Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VeQ7bspyEoXtu2i9c-n2TY-sOH0.roa
File: VeQ7bspyEoXtu2i9c-n2TY-sOH0.roa (raw, json)
Hash identifier: xicCkAyEJ64E31Z6fmjbX2Rf3G/B6Jb6WYKKnzuq3Rs=
Subject key identifier: 55:E4:3B:6E:CA:72:12:85:ED:BB:68:BD:73:E9:F6:4D:8F:AC:38:7D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019378FAEB71E695C70376909FE9BD19290B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VeQ7bspyEoXtu2i9c-n2TY-sOH0.roa
Signing time: Fri 29 Nov 2024 17:32:10 +0000
ROA not before: Fri 29 Nov 2024 17:32:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 89.213.173.0/24 maxlen: 24
109.176.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 06 Dec 2024 09:11:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:78:fa:eb:71:e6:95:c7:03:76:90:9f:e9:bd:19:29:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 29 17:32:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=55e43b6eca721285edbb68bd73e9f64d8fac387d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:24:cb:6d:c4:96:27:ea:9e:21:98:21:c9:a9:
c6:98:af:8b:48:37:a6:f0:9c:3b:ea:1d:ff:c6:4b:
8f:97:b7:45:2b:18:bc:62:77:ce:88:39:c9:2e:50:
98:b1:aa:46:3c:d4:8a:81:06:ce:01:15:25:19:99:
3f:b0:de:e8:4f:e5:25:89:cd:58:ad:90:6b:3f:64:
fe:53:4d:82:c6:5e:7e:0d:6b:5a:26:6d:44:a4:cb:
79:60:54:2c:5f:ab:a8:5c:55:26:a1:a4:9e:97:1b:
26:9f:53:e6:dc:cd:04:07:2c:77:33:b7:04:49:63:
97:c8:51:a2:65:68:22:1b:9c:d8:8f:79:01:36:96:
9b:a2:a1:80:5d:22:1f:b1:bf:14:c8:28:9e:fe:f5:
87:c0:7a:e0:5e:6a:16:6b:6b:88:b6:cb:1d:00:e1:
a3:a2:e9:ba:60:1b:23:44:23:00:f4:9e:f1:26:98:
e4:1d:60:0a:be:be:cb:d6:db:c5:12:02:01:45:42:
f6:46:c0:82:29:13:2f:5f:c9:66:89:20:04:b1:e4:
b5:8e:59:fe:3c:83:d2:21:0f:58:10:ff:45:cf:7a:
9a:7e:c8:e9:46:9c:e8:64:43:29:df:23:b7:f1:1c:
9a:22:c6:69:37:31:97:7d:aa:13:15:e0:a8:99:98:
14:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:E4:3B:6E:CA:72:12:85:ED:BB:68:BD:73:E9:F6:4D:8F:AC:38:7D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/VeQ7bspyEoXtu2i9c-n2TY-sOH0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.173.0/24
109.176.18.0/24
Signature Algorithm: sha256WithRSAEncryption
42:89:ea:e9:e9:c1:95:86:84:6c:ee:90:c7:b5:2e:73:5c:9c:
7e:06:ff:cf:cd:5f:82:51:05:25:9e:01:22:0d:87:78:70:1b:
53:a1:ae:07:c3:1a:fd:35:c6:c3:66:70:aa:de:4c:57:19:74:
5c:fa:c7:06:c1:40:d9:45:70:9e:34:d9:f5:48:7a:4f:a2:4e:
dd:dc:fa:8b:01:52:5c:f5:9c:79:35:3e:34:7d:a2:8e:48:9a:
77:02:eb:72:93:b0:c7:ef:27:a3:d6:15:c7:82:19:2a:47:35:
43:49:34:c5:c9:3b:bb:03:d2:7b:fb:6f:f9:0a:ee:a6:52:08:
45:37:33:99:ec:4b:7b:32:a2:b4:16:ca:2b:82:1d:27:10:87:
ed:c2:30:8a:53:2f:27:d1:21:e7:17:e2:79:e3:cd:6a:34:cf:
35:6e:c1:1d:f6:77:16:3a:c9:3c:d9:12:32:ad:3c:80:c2:eb:
f9:d9:85:12:ba:69:9a:d7:6c:17:d4:40:a8:a2:19:5c:f9:08:
4d:ee:c3:3f:4a:65:bb:f9:af:59:85:51:8e:2b:36:a4:ab:73:
8b:29:94:ad:46:de:97:48:01:90:ea:7b:76:80:a2:57:24:56:
d4:81:62:31:2b:47:e0:b1:fd:cd:4f:b9:f4:78:1d:05:e9:00:
f5:01:6d:e4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZN4+utx5pXHA3aQn+m9GSkLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMTI5MTczMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWU0M2I2ZWNhNzIxMjg1ZWRiYjY4YmQ3M2U5ZjY0ZDhmYWMzODdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuiTLbcSWJ+qeIZghyanGmK+LSDem
8Jw76h3/xkuPl7dFKxi8YnfOiDnJLlCYsapGPNSKgQbOARUlGZk/sN7oT+Ulic1Y
rZBrP2T+U02Cxl5+DWtaJm1EpMt5YFQsX6uoXFUmoaSelxsmn1Pm3M0EByx3M7cE
SWOXyFGiZWgiG5zYj3kBNpaboqGAXSIfsb8UyCie/vWHwHrgXmoWa2uItssdAOGj
oum6YBsjRCMA9J7xJpjkHWAKvr7L1tvFEgIBRUL2RsCCKRMvX8lmiSAEseS1jln+
PIPSIQ9YEP9Fz3qafsjpRpzoZEMp3yO38RyaIsZpNzGXfaoTFeComZgUNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFXkO27KchKF7btovXPp9k2PrDh9MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVmVRN2JzcHlFb1h0dTJpOWMtbjJUWS1zT0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWtAwQA
bbASMA0GCSqGSIb3DQEBCwUAA4IBAQBCierp6cGVhoRs7pDHtS5zXJx+Bv/PzV+C
UQUlngEiDYd4cBtToa4Hwxr9NcbDZnCq3kxXGXRc+scGwUDZRXCeNNn1SHpPok7d
3PqLAVJc9Zx5NT40faKOSJp3Autyk7DH7yej1hXHghkqRzVDSTTFyTu7A9J7+2/5
Cu6mUghFNzOZ7Et7MqK0Fsorgh0nEIftwjCKUy8n0SHnF+J5481qNM81bsEd9ncW
Osk82RIyrTyAwuv52YUSumma12wX1ECoohlc+QhN7sM/SmW7+a9ZhVGOKzakq3OL
KZStRt6XSAGQ6nt2gKJXJFbUgWIxK0fgsf3NT7n0eB0F6QD1AW3k
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:13 2025 by rpki-client