Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ajKLzVOSaH66Pgj3s6aaFoFAVtE.roa
File: ajKLzVOSaH66Pgj3s6aaFoFAVtE.roa (raw, json)
Hash identifier: BSHM8cKFx7k0iyyCwb+wsdQ2SMddpgz9oTxsTo1tT2w=
Subject key identifier: 6A:32:8B:CD:53:92:68:7E:BA:3E:08:F7:B3:A6:9A:16:81:40:56:D1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D1C7081F4D27BF42BF8E5DAD98231498D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ajKLzVOSaH66Pgj3s6aaFoFAVtE.roa
Signing time: Thu 18 Jan 2024 11:59:11 +0000
ROA not before: Thu 18 Jan 2024 11:59:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198989
IP address blocks: 89.213.134.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 18 May 2024 07:58:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1c:70:81:f4:d2:7b:f4:2b:f8:e5:da:d9:82:31:49:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 18 11:59:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6a328bcd5392687eba3e08f7b3a69a16814056d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:6b:d9:51:1d:ed:85:a2:2a:12:61:d1:92:67:
bc:0a:5a:f8:10:83:91:e0:61:19:7d:b7:53:47:b2:
91:b6:2b:fe:d3:29:a6:d9:de:08:ef:90:7a:7e:e8:
1c:c8:5a:e0:ba:70:30:11:f0:7b:69:e0:be:9f:47:
7d:77:ec:0d:67:e0:0a:b6:c2:39:b1:15:70:51:8a:
1b:c5:50:a8:fb:15:6a:ca:3c:29:62:4c:67:c4:f8:
05:3f:5e:9a:36:2c:d8:e0:20:00:38:67:1b:9e:80:
de:c6:d7:33:d9:54:ff:b0:d7:99:6f:bf:0f:2b:57:
a8:ae:cd:04:0f:7d:33:4c:b0:03:bb:20:f2:f0:16:
31:8b:df:72:0b:8e:79:84:5f:db:7c:ca:ca:c4:73:
93:53:4d:7a:60:18:b6:14:fa:05:82:ff:ea:7c:74:
43:39:43:6a:66:cc:10:e3:42:e1:62:46:57:e2:9b:
89:5d:40:a0:63:4c:ea:e8:68:fa:e3:6f:be:cd:06:
d8:e7:0d:48:8e:70:e4:fa:25:13:5e:e7:f5:10:3e:
91:1a:b5:34:79:4a:9d:a3:0b:ac:c8:3a:3d:cb:01:
11:05:3c:5f:a6:a2:de:5a:c8:9a:f6:8b:97:0b:72:
12:e1:81:23:36:f0:55:00:c4:3e:0b:d6:15:16:54:
74:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:32:8B:CD:53:92:68:7E:BA:3E:08:F7:B3:A6:9A:16:81:40:56:D1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ajKLzVOSaH66Pgj3s6aaFoFAVtE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.134.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:03:38:2b:7d:ae:7a:49:85:b4:eb:6a:75:25:f9:f8:7f:95:
3d:4a:5f:fe:e2:c4:ac:74:13:74:28:e1:31:c2:eb:a2:6d:2b:
7e:c4:69:b6:b6:ad:40:9a:81:0c:be:b4:5e:a8:ec:b7:26:cd:
35:9e:2f:3a:84:7b:8c:e4:38:93:a1:e2:4b:c4:3d:bf:e7:dd:
fc:6e:53:de:04:89:91:81:83:51:c0:20:f2:e3:b0:57:38:f8:
0e:5a:6b:d1:d8:be:b9:f9:2e:64:fd:d6:4b:20:ff:f2:a0:e0:
85:ba:08:b8:d4:38:0e:d9:d5:e0:86:20:53:13:96:a0:e4:61:
60:94:b5:79:3d:93:42:b7:e8:a3:2e:a9:ff:05:eb:11:43:34:
78:51:16:8c:70:f8:78:22:ce:ca:77:bc:3b:c3:31:78:ae:07:
01:25:22:df:d2:01:4d:e7:74:c3:a7:a5:5e:73:42:a2:a9:00:
29:53:2f:a1:29:d3:66:3d:bf:d2:40:5c:43:7d:b7:44:35:24:
a9:57:61:77:8e:1d:8b:ef:14:0b:db:cb:43:4c:ec:b2:f0:ef:
60:28:b6:93:49:a5:f6:eb:6a:68:f6:d2:42:2f:e4:94:9e:76:
58:cd:2a:c7:2b:2f:31:35:c3:96:27:cb:8e:ed:ac:72:60:47:
3c:f3:30:73
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0ccIH00nv0K/jl2tmCMUmNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTE4MTE1OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTMyOGJjZDUzOTI2ODdlYmEzZTA4ZjdiM2E2OWExNjgxNDA1NmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWvZUR3thaIqEmHRkme8Clr4EIOR
4GEZfbdTR7KRtiv+0ymm2d4I75B6fugcyFrgunAwEfB7aeC+n0d9d+wNZ+AKtsI5
sRVwUYobxVCo+xVqyjwpYkxnxPgFP16aNizY4CAAOGcbnoDextcz2VT/sNeZb78P
K1eors0ED30zTLADuyDy8BYxi99yC455hF/bfMrKxHOTU016YBi2FPoFgv/qfHRD
OUNqZswQ40LhYkZX4puJXUCgY0zq6Gj642++zQbY5w1IjnDk+iUTXuf1ED6RGrU0
eUqdowusyDo9ywERBTxfpqLeWsia9ouXC3IS4YEjNvBVAMQ+C9YVFlR02wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGoyi81Tkmh+uj4I97OmmhaBQFbRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYWpLTHpWT1NhSDY2UGdqM3M2YWFGb0ZBVnRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWGMA0G
CSqGSIb3DQEBCwUAA4IBAQCqAzgrfa56SYW062p1Jfn4f5U9Sl/+4sSsdBN0KOEx
wuuibSt+xGm2tq1AmoEMvrReqOy3Js01ni86hHuM5DiToeJLxD2/5938blPeBImR
gYNRwCDy47BXOPgOWmvR2L65+S5k/dZLIP/yoOCFugi41DgO2dXghiBTE5ag5GFg
lLV5PZNCt+ijLqn/BesRQzR4URaMcPh4Is7Kd7w7wzF4rgcBJSLf0gFN53TDp6Ve
c0KiqQApUy+hKdNmPb/SQFxDfbdENSSpV2F3jh2L7xQL28tDTOyy8O9gKLaTSaX2
62po9tJCL+SUnnZYzSrHKy8xNcOWJ8uO7axyYEc88zBz
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:28 2025 by rpki-client