Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xy5Z6YLuPgIr96jBzUBHqNopgIs.roa
File: Xy5Z6YLuPgIr96jBzUBHqNopgIs.roa (raw, json)
Hash identifier: OOqg0ZJtiP1biH2pZXDphcGI9jBak0cRFDQq3glmoxg=
Subject key identifier: 5F:2E:59:E9:82:EE:3E:02:2B:F7:A8:C1:CD:40:47:A8:DA:29:80:8B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421442A05C0E49104B638C70CF1A23CE6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xy5Z6YLuPgIr96jBzUBHqNopgIs.roa
Signing time: Wed 01 Jan 2025 09:48:22 +0000
ROA not before: Wed 01 Jan 2025 09:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215026
IP address blocks: 89.213.96.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 03 Feb 2025 09:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:2a:05:c0:e4:91:04:b6:38:c7:0c:f1:a2:3c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f2e59e982ee3e022bf7a8c1cd4047a8da29808b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:7d:1e:59:ed:db:ec:43:fc:3d:72:d1:9b:1a:
69:bb:f5:b9:d6:8e:94:56:a7:78:ec:e2:7d:41:7d:
f1:bf:a7:34:32:2f:3b:a1:37:7d:80:50:47:2f:a0:
39:78:5f:36:61:b7:b5:aa:72:0b:12:19:b8:5c:06:
e4:8f:55:59:cd:22:9e:eb:56:74:11:91:13:58:d1:
4e:4c:47:40:6e:0c:c7:fd:5e:f1:b3:44:bc:7e:5c:
7b:41:06:d4:33:fb:06:71:10:37:94:1d:ea:34:94:
08:b0:29:b4:3f:a2:4b:67:27:54:94:c8:4d:ec:36:
34:9f:8f:1d:9a:95:b8:4b:8b:d7:69:fc:6e:85:76:
8f:ed:48:ff:c6:d3:be:97:e3:8d:2b:7d:a5:20:93:
49:f8:9a:69:ee:4f:3a:7e:bf:41:b6:88:8c:05:30:
55:62:01:d4:7c:73:d6:f6:9d:9c:34:dc:04:4b:85:
b6:ff:0a:b5:14:7b:1c:13:8c:2b:7c:c0:a9:75:54:
72:27:7e:b9:c8:08:62:e5:fb:09:4e:5e:db:d3:cb:
87:ab:a3:72:0b:e1:97:0a:a2:55:2e:e7:93:c0:52:
f7:be:77:5c:57:43:f1:61:a9:55:14:63:5f:4f:96:
84:71:75:7c:77:f3:9f:a0:6b:5b:ae:09:d2:a4:f1:
88:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:2E:59:E9:82:EE:3E:02:2B:F7:A8:C1:CD:40:47:A8:DA:29:80:8B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Xy5Z6YLuPgIr96jBzUBHqNopgIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.96.0/24
Signature Algorithm: sha256WithRSAEncryption
52:11:ab:9b:05:4a:02:a3:86:a4:6a:53:23:1c:ca:fe:2e:a0:
03:8c:d1:3c:a8:ad:ca:47:dd:b8:b2:a0:96:59:d9:12:d3:5e:
36:c4:42:d1:05:89:d1:c9:28:70:0d:d7:df:a4:b8:d6:7f:3a:
cb:4f:e4:93:88:be:59:93:01:2e:92:7e:ca:de:88:be:f9:9c:
82:a2:4d:1e:1a:ae:a7:86:bd:1e:93:33:ce:85:e3:98:f6:9f:
c2:5c:f7:b7:4a:bc:20:fc:c9:59:f9:78:2e:19:cb:67:3a:3d:
0c:94:94:de:8b:4d:2a:3c:3d:d2:06:38:16:c7:e6:77:67:b6:
2c:29:25:d3:28:e4:77:64:37:cb:62:f9:d6:b4:79:cb:6d:a8:
f2:c4:06:48:2c:1f:cc:88:b0:c7:04:a1:a4:05:99:66:67:f2:
9a:6f:5f:f7:79:25:8f:06:95:d2:81:1e:c6:b5:ee:12:4f:a7:
c5:8a:9e:41:4a:21:96:fd:b5:cb:30:02:22:87:64:88:cd:42:
b6:7e:14:b3:a8:ba:f8:b2:ef:49:a0:71:10:7c:a9:5d:74:40:
c0:3c:aa:76:30:08:45:55:6a:6c:25:10:73:1c:d0:b4:3f:d0:
a2:b0:dc:41:a0:03:ae:5c:58:e3:0f:0a:df:9c:37:71:01:3a:
7b:16:a7:54
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRCoFwOSRBLY4xwzxojzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjJlNTllOTgyZWUzZTAyMmJmN2E4YzFjZDQwNDdhOGRhMjk4MDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0H0eWe3b7EP8PXLRmxppu/W51o6U
Vqd47OJ9QX3xv6c0Mi87oTd9gFBHL6A5eF82Ybe1qnILEhm4XAbkj1VZzSKe61Z0
EZETWNFOTEdAbgzH/V7xs0S8flx7QQbUM/sGcRA3lB3qNJQIsCm0P6JLZydUlMhN
7DY0n48dmpW4S4vXafxuhXaP7Uj/xtO+l+ONK32lIJNJ+Jpp7k86fr9BtoiMBTBV
YgHUfHPW9p2cNNwES4W2/wq1FHscE4wrfMCpdVRyJ365yAhi5fsJTl7b08uHq6Ny
C+GXCqJVLueTwFL3vndcV0PxYalVFGNfT5aEcXV8d/OfoGtbrgnSpPGIywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFF8uWemC7j4CK/eowc1AR6jaKYCLMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWHk1WjZZTHVQZ0lyOTZqQnpVQkhxTm9wZ0lzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdVgMA0G
CSqGSIb3DQEBCwUAA4IBAQBSEaubBUoCo4akalMjHMr+LqADjNE8qK3KR924sqCW
WdkS0142xELRBYnRyShwDdffpLjWfzrLT+STiL5ZkwEukn7K3oi++ZyCok0eGq6n
hr0ekzPOheOY9p/CXPe3Srwg/MlZ+XguGctnOj0MlJTei00qPD3SBjgWx+Z3Z7Ys
KSXTKOR3ZDfLYvnWtHnLbajyxAZILB/MiLDHBKGkBZlmZ/Kab1/3eSWPBpXSgR7G
te4ST6fFip5BSiGW/bXLMAIih2SIzUK2fhSzqLr4su9JoHEQfKlddEDAPKp2MAhF
VWpsJRBzHNC0P9CisNxBoAOuXFjjDwrfnDdxATp7FqdU
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:38:01 2025 by rpki-client