91:04:00:e3:88:8e:36:25:82:df:39:fe:4e:4b:14:ba:13:
a2:80:27:48:bc:7f:5f:af:68:33:c1:11:b9:df:30:3b:89:7e:
12:19:c4:03:25:a4:39:7d:2c:af:6b:a4:5e:31:c5:92:43:08:
a1:4c:43:a3:e1:6d:19:eb:82:77:df:88:5a:57:cd:ca:1d:8c:
83:cd:78:27:ab:4d:47:3e:02:d6:0a:ef:61:28:e3:f0:56:02:
49:cd:a5:47:ac:c6:04:5d:08:fd:c6:8a:bf:8f:d2:18:93:d9:
37:15:fd:38:1a:ee:a3:54:ee:71:47:3f:fb:f8:69:46:3f:bb:
2d:01:ac:c1:31:94:05:72:b8:6f:c5:10:2e:b7:08:52:ca:8e:
96:8f:a1:5a:03:d6:70:b0:87:91:02:90:37:ec:41:be:fa:ce:
c5:bb:24:dd:2b:7f:ee:85:80:81:5e:96:95:00:e8:d8:bd:fb:
ac:78:52:ef:20:55:40:be:ef:c1:1c:3c:83:5a:28:3a:dd:15:
65:b2:14:07:1e:90:24:fa:59:b1:7e:f0:49:77:03:1f:49:0b:
17:5f:9e:93:8c:14:be:9a:a6:2a:ce:87:a4:6e:a6:3d:00:49:
2d:59:4a:69:01:3d:9e:62:5c:b7:c5:12:a0:ef:fc:d1:9a:b4:
de:81:c2:6a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhQ+7vYvt9HxVZuHxH2vfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2QxMzBlNGU1Y2QzYWIwMTk0ZTZjMjkxMzZkNTdjNmVjN2MzOTEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBYL7UmmVzvFL7Xqu2TFF+zgNr2U
Uu95zaDu2PGqy/0Qfz7fRGtXjCGQ7w5lnYL2cFlPJ77lgQ4Jrv0EShsDesZ96m+a
i0BwJLfh6lekBDYfEPeLKGajvZvFbCvR/+WLJxFdlfyc/VYZ9eiOnZ/W7D4e6EfT
wNYminV2WVPaN59CNAr8bXtyxVtOUNuimlP9vytRd5MisNVUjvdkQib4/9RXubPH
z+iyQgZ2DiCNZPN5v44o5hMr5f3Sck+wQPOnGq+rUtQmz3xnSJSUUI1A6gCHKi40
2kZ/Wmfh7bkuDCeHkjy9++f4jUTQs4IHWXtDLCq1MX0F2r0ezTyQu+SzdwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFPRMOTlzTqwGU5sKRNtV8bsfDkQMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVTlFdzVPWE5PckFaVG13cEUyMVh4dXg4T1JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWdUAAwQA
WdXXAwQC1YKMMA0GCSqGSIb3DQEBCwUAA4IBAQCCkQQA44iONiWC3zn+TksUuhOi
gCdIvH9fr2gzwRG53zA7iX4SGcQDJaQ5fSyva6ReMcWSQwihTEOj4W0Z64J334ha
V83KHYyDzXgnq01HPgLWCu9hKOPwVgJJzaVHrMYEXQj9xoq/j9IYk9k3Ff04Gu6j
VO5xRz/7+GlGP7stAazBMZQFcrhvxRAutwhSyo6Wj6FaA9ZwsIeRApA37EG++s7F
uyTdK3/uhYCBXpaVAOjYvfuseFLvIFVAvu/BHDyDWig63RVlshQHHpAk+lmxfvBJ
dwMfSQsXX56TjBS+mqYqzoekbqY9AEktWUppAT2eYly3xRKg7/zRmrTegcJq
-----END CERTIFICATE-----
Generated at Thu Feb 13 15:32:31 2025 by rpki-client