Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YS7po-CJGacmEIPQZ9-RS3zR0Gk.roa
File: YS7po-CJGacmEIPQZ9-RS3zR0Gk.roa (raw, json)
Hash identifier: 8CsLpI6biGdWiWQvH/HQ1O6B9u5vZ6u89zALtMFdogg=
Subject key identifier: 61:2E:E9:A3:E0:89:19:A7:26:10:83:D0:67:DF:91:4B:7C:D1:D0:69
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421443B4A9321879B3744A12FD2C2EA5D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YS7po-CJGacmEIPQZ9-RS3zR0Gk.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397423
IP address blocks: 89.213.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 15:41:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3b:4a:93:21:87:9b:37:44:a1:2f:d2:c2:ea:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=612ee9a3e08919a7261083d067df914b7cd1d069
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:ea:79:0b:68:a9:ec:2a:99:48:62:e6:35:b5:
9e:13:01:7e:ea:2c:f4:0c:6c:1e:85:c6:8d:03:7a:
b7:e0:31:91:45:d0:c6:f7:25:ff:1d:9b:a6:0a:9c:
36:d9:27:ee:c9:24:21:09:ab:f0:c2:6b:aa:41:a9:
f4:34:e4:9b:bb:83:1c:0b:44:75:57:a4:2e:f0:66:
8a:88:cc:03:b6:0f:c1:83:a9:b2:00:da:70:29:fa:
90:1a:16:3e:e1:08:df:f3:40:cb:78:e0:28:b4:e4:
04:bf:73:a8:f6:9b:f8:83:f9:4f:db:fd:4c:02:83:
41:0a:35:36:13:01:34:01:d8:f8:3f:79:ab:c5:96:
12:32:41:32:9f:1a:48:43:f2:d2:1e:2c:cf:9a:b8:
54:dd:21:8d:3f:fa:07:e1:e2:44:9c:76:b0:20:fc:
fd:c3:9e:43:91:9e:b4:5e:2a:56:c0:55:ba:10:1f:
17:b8:1a:cb:f2:73:b9:f4:cf:4e:0c:a0:84:d0:23:
94:7e:8c:5c:ad:83:2b:4d:52:79:a9:3d:a2:10:ce:
f8:14:2d:ff:0b:07:5a:14:3c:b8:3a:84:04:bc:d5:
76:56:c4:21:3b:5c:31:79:f0:a2:f1:b8:7e:a4:67:
43:d3:e5:bc:eb:7c:1f:35:60:ff:9d:b9:ab:af:75:
5b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:2E:E9:A3:E0:89:19:A7:26:10:83:D0:67:DF:91:4B:7C:D1:D0:69
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/YS7po-CJGacmEIPQZ9-RS3zR0Gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.173.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:82:ae:1a:8b:96:a1:27:0a:d8:bd:e4:7f:5f:dc:e4:52:9d:
bf:de:e0:06:94:db:c7:0d:ec:e8:3e:e8:74:3d:28:29:9f:54:
ad:9f:d7:ea:56:9b:f2:39:54:49:d3:d4:7d:1c:29:30:89:56:
39:e5:c6:f5:5f:fa:40:8a:6e:42:e2:34:8f:c1:01:4d:4c:dd:
76:11:80:92:45:d6:68:ce:f9:9e:95:d2:8d:56:ec:da:3b:5c:
23:b0:ee:f2:69:c7:30:ea:d2:bb:9a:a8:0c:dc:35:99:30:9d:
11:95:54:e2:82:d1:1b:70:5a:2d:a8:8d:b8:58:88:1a:8b:32:
02:d7:03:19:1b:9a:f0:03:07:63:87:61:da:5d:cd:0f:1e:73:
62:e3:1c:48:cf:fa:86:d4:c4:92:ac:fb:12:44:79:36:3a:17:
3e:e0:92:e5:94:68:e8:21:f2:d5:dc:b1:4c:95:91:63:f4:21:
06:db:78:64:77:87:67:ea:10:b1:55:15:6b:41:b8:aa:e8:4a:
f1:cf:48:c1:e0:b0:f0:cb:0d:22:c0:e4:a1:75:b1:7f:f1:d1:
62:f6:7f:51:2e:f2:71:b6:07:2c:15:bb:46:b8:83:fb:71:fc:
94:42:20:c6:8d:40:4c:98:8a:36:a7:c4:c2:20:54:c9:40:66:
e8:6e:eb:0c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDtKkyGHmzdEoS/SwupdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MTJlZTlhM2UwODkxOWE3MjYxMDgzZDA2N2RmOTE0YjdjZDFkMDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs+p5C2ip7CqZSGLmNbWeEwF+6iz0
DGwehcaNA3q34DGRRdDG9yX/HZumCpw22SfuySQhCavwwmuqQan0NOSbu4McC0R1
V6Qu8GaKiMwDtg/Bg6myANpwKfqQGhY+4Qjf80DLeOAotOQEv3Oo9pv4g/lP2/1M
AoNBCjU2EwE0Adj4P3mrxZYSMkEynxpIQ/LSHizPmrhU3SGNP/oH4eJEnHawIPz9
w55DkZ60XipWwFW6EB8XuBrL8nO59M9ODKCE0COUfoxcrYMrTVJ5qT2iEM74FC3/
CwdaFDy4OoQEvNV2VsQhO1wxefCi8bh+pGdD0+W863wfNWD/nbmrr3Vb2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGEu6aPgiRmnJhCD0GffkUt80dBpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWVM3cG8tQ0pHYWNtRUlQUVo5LVJTM3pSMEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWtMA0G
CSqGSIb3DQEBCwUAA4IBAQA6gq4ai5ahJwrYveR/X9zkUp2/3uAGlNvHDezoPuh0
PSgpn1Stn9fqVpvyOVRJ09R9HCkwiVY55cb1X/pAim5C4jSPwQFNTN12EYCSRdZo
zvmeldKNVuzaO1wjsO7yaccw6tK7mqgM3DWZMJ0RlVTigtEbcFotqI24WIgaizIC
1wMZG5rwAwdjh2HaXc0PHnNi4xxIz/qG1MSSrPsSRHk2Ohc+4JLllGjoIfLV3LFM
lZFj9CEG23hkd4dn6hCxVRVrQbiq6Erxz0jB4LDwyw0iwOShdbF/8dFi9n9RLvJx
tgcsFbtGuIP7cfyUQiDGjUBMmIo2p8TCIFTJQGbobusM
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:27 2025 by rpki-client