Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VPmJzDQ4c5Q2d2l2cDPY_mWjuAU.roa
File: VPmJzDQ4c5Q2d2l2cDPY_mWjuAU.roa (raw, json)
Hash identifier: QOj/SEZHon6DtxY/yjrLbV27OuzFOfAuvMuThTEuBa0=
Subject key identifier: 54:F9:89:CC:34:38:73:94:36:77:69:76:70:33:D8:FE:65:A3:B8:05
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190EABF03BE82336CB3B03B8952004FACCA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VPmJzDQ4c5Q2d2l2cDPY_mWjuAU.roa
Signing time: Thu 25 Jul 2024 16:35:05 +0000
ROA not before: Thu 25 Jul 2024 16:35:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197537
IP address blocks: 89.213.206.0/23 maxlen: 24
194.105.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Sun 28 Jul 2024 17:56:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ea:bf:03:be:82:33:6c:b3:b0:3b:89:52:00:4f:ac:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 25 16:35:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54f989cc34387394367769767033d8fe65a3b805
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:3a:8a:a5:59:1c:30:e3:ae:8c:c2:36:a8:b7:
ea:62:0c:fb:1d:2e:91:d5:e7:c0:bb:c7:66:90:0b:
48:81:48:39:66:8c:9d:f8:e7:16:1e:98:37:b9:44:
15:a3:26:d0:61:3a:ab:60:27:8d:e7:7d:5c:1e:ee:
42:94:01:bf:2f:f1:39:b8:bf:b9:9e:43:2a:cc:e2:
a4:ff:c9:5a:e2:d3:07:b5:fb:31:97:8a:64:57:f0:
9a:63:1a:71:04:21:6e:ea:da:70:5c:23:5e:c8:35:
4f:02:7b:f7:d1:23:cb:36:b0:d4:09:de:15:48:67:
52:94:0a:4d:76:d8:0c:da:05:ee:20:94:13:d7:a8:
e3:21:d2:6b:8a:3b:29:31:cb:e1:32:18:9f:43:bc:
86:66:c8:8d:33:75:c2:b1:23:fb:72:51:6a:bf:02:
82:52:3f:96:22:5f:4d:a6:ab:8c:a7:a9:12:45:a3:
10:77:7a:07:1d:fc:1a:3d:fb:74:e7:68:ff:5d:07:
4e:fb:6d:fa:92:a0:2a:80:c3:57:55:a8:38:36:92:
21:e6:88:06:cd:2b:c4:4e:7d:aa:13:81:13:94:d8:
e1:12:da:d5:20:4c:db:91:a5:4d:1c:80:93:e2:7e:
0f:44:c5:cf:ed:ac:e7:77:54:96:a9:18:2a:d6:96:
5d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:F9:89:CC:34:38:73:94:36:77:69:76:70:33:D8:FE:65:A3:B8:05
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VPmJzDQ4c5Q2d2l2cDPY_mWjuAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.206.0/23
194.105.76.0/22
Signature Algorithm: sha256WithRSAEncryption
79:f2:42:1c:4c:cf:89:c2:0b:9f:3e:32:6c:0d:06:2d:dd:40:
d2:8b:fa:9b:c1:04:a3:90:7a:f2:3f:85:a8:b3:43:29:5b:63:
83:27:a4:14:36:aa:b3:6f:a4:83:d3:51:ac:0c:8d:09:1d:a0:
3c:6d:37:e9:8c:be:7a:a2:86:24:69:42:80:97:71:00:ab:c6:
a1:e9:45:6a:ab:b2:22:b4:db:ce:a0:c8:6a:c3:07:e5:7c:dd:
16:06:66:06:70:12:5b:b3:67:28:00:3f:06:e8:b9:8e:f9:0e:
c2:cb:cf:54:81:ff:cb:08:22:0f:3b:30:b7:1d:a1:b3:bd:ad:
b7:8c:16:d6:c8:24:f8:97:4a:e0:07:36:14:65:70:0b:ab:5d:
88:8b:d0:ce:86:8a:17:68:29:70:72:5d:d3:69:9a:8b:09:c4:
ab:99:fb:1d:94:c6:3c:3c:f1:23:d8:71:3d:ac:02:d6:54:42:
e2:dd:7b:cb:03:c7:e8:75:f1:c5:1e:17:46:52:50:cf:9c:34:
97:69:38:fb:9d:86:19:37:e5:ca:bc:21:69:2c:39:ff:0d:8a:
75:64:93:7a:fb:28:f4:2c:bc:2a:12:5e:04:76:3a:27:25:8c:
86:bc:b3:e0:d5:73:70:bf:4f:d2:76:86:e9:d0:dd:d5:aa:0e:
fc:09:bd:bc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDqvwO+gjNss7A7iVIAT6zKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzI1MTYzNTA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGY5ODljYzM0Mzg3Mzk0MzY3NzY5NzY3MDMzZDhmZTY1YTNiODA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTqKpVkcMOOujMI2qLfqYgz7HS6R
1efAu8dmkAtIgUg5Zoyd+OcWHpg3uUQVoybQYTqrYCeN531cHu5ClAG/L/E5uL+5
nkMqzOKk/8la4tMHtfsxl4pkV/CaYxpxBCFu6tpwXCNeyDVPAnv30SPLNrDUCd4V
SGdSlApNdtgM2gXuIJQT16jjIdJrijspMcvhMhifQ7yGZsiNM3XCsSP7clFqvwKC
Uj+WIl9NpquMp6kSRaMQd3oHHfwaPft052j/XQdO+236kqAqgMNXVag4NpIh5ogG
zSvETn2qE4ETlNjhEtrVIEzbkaVNHICT4n4PRMXP7aznd1SWqRgq1pZdoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFT5icw0OHOUNndpdnAz2P5lo7gFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVlBtSnpEUTRjNVEyZDJsMmNEUFlfbVdqdUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBWdXOAwQC
wmlMMA0GCSqGSIb3DQEBCwUAA4IBAQB58kIcTM+JwgufPjJsDQYt3UDSi/qbwQSj
kHryP4Wos0MpW2ODJ6QUNqqzb6SD01GsDI0JHaA8bTfpjL56ooYkaUKAl3EAq8ah
6UVqq7IitNvOoMhqwwflfN0WBmYGcBJbs2coAD8G6LmO+Q7Cy89Ugf/LCCIPOzC3
HaGzva23jBbWyCT4l0rgBzYUZXALq12Ii9DOhooXaClwcl3TaZqLCcSrmfsdlMY8
PPEj2HE9rALWVELi3XvLA8fodfHFHhdGUlDPnDSXaTj7nYYZN+XKvCFpLDn/DYp1
ZJN6+yj0LLwqEl4EdjonJYyGvLPg1XNwv0/Sdobp0N3Vqg78Cb28
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:01 2025 by rpki-client