Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XmI5er4gJTngmtS1f1gbPb5sJlY.roa
File: XmI5er4gJTngmtS1f1gbPb5sJlY.roa (raw, json)
Hash identifier: cDILjo8Z9F1AO3Wx1Q+pLMP+bxSym0e07u2vfSjNlKs=
Subject key identifier: 5E:62:39:7A:BE:20:25:39:E0:9A:D4:B5:7F:58:1B:3D:BE:6C:26:56
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191ADDCA0335CEC88E9E4BE928E80B6394D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XmI5er4gJTngmtS1f1gbPb5sJlY.roa
Signing time: Sun 01 Sep 2024 13:53:22 +0000
ROA not before: Sun 01 Sep 2024 13:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151106
IP address blocks: 89.213.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Sep 2024 10:46:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ad:dc:a0:33:5c:ec:88:e9:e4:be:92:8e:80:b6:39:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 1 13:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5e62397abe202539e09ad4b57f581b3dbe6c2656
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0e:bb:92:9d:78:47:88:ed:5f:fc:9b:4b:e5:
0f:d9:a6:dd:57:1d:3b:28:c3:06:a8:c7:dc:aa:0f:
cc:a8:5f:55:a2:fc:2e:4c:96:77:bc:42:c9:2a:c3:
1c:56:2e:3d:d5:85:9f:da:96:17:84:b2:2c:7f:4f:
de:ab:b9:b8:4d:00:42:f0:22:2b:0f:2a:8a:e7:18:
47:bc:e8:23:f8:aa:cf:ae:ca:39:47:04:bb:79:87:
6f:db:8b:4f:d9:3b:66:bc:aa:c2:24:7b:81:fb:2a:
79:3d:b3:e0:a6:f1:d3:61:91:f4:6e:2b:97:5d:7d:
c7:bb:4c:6a:83:29:5c:02:4f:95:82:38:07:46:b9:
fe:0e:8e:9b:d9:4a:e0:18:e4:5b:c5:39:37:db:0c:
03:e6:36:75:27:e8:aa:6b:34:bb:ae:ec:b4:fc:55:
68:6e:ae:81:88:77:d1:94:72:d6:34:a4:fe:9b:91:
80:03:b2:a3:22:fd:3b:4f:f3:01:10:24:4d:49:3d:
9b:03:70:b5:34:6c:04:1a:1e:ab:43:52:cb:b7:38:
69:8b:a9:81:e6:64:10:97:75:7a:aa:c1:e0:8a:de:
d6:0a:04:a8:e4:c3:94:fa:77:f3:e6:ce:f7:56:e4:
03:f1:50:2d:86:f1:84:56:f6:4b:34:2c:55:13:64:
f5:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:62:39:7A:BE:20:25:39:E0:9A:D4:B5:7F:58:1B:3D:BE:6C:26:56
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XmI5er4gJTngmtS1f1gbPb5sJlY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.154.0/24
Signature Algorithm: sha256WithRSAEncryption
63:9b:90:8a:c0:a1:c1:45:6f:a3:2a:93:31:ab:5a:44:6a:5c:
f0:d7:37:03:5f:07:4d:1a:82:79:41:4c:07:db:f9:e9:fa:b6:
d6:2e:c9:71:42:c3:59:2e:10:5b:4b:da:46:e4:2f:99:be:eb:
7a:3d:f1:ff:05:08:89:11:b3:eb:a7:ff:1a:a4:75:3a:33:2d:
37:89:60:fb:3c:bd:b1:ce:ce:2b:00:d7:22:91:ae:a4:00:6e:
e7:6e:82:ee:7f:ae:49:29:d7:47:ee:94:c2:0a:6b:25:b0:e4:
4e:4f:5a:f0:ce:6a:a1:25:b9:06:8d:47:6c:eb:cb:8e:a6:a6:
44:36:bb:ca:f5:b5:82:25:09:6f:02:fc:4b:f3:ed:57:38:8b:
fa:a2:51:97:13:62:05:0b:aa:fd:4a:11:be:cf:25:ed:9a:8d:
83:8e:04:fd:ef:78:d3:30:f5:63:ba:31:6a:de:e0:52:54:a0:
31:d0:25:1c:54:14:ee:28:8b:25:bf:1a:02:69:e7:6d:3c:de:
14:1c:eb:dc:e7:ab:4a:89:d8:85:38:d1:bc:20:ec:eb:85:ad:
96:b2:b8:8f:2b:ab:ba:82:96:97:c1:a1:25:a3:58:b9:94:d6:
ad:89:38:31:bf:58:cb:22:fc:5d:f0:7a:37:e0:7c:3d:a0:c0:
81:64:49:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZGt3KAzXOyI6eS+ko6AtjlNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTAxMTM1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTYyMzk3YWJlMjAyNTM5ZTA5YWQ0YjU3ZjU4MWIzZGJlNmMyNjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1A67kp14R4jtX/ybS+UP2abdVx07
KMMGqMfcqg/MqF9VovwuTJZ3vELJKsMcVi491YWf2pYXhLIsf0/eq7m4TQBC8CIr
DyqK5xhHvOgj+KrPrso5RwS7eYdv24tP2TtmvKrCJHuB+yp5PbPgpvHTYZH0biuX
XX3Hu0xqgylcAk+VgjgHRrn+Do6b2UrgGORbxTk32wwD5jZ1J+iqazS7ruy0/FVo
bq6BiHfRlHLWNKT+m5GAA7KjIv07T/MBECRNST2bA3C1NGwEGh6rQ1LLtzhpi6mB
5mQQl3V6qsHgit7WCgSo5MOU+nfz5s73VuQD8VAthvGEVvZLNCxVE2T15wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF5iOXq+ICU54JrUtX9YGz2+bCZWMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWG1JNWVyNGdKVG5nbXRTMWYxZ2JQYjVzSmxZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWaMA0G
CSqGSIb3DQEBCwUAA4IBAQBjm5CKwKHBRW+jKpMxq1pEalzw1zcDXwdNGoJ5QUwH
2/np+rbWLslxQsNZLhBbS9pG5C+Zvut6PfH/BQiJEbPrp/8apHU6My03iWD7PL2x
zs4rANcika6kAG7nboLuf65JKddH7pTCCmslsOROT1rwzmqhJbkGjUds68uOpqZE
NrvK9bWCJQlvAvxL8+1XOIv6olGXE2IFC6r9ShG+zyXtmo2DjgT973jTMPVjujFq
3uBSVKAx0CUcVBTuKIslvxoCaedtPN4UHOvc56tKidiFONG8IOzrha2WsriPK6u6
gpaXwaElo1i5lNatiTgxv1jLIvxd8Ho34Hw9oMCBZEk0
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:26 2025 by rpki-client