Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa
File: aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa (raw, json)
Hash identifier: 71r5Wx0rOZz76lwGT6JBX9RivC8wyZsY5z500hDRmAA=
Subject key identifier: 68:75:E3:EB:75:D2:1A:24:34:6F:7E:57:03:2B:C1:18:84:45:E3:04
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E75701C7DC4832B2073A4EFFCA656F3CD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa
Signing time: Mon 25 Mar 2024 11:47:45 +0000
ROA not before: Mon 25 Mar 2024 11:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211439
IP address blocks: 89.213.117.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 28 Mar 2024 14:07:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:70:1c:7d:c4:83:2b:20:73:a4:ef:fc:a6:56:f3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 25 11:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6875e3eb75d21a24346f7e57032bc1188445e304
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9a:b1:89:1e:7f:5a:e9:16:7e:ba:30:3a:03:
b4:86:ef:e3:28:7c:97:d5:e5:3c:26:fd:e5:6b:a0:
5f:23:3d:0c:61:71:8d:5b:9a:3b:8f:58:80:2c:ea:
74:74:eb:7b:d7:c9:56:ca:ee:df:c7:98:08:df:35:
37:2a:dd:f4:2b:43:ec:3d:cc:b0:16:00:c5:c2:e2:
5d:cd:04:2c:c8:12:0d:9e:fa:6c:a7:55:fb:f7:25:
05:84:f8:6f:3b:d7:b2:ad:20:97:c8:59:47:0a:d2:
3d:8c:05:0d:4b:7a:ba:49:f4:0a:a5:74:0f:bd:ce:
95:19:39:5f:a6:8b:1c:8f:fd:a4:f7:a8:d1:5d:a8:
53:69:f2:44:9e:92:2e:e5:69:e5:ac:b9:d0:be:de:
58:75:5f:54:3d:37:6d:b3:7f:29:6e:58:1c:09:9f:
74:8c:b6:c0:6a:f8:be:07:9c:b6:5d:2c:60:f3:ba:
21:1c:b0:b2:50:d2:46:01:0c:fb:2b:cd:13:61:4b:
56:75:d6:4b:e7:2f:6a:03:c1:2a:1e:26:a0:67:7a:
bd:2c:7d:86:22:59:68:4a:04:61:d1:10:c3:e8:62:
24:3e:47:c5:84:8e:95:d4:aa:e0:9d:5a:f2:d2:8a:
84:26:7e:3d:fa:46:3f:72:b6:45:30:04:b7:31:14:
b4:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:75:E3:EB:75:D2:1A:24:34:6F:7E:57:03:2B:C1:18:84:45:E3:04
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/aHXj63XSGiQ0b35XAyvBGIRF4wQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.117.0/24
Signature Algorithm: sha256WithRSAEncryption
74:05:c4:6a:b5:61:5d:76:13:24:33:50:dc:2b:45:8e:f2:a1:
b0:3b:56:94:c5:e4:7f:c9:e4:1e:7b:d2:46:c3:43:a2:31:d9:
62:8f:c3:6b:e5:5e:de:07:9d:08:c3:42:b3:4f:74:f7:b4:b6:
8e:a9:00:b5:94:9c:a5:f6:72:04:b5:8e:08:b5:da:4d:29:44:
71:fa:77:40:6b:27:21:29:28:d8:03:f3:76:7d:dd:db:e6:14:
b5:5b:34:0a:6d:0a:c6:10:d3:c6:49:64:84:46:23:29:50:15:
74:a1:ec:bf:24:de:a0:68:77:cd:40:e1:fa:58:84:eb:60:88:
00:ac:53:ec:b9:dd:af:0c:ee:d0:03:06:36:65:0a:1a:10:d8:
b6:88:64:c5:c0:14:0d:d4:8c:48:f1:58:bf:c7:dc:5f:8a:96:
fe:80:5c:f9:e7:51:a0:5f:0c:35:ce:23:6e:9d:f0:d6:0d:c6:
d8:33:b0:3c:71:93:29:ad:2d:55:95:a7:16:ac:bc:2f:f7:5c:
72:56:94:55:a3:26:6d:dd:b2:d7:d8:cc:4b:2e:e7:3c:1d:82:
4e:c4:c3:f1:31:6b:f6:5a:5b:86:f0:36:08:bb:eb:2e:78:ae:
e5:e1:2b:68:09:24:7a:13:49:e6:8c:0d:e8:9a:a2:e4:a1:03:
36:c9:d6:12
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY51cBx9xIMrIHOk7/ymVvPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI1MTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODc1ZTNlYjc1ZDIxYTI0MzQ2ZjdlNTcwMzJiYzExODg0NDVlMzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpqxiR5/WukWfrowOgO0hu/jKHyX
1eU8Jv3la6BfIz0MYXGNW5o7j1iALOp0dOt718lWyu7fx5gI3zU3Kt30K0PsPcyw
FgDFwuJdzQQsyBINnvpsp1X79yUFhPhvO9eyrSCXyFlHCtI9jAUNS3q6SfQKpXQP
vc6VGTlfposcj/2k96jRXahTafJEnpIu5WnlrLnQvt5YdV9UPTdts38pblgcCZ90
jLbAavi+B5y2XSxg87ohHLCyUNJGAQz7K80TYUtWddZL5y9qA8EqHiagZ3q9LH2G
IlloSgRh0RDD6GIkPkfFhI6V1KrgnVry0oqEJn49+kY/crZFMAS3MRS0hwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGh14+t10hokNG9+VwMrwRiEReMEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYUhYajYzWFNHaVEwYjM1WEF5dkJHSVJGNHdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdV1MA0G
CSqGSIb3DQEBCwUAA4IBAQB0BcRqtWFddhMkM1DcK0WO8qGwO1aUxeR/yeQee9JG
w0OiMdlij8Nr5V7eB50Iw0KzT3T3tLaOqQC1lJyl9nIEtY4ItdpNKURx+ndAaych
KSjYA/N2fd3b5hS1WzQKbQrGENPGSWSERiMpUBV0oey/JN6gaHfNQOH6WITrYIgA
rFPsud2vDO7QAwY2ZQoaENi2iGTFwBQN1IxI8Vi/x9xfipb+gFz551GgXww1ziNu
nfDWDcbYM7A8cZMprS1VlacWrLwv91xyVpRVoyZt3bLX2MxLLuc8HYJOxMPxMWv2
WluG8DYIu+sueK7l4StoCSR6E0nmjA3omqLkoQM2ydYS
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:34 2025 by rpki-client