Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_9rySZ8WqaYi385OQakzV-vJUzQ.roa
File: _9rySZ8WqaYi385OQakzV-vJUzQ.roa (raw, json)
Hash identifier: YwiuT20e0GtlE/d6Kcm6fXBRorwduwhPfI3EYzgL4sA=
Subject key identifier: FF:DA:F2:49:9F:16:A9:A6:22:DF:CE:4E:41:A9:33:57:EB:C9:53:34
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F09B63BF818D4E002A71D143D83B8C8A6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_9rySZ8WqaYi385OQakzV-vJUzQ.roa
Signing time: Tue 23 Apr 2024 06:48:08 +0000
ROA not before: Tue 23 Apr 2024 06:48:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 89.213.107.0/24 maxlen: 24
89.213.112.0/24 maxlen: 24
89.213.113.0/24 maxlen: 24
89.213.114.0/24 maxlen: 24
89.213.116.0/24 maxlen: 24
89.213.121.0/24 maxlen: 24
89.213.157.0/24 maxlen: 24
89.213.227.0/24 maxlen: 24
213.130.137.0/24 maxlen: 24
213.130.152.0/24 maxlen: 24
213.130.153.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 13:15:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:09:b6:3b:f8:18:d4:e0:02:a7:1d:14:3d:83:b8:c8:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 23 06:48:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ffdaf2499f16a9a622dfce4e41a93357ebc95334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:08:6a:e3:89:a4:36:a7:bc:44:fe:18:2c:35:
25:e0:4f:44:03:c5:8d:40:b6:c0:47:a0:63:47:95:
63:0c:30:a6:8e:98:e0:34:7a:7e:ab:4c:2a:32:b6:
4f:27:d7:d4:c3:23:dc:bb:cd:12:21:cb:82:7a:36:
80:65:05:4c:c9:98:2b:07:9e:2b:44:ac:be:1d:81:
00:a4:1a:19:82:23:a9:8f:ce:7a:03:f7:d5:a4:06:
08:e9:80:bd:9f:2f:c2:97:33:0c:98:79:dd:80:a5:
17:e7:86:18:b3:e1:24:0d:a6:3e:6a:ca:3a:e2:77:
d5:77:b9:ca:a7:be:3d:ea:1a:28:0e:d4:e2:17:7e:
90:11:2a:04:54:2e:01:4a:e1:f9:be:b4:0e:23:41:
b4:d8:19:48:2f:b6:04:27:b9:74:c3:e8:f2:f8:a9:
3d:3f:80:26:c4:4e:9e:fe:d6:39:65:15:e0:27:67:
b4:08:b4:ec:84:7a:da:3d:54:2d:81:38:bd:c7:66:
88:75:94:62:a8:ce:73:41:10:0a:a0:21:a7:87:95:
34:f2:d3:f1:c9:6b:86:f5:a0:dd:df:22:72:d8:83:
19:e1:a6:ab:72:58:dc:ee:51:21:11:13:4e:4e:5b:
d9:90:95:99:61:29:eb:49:bf:e3:8c:df:38:bc:d0:
3d:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:DA:F2:49:9F:16:A9:A6:22:DF:CE:4E:41:A9:33:57:EB:C9:53:34
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/_9rySZ8WqaYi385OQakzV-vJUzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.107.0/24
89.213.112.0-89.213.114.255
89.213.116.0/24
89.213.121.0/24
89.213.157.0/24
89.213.227.0/24
213.130.137.0/24
213.130.152.0-213.130.154.255
Signature Algorithm: sha256WithRSAEncryption
84:ee:e5:c7:e7:ae:3f:a7:3b:a6:91:14:fd:ad:13:a5:c0:93:
16:5c:0b:20:c5:71:6c:1c:1e:47:3d:65:24:71:c0:30:3b:bf:
05:80:bc:41:8a:43:bb:c4:14:75:24:cc:34:c7:12:54:42:3c:
69:97:7b:30:33:c0:03:87:19:4b:d3:19:08:7f:8c:bb:07:a1:
7f:e0:b7:94:32:80:46:ca:0e:15:7b:51:f4:41:9e:55:95:b0:
29:0e:91:3d:0d:bd:b0:5c:fa:44:a3:ce:72:a5:7f:c2:96:54:
04:f5:80:e1:44:a0:5e:7f:0f:a7:30:38:71:44:f7:6a:52:34:
49:c2:ff:ed:4e:db:e5:1f:d9:d4:59:8f:47:ea:24:75:58:66:
ea:46:b2:23:cb:e1:6d:ef:dc:26:fc:44:35:ae:7b:7f:45:de:
f3:69:84:e4:80:01:d7:81:28:56:7f:3a:08:a5:c9:91:95:53:
98:7e:16:aa:42:99:99:c2:60:c1:02:e1:a3:2d:98:ec:de:a5:
63:a4:e2:61:78:28:09:88:91:e2:4a:a1:27:74:2c:ea:8c:58:
59:27:47:04:5e:57:db:10:08:e0:47:d5:1a:15:27:4a:8a:64:
60:99:22:1b:17:a8:86:29:d4:af:bf:a5:7c:e7:8d:6c:7e:e9:
5d:db:c1:cf
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY8Jtjv4GNTgAqcdFD2DuMimMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDIzMDY0ODA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZmRhZjI0OTlmMTZhOWE2MjJkZmNlNGU0MWE5MzM1N2ViYzk1MzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQhq44mkNqe8RP4YLDUl4E9EA8WN
QLbAR6BjR5VjDDCmjpjgNHp+q0wqMrZPJ9fUwyPcu80SIcuCejaAZQVMyZgrB54r
RKy+HYEApBoZgiOpj856A/fVpAYI6YC9ny/ClzMMmHndgKUX54YYs+EkDaY+aso6
4nfVd7nKp7496hooDtTiF36QESoEVC4BSuH5vrQOI0G02BlIL7YEJ7l0w+jy+Kk9
P4AmxE6e/tY5ZRXgJ2e0CLTshHraPVQtgTi9x2aIdZRiqM5zQRAKoCGnh5U08tPx
yWuG9aDd3yJy2IMZ4aarcljc7lEhERNOTlvZkJWZYSnrSb/jjN84vNA9UwIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFP/a8kmfFqmmIt/OTkGpM1fryVM0MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvXzlyeVNaOFdxYVlpMzg1T1Fha3pWLXZKVXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDBGBAIAATBAAwQAWdVrMAwD
BARZ1XADBABZ1XIDBABZ1XQDBABZ1XkDBABZ1Z0DBABZ1eMDBADVgokwDAMEA9WC
mAMEANWCmjANBgkqhkiG9w0BAQsFAAOCAQEAhO7lx+euP6c7ppEU/a0TpcCTFlwL
IMVxbBweRz1lJHHAMDu/BYC8QYpDu8QUdSTMNMcSVEI8aZd7MDPAA4cZS9MZCH+M
uwehf+C3lDKARsoOFXtR9EGeVZWwKQ6RPQ29sFz6RKPOcqV/wpZUBPWA4USgXn8P
pzA4cUT3alI0ScL/7U7b5R/Z1FmPR+okdVhm6kayI8vhbe/cJvxENa57f0Xe82mE
5IAB14EoVn86CKXJkZVTmH4WqkKZmcJgwQLhoy2Y7N6lY6TiYXgoCYiR4kqhJ3Qs
6oxYWSdHBF5X2xAI4EfVGhUnSopkYJkiGxeohinUr7+lfOeNbH7pXdvBzw==
-----END CERTIFICATE-----
Generated at Tue May 7 15:44:45 2024 by rpki-client on console-ams.rpki-client.org