Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bOUxh47elrQ3Dhm3cRZy3Hapw2I.roa
File: bOUxh47elrQ3Dhm3cRZy3Hapw2I.roa (raw, json)
Hash identifier: sCxQZlzNrKKj6OJrvkHdSrP5wQpY8P5q8my8og3fNsY=
Subject key identifier: 6C:E5:31:87:8E:DE:96:B4:37:0E:19:B7:71:16:72:DC:76:A9:C3:62
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01941C0C5A7829028DC8FDB0B6D6DA05E574
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bOUxh47elrQ3Dhm3cRZy3Hapw2I.roa
Signing time: Tue 31 Dec 2024 09:29:19 +0000
ROA not before: Tue 31 Dec 2024 09:29:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 89.213.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1c:0c:5a:78:29:02:8d:c8:fd:b0:b6:d6:da:05:e5:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 31 09:29:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ce531878ede96b4370e19b7711672dc76a9c362
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:97:73:1e:61:e3:8f:38:d9:43:a9:91:5a:0c:
58:05:59:01:29:4a:03:27:f7:61:8f:b2:38:6b:9c:
50:4e:58:58:2b:bd:f6:fb:ec:f0:0c:85:e4:a7:70:
2d:d9:8d:5a:5c:99:13:b8:31:9c:ae:34:56:af:ce:
9f:8b:12:6a:05:66:e6:9b:d8:30:45:98:7c:3a:c9:
17:6e:19:80:38:4a:fc:ea:0e:17:de:84:7d:54:01:
21:d7:84:74:16:43:21:1a:de:e2:6c:45:ec:f2:87:
e0:7d:6c:d3:8a:d2:1a:e7:83:77:a5:37:68:ba:b4:
ba:88:14:50:a3:4d:83:b4:ad:cd:d1:f3:3e:75:9a:
28:e7:ee:18:bf:fe:22:71:62:2e:50:7c:ee:4f:4f:
4d:6b:1d:08:fc:2a:65:7e:59:66:95:ca:3f:d4:0a:
06:d6:d8:c2:3d:3b:ac:d3:b8:c3:7a:2e:de:00:43:
95:71:1b:cd:11:8a:ae:6a:c3:fa:d0:2f:fc:6c:2f:
20:b1:af:b4:3d:66:4b:53:f6:6f:25:5c:77:6c:57:
74:4b:a7:05:27:e3:3e:1c:ca:0a:08:95:ea:bc:d7:
80:05:2b:af:02:f6:cf:0d:18:5d:d5:b5:06:57:dc:
6c:62:f6:4d:a2:fc:8b:3f:7c:52:46:f4:72:e2:39:
e5:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E5:31:87:8E:DE:96:B4:37:0E:19:B7:71:16:72:DC:76:A9:C3:62
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bOUxh47elrQ3Dhm3cRZy3Hapw2I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.173.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:63:f5:65:2f:6a:a4:5f:5d:b1:65:b5:28:0a:c9:a1:d7:9f:
ff:bb:3c:4f:9c:c0:7f:f2:b9:a4:d5:1f:b9:72:9d:5f:23:d6:
73:52:40:bf:80:aa:7f:e0:0e:ad:7a:ec:7d:6b:f8:c7:98:2e:
03:23:83:7a:0b:a9:2d:a9:3e:1d:23:01:50:1d:13:6b:42:4f:
db:60:4e:0e:c4:97:48:0e:7a:bc:24:81:47:f9:31:82:dd:84:
86:b2:45:a8:85:35:7c:5e:96:08:65:16:d9:18:86:4e:bc:b4:
3f:25:ac:16:42:ff:81:3c:2e:91:64:8a:59:6c:f1:68:4a:ca:
b9:cf:3d:3d:40:a4:b7:ef:6b:5c:2c:31:ee:12:8e:bb:5c:8e:
cf:5b:14:58:ad:ab:ce:a9:0f:55:8c:a3:8e:60:cc:0b:2a:d8:
59:b6:29:f5:64:ae:32:be:28:9a:52:17:04:e2:8a:7e:9b:23:
63:bf:a1:08:4d:88:04:bd:db:49:2b:2a:cf:7f:81:2d:7d:c3:
cc:ba:f3:00:3e:b4:2b:bb:09:ad:24:3e:d4:f3:d9:af:1c:d5:
37:a9:d6:69:33:3d:88:aa:31:ac:44:d3:d1:c5:d0:4c:85:c2:
7d:a4:36:34:a6:f1:f1:0e:bd:5c:01:c2:db:72:f7:18:a8:9e:
ed:c8:49:60
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQcDFp4KQKNyP2wttbaBeV0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjMxMDkyOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2U1MzE4NzhlZGU5NmI0MzcwZTE5Yjc3MTE2NzJkYzc2YTljMzYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6pdzHmHjjzjZQ6mRWgxYBVkBKUoD
J/dhj7I4a5xQTlhYK732++zwDIXkp3At2Y1aXJkTuDGcrjRWr86fixJqBWbmm9gw
RZh8OskXbhmAOEr86g4X3oR9VAEh14R0FkMhGt7ibEXs8ofgfWzTitIa54N3pTdo
urS6iBRQo02DtK3N0fM+dZoo5+4Yv/4icWIuUHzuT09Nax0I/Cplfllmlco/1AoG
1tjCPTus07jDei7eAEOVcRvNEYquasP60C/8bC8gsa+0PWZLU/ZvJVx3bFd0S6cF
J+M+HMoKCJXqvNeABSuvAvbPDRhd1bUGV9xsYvZNovyLP3xSRvRy4jnlHQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGzlMYeO3pa0Nw4Zt3EWctx2qcNiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYk9VeGg0N2VsclEzRGhtM2NSWnkzSGFwdzJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWtMA0G
CSqGSIb3DQEBCwUAA4IBAQCbY/VlL2qkX12xZbUoCsmh15//uzxPnMB/8rmk1R+5
cp1fI9ZzUkC/gKp/4A6teux9a/jHmC4DI4N6C6ktqT4dIwFQHRNrQk/bYE4OxJdI
Dnq8JIFH+TGC3YSGskWohTV8XpYIZRbZGIZOvLQ/JawWQv+BPC6RZIpZbPFoSsq5
zz09QKS372tcLDHuEo67XI7PWxRYravOqQ9VjKOOYMwLKthZtin1ZK4yviiaUhcE
4op+myNjv6EITYgEvdtJKyrPf4EtfcPMuvMAPrQruwmtJD7U89mvHNU3qdZpMz2I
qjGsRNPRxdBMhcJ9pDY0pvHxDr1cAcLbcvcYqJ7tyElg
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:21:42 2025 by rpki-client