Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VTzYlqoclONJJ7Pifodqs03cmNU.roa
File: VTzYlqoclONJJ7Pifodqs03cmNU.roa (raw, json)
Hash identifier: LlO4eH/QhbmWilX8yxt7/BF+VtZtIcEspGS0irrFypk=
Subject key identifier: 55:3C:D8:96:AA:1C:94:E3:49:27:B3:E2:7E:87:6A:B3:4D:DC:98:D5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D560143DCE02C3BAF9E0AA35AD50A98BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VTzYlqoclONJJ7Pifodqs03cmNU.roa
Signing time: Mon 29 Jan 2024 16:15:39 +0000
ROA not before: Mon 29 Jan 2024 16:15:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216075
IP address blocks: 89.213.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 05 Mar 2024 09:53:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:56:01:43:dc:e0:2c:3b:af:9e:0a:a3:5a:d5:0a:98:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 29 16:15:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=553cd896aa1c94e34927b3e27e876ab34ddc98d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:58:62:0f:92:20:d8:e0:3b:2a:19:59:52:94:
7e:2a:2f:d2:d4:c5:d5:b6:32:47:be:cd:55:13:5f:
d4:28:45:1c:23:0b:bc:c8:9e:82:c0:84:8b:f9:a1:
2d:9f:d3:00:f4:cb:58:08:d7:cd:3c:c0:d6:3f:55:
b5:bd:05:0a:4b:7e:15:4e:f2:c8:7c:7b:7e:bb:f7:
aa:89:f7:05:c6:2b:aa:da:2e:e3:6c:20:0c:bb:c0:
36:ce:e5:30:0a:b1:45:01:e4:ed:e6:4e:2d:87:74:
bc:c5:0b:c1:7e:16:05:2d:e8:97:c4:f1:a4:45:2a:
ba:57:a0:5b:b7:5a:87:c3:19:da:53:de:43:e5:b4:
c2:6e:2b:88:10:fa:75:0e:e5:0d:58:0a:ab:0a:fe:
de:e4:a7:b0:49:92:26:c7:c5:c4:06:a0:46:5b:a3:
a7:c2:95:f8:1e:a9:19:fd:01:90:53:1b:88:61:fd:
a6:39:da:6d:67:18:c3:1e:28:bc:d9:4d:37:87:ca:
c4:0c:3b:5a:c7:c4:c0:98:97:89:b6:00:ef:c2:0d:
18:8f:bc:46:d6:64:27:25:90:c6:5b:c6:fa:15:e8:
8f:5e:e4:dc:1d:d3:71:4b:01:65:62:1b:ff:4e:c4:
a6:27:8f:88:fb:fc:92:20:ba:08:53:e8:ea:94:13:
16:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:3C:D8:96:AA:1C:94:E3:49:27:B3:E2:7E:87:6A:B3:4D:DC:98:D5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VTzYlqoclONJJ7Pifodqs03cmNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.140.0/24
Signature Algorithm: sha256WithRSAEncryption
44:83:2f:b3:5c:7b:9d:77:b4:f3:e2:95:3a:e1:b2:cd:bb:73:
dc:bb:bb:a3:06:6b:81:41:a9:3d:8e:26:13:50:c0:e1:76:b3:
d6:03:bc:3a:55:32:16:9a:85:d3:c5:ca:86:90:1b:6d:0f:cf:
1b:9d:cb:dc:e6:f2:c2:ef:ef:36:03:85:ff:d3:4f:c0:a8:68:
ba:c2:3b:78:57:8f:9b:df:11:8d:f1:a0:5e:9a:f1:43:04:92:
30:0b:d8:24:c1:97:31:9e:da:ba:2d:4d:7e:4b:b0:a2:fe:e8:
10:3e:c0:ea:00:b8:2d:3d:b2:e8:11:68:48:09:4d:50:78:e2:
51:41:d4:61:36:12:4a:50:94:f8:35:de:f4:72:3d:7b:3e:f6:
34:f2:ea:ee:e6:0b:ea:8b:b4:53:36:fb:40:1f:ca:b5:38:13:
79:fa:22:d3:95:10:e5:19:fb:77:ed:28:11:32:09:6f:93:15:
e2:9a:09:7b:1c:e4:6a:b8:31:a4:8a:f1:21:b2:b5:be:cf:50:
ab:13:d4:29:34:41:55:0d:2c:cd:2b:a2:c3:e1:97:f2:c4:c3:
aa:fe:72:c5:1b:4d:89:33:79:58:fa:78:0e:32:8c:89:98:6b:
4c:88:b4:c8:7a:58:78:14:7a:47:9f:60:a4:50:c7:bd:e5:9d:
d0:53:32:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1WAUPc4Cw7r54Ko1rVCpi+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTI5MTYxNTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NTNjZDg5NmFhMWM5NGUzNDkyN2IzZTI3ZTg3NmFiMzRkZGM5OGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklhiD5Ig2OA7KhlZUpR+Ki/S1MXV
tjJHvs1VE1/UKEUcIwu8yJ6CwISL+aEtn9MA9MtYCNfNPMDWP1W1vQUKS34VTvLI
fHt+u/eqifcFxiuq2i7jbCAMu8A2zuUwCrFFAeTt5k4th3S8xQvBfhYFLeiXxPGk
RSq6V6Bbt1qHwxnaU95D5bTCbiuIEPp1DuUNWAqrCv7e5KewSZImx8XEBqBGW6On
wpX4HqkZ/QGQUxuIYf2mOdptZxjDHii82U03h8rEDDtax8TAmJeJtgDvwg0Yj7xG
1mQnJZDGW8b6FeiPXuTcHdNxSwFlYhv/TsSmJ4+I+/ySILoIU+jqlBMWbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFFU82JaqHJTjSSez4n6HarNN3JjVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVlR6WWxxb2NsT05KSjdQaWZvZHFzMDNjbU5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWMMA0G
CSqGSIb3DQEBCwUAA4IBAQBEgy+zXHudd7Tz4pU64bLNu3Pcu7ujBmuBQak9jiYT
UMDhdrPWA7w6VTIWmoXTxcqGkBttD88bncvc5vLC7+82A4X/00/AqGi6wjt4V4+b
3xGN8aBemvFDBJIwC9gkwZcxntq6LU1+S7Ci/ugQPsDqALgtPbLoEWhICU1QeOJR
QdRhNhJKUJT4Nd70cj17PvY08uru5gvqi7RTNvtAH8q1OBN5+iLTlRDlGft37SgR
MglvkxXimgl7HORquDGkivEhsrW+z1CrE9QpNEFVDSzNK6LD4ZfyxMOq/nLFG02J
M3lY+ngOMoyJmGtMiLTIelh4FHpHn2CkUMe95Z3QUzIB
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:31 2025 by rpki-client