Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YEdZWxART_dNLRQ7MBubPQJTGzM.roa
File: YEdZWxART_dNLRQ7MBubPQJTGzM.roa (raw, json)
Hash identifier: vSokUMstpGlWett2src0N9IeRCgplya+pgIVM+i12Hc=
Subject key identifier: 60:47:59:5B:10:11:4F:F7:4D:2D:14:3B:30:1B:9B:3D:02:53:1B:33
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191FFE47A60AFE1F5D4A6D0CBD6D6B24F45
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YEdZWxART_dNLRQ7MBubPQJTGzM.roa
Signing time: Tue 17 Sep 2024 12:10:49 +0000
ROA not before: Tue 17 Sep 2024 12:10:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215269
IP address blocks: 89.213.44.0/24 maxlen: 24
89.213.49.0/24 maxlen: 24
89.213.51.0/24 maxlen: 24
109.176.254.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 29 Sep 2024 13:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:e4:7a:60:af:e1:f5:d4:a6:d0:cb:d6:d6:b2:4f:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 17 12:10:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6047595b10114ff74d2d143b301b9b3d02531b33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:59:89:6e:00:2a:8a:f4:b6:16:bf:fa:4e:85:
92:3d:0b:5c:dd:a5:5b:7f:87:b5:af:9d:52:bb:6c:
37:6b:88:f0:47:2c:28:52:06:8f:9c:26:3e:d7:ee:
d2:ad:a7:43:cc:f2:6e:c1:6a:54:ae:5c:db:a3:1f:
4f:81:e7:f7:03:dd:0b:54:15:a5:25:df:6d:b6:5c:
01:c0:7c:62:de:66:af:c6:8f:c8:9c:2b:2e:e9:ef:
e9:fa:29:5d:f9:5b:c8:91:e1:3c:f4:cd:5c:85:cb:
d8:fa:25:7b:09:25:0e:07:59:1b:99:01:ea:6d:e9:
d7:86:74:a4:b9:c0:97:a2:5f:c8:2f:14:58:72:14:
27:e5:ab:7e:ff:dc:5f:d5:e4:9e:3e:f0:0e:c2:c9:
ce:21:85:f9:cc:e6:52:0a:ad:c5:be:06:ab:d9:70:
f2:6b:40:1d:70:2e:62:d5:ce:1b:41:f5:a9:2e:73:
42:ed:5c:38:20:18:cc:29:a6:b4:a1:b1:45:5d:84:
5e:3a:ad:c6:40:d6:79:e5:34:75:32:d0:e8:9a:cb:
5c:9e:ae:9e:5d:89:01:d8:12:5b:44:c6:52:35:e1:
11:0c:a0:01:cb:f0:f2:44:ac:27:73:95:75:c5:fc:
a1:2b:4c:1c:b6:31:89:3d:e7:ff:cf:0d:71:1a:77:
f5:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:47:59:5B:10:11:4F:F7:4D:2D:14:3B:30:1B:9B:3D:02:53:1B:33
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YEdZWxART_dNLRQ7MBubPQJTGzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.44.0/24
89.213.49.0/24
89.213.51.0/24
109.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
97:2f:b1:e9:a8:1b:99:cb:e4:43:18:6d:68:ac:01:93:6f:1c:
71:72:e2:b0:39:ed:2b:0d:09:0c:42:dc:52:78:89:9e:42:01:
a2:39:e6:67:b5:b9:a4:23:77:9d:ae:3c:f3:3c:05:f0:f7:c8:
d8:9c:2b:23:7d:32:88:af:c0:4a:f7:84:17:64:57:34:eb:d1:
63:2d:55:4d:bc:9d:52:ef:f9:63:e2:64:2e:aa:44:5f:8d:72:
0d:8a:ec:d3:46:70:32:34:6c:99:6e:cd:ec:9b:8e:9b:b2:db:
92:76:01:45:e1:10:46:53:6b:6b:25:41:36:da:8e:f1:d6:8a:
89:ec:19:40:e3:ab:fa:65:af:08:88:03:f6:e4:6e:fc:7b:5d:
12:3d:f0:45:ee:45:f3:f0:e1:8d:54:86:e4:e5:b2:ef:52:b3:
42:ab:14:10:6e:d5:f0:58:e6:b1:d9:fe:fa:b8:33:3e:6c:8e:
45:fb:1d:3a:32:8f:b4:a5:56:4e:59:d9:dc:ac:5c:5a:d0:d7:
0e:ee:d6:26:e0:b1:ed:2e:1a:02:4f:7a:40:d7:af:78:b6:a1:
b8:ae:68:ee:7b:b0:52:14:9c:83:38:d7:d6:d5:c6:de:fd:9a:
b6:5f:cb:56:55:73:fd:89:ca:cb:8d:bd:30:8c:a2:b9:ec:92:
ab:db:33:67
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZH/5Hpgr+H11KbQy9bWsk9FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTE3MTIxMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MDQ3NTk1YjEwMTE0ZmY3NGQyZDE0M2IzMDFiOWIzZDAyNTMxYjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVmJbgAqivS2Fr/6ToWSPQtc3aVb
f4e1r51Su2w3a4jwRywoUgaPnCY+1+7SradDzPJuwWpUrlzbox9Pgef3A90LVBWl
Jd9ttlwBwHxi3mavxo/InCsu6e/p+ild+VvIkeE89M1chcvY+iV7CSUOB1kbmQHq
benXhnSkucCXol/ILxRYchQn5at+/9xf1eSePvAOwsnOIYX5zOZSCq3Fvgar2XDy
a0AdcC5i1c4bQfWpLnNC7Vw4IBjMKaa0obFFXYReOq3GQNZ55TR1MtDomstcnq6e
XYkB2BJbRMZSNeERDKABy/DyRKwnc5V1xfyhK0wctjGJPef/zw1xGnf16wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGBHWVsQEU/3TS0UOzAbmz0CUxszMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWUVkWld4QVJUX2ROTFJRN01CdWJQUUpUR3pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdUsAwQA
WdUxAwQAWdUzAwQBbbD+MA0GCSqGSIb3DQEBCwUAA4IBAQCXL7HpqBuZy+RDGG1o
rAGTbxxxcuKwOe0rDQkMQtxSeImeQgGiOeZntbmkI3edrjzzPAXw98jYnCsjfTKI
r8BK94QXZFc069FjLVVNvJ1S7/lj4mQuqkRfjXINiuzTRnAyNGyZbs3sm46bstuS
dgFF4RBGU2trJUE22o7x1oqJ7BlA46v6Za8IiAP25G78e10SPfBF7kXz8OGNVIbk
5bLvUrNCqxQQbtXwWOax2f76uDM+bI5F+x06Mo+0pVZOWdncrFxa0NcO7tYm4LHt
LhoCT3pA1694tqG4rmjue7BSFJyDONfW1cbe/Zq2X8tWVXP9icrLjb0wjKK57JKr
2zNn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:04:12 2025 by rpki-client