Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c2R4t3NM8S4riClPudRww_Hw6Oo.roa
File: c2R4t3NM8S4riClPudRww_Hw6Oo.roa (raw, json)
Hash identifier: 3fnjbiyDQw4Rf/3qurqq/iL6VWoA7SHiQsha60q4Eko=
Subject key identifier: 73:64:78:B7:73:4C:F1:2E:2B:88:29:4F:B9:D4:70:C3:F1:F0:E8:EA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01909D248622A6EE8FD3783ABA589A5CD519
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c2R4t3NM8S4riClPudRww_Hw6Oo.roa
Signing time: Wed 10 Jul 2024 14:55:34 +0000
ROA not before: Wed 10 Jul 2024 14:55:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 89.213.120.0/24 maxlen: 24
213.210.39.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
217.145.68.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 12 Jul 2024 16:06:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9d:24:86:22:a6:ee:8f:d3:78:3a:ba:58:9a:5c:d5:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 10 14:55:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=736478b7734cf12e2b88294fb9d470c3f1f0e8ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a6:0a:ed:93:31:f7:8d:81:a9:59:f3:c1:87:
79:f6:74:5d:5c:4e:a1:3c:23:95:45:4c:bd:49:e9:
92:df:e9:56:ff:cb:7e:6e:fe:da:3e:6a:d9:ae:38:
79:b1:ad:5f:49:49:06:e1:6d:7e:8b:20:15:fb:e4:
b1:f7:c2:11:de:e4:63:36:99:62:2e:db:f8:a1:1b:
29:35:a5:b5:02:06:4a:24:5c:eb:f2:b3:cf:38:7e:
55:8e:ab:f2:a2:aa:1a:84:34:9b:49:5a:64:99:87:
84:b8:f8:92:30:18:56:e8:ed:f2:bb:03:f9:55:41:
09:5e:11:fd:f1:0b:e8:24:82:10:d0:d9:6e:32:53:
02:c8:f3:6c:fd:f5:29:f9:61:16:3a:1a:cc:e5:40:
e8:ef:0f:3f:b2:d4:c6:fd:45:f4:f3:56:a1:00:27:
ce:a2:9b:16:84:3f:c6:13:31:d0:43:e1:25:78:24:
da:26:ae:87:21:b9:a0:e3:14:d1:8e:7d:fa:09:86:
a7:08:f2:01:10:60:2c:bf:df:d5:3a:2d:47:19:1e:
6e:d6:af:74:61:6c:31:83:92:c9:91:34:33:b8:20:
d7:79:3c:de:76:75:8e:cf:88:7b:c3:ba:80:4c:6e:
4a:7d:58:0e:1d:d8:c6:53:90:a7:97:a8:d5:db:f1:
11:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:64:78:B7:73:4C:F1:2E:2B:88:29:4F:B9:D4:70:C3:F1:F0:E8:EA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/c2R4t3NM8S4riClPudRww_Hw6Oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.120.0/24
213.210.39.0/24
213.218.234.0/24
217.145.68.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:57:c7:b4:da:85:b3:4c:a0:bf:00:0d:0a:e8:39:5c:bc:a8:
4b:08:44:c0:6b:80:83:a1:86:89:22:6a:f0:55:27:cf:18:59:
b6:c2:51:d0:89:6d:72:9e:88:29:fa:db:1d:ef:ec:a2:da:4b:
06:14:02:8d:d1:c0:91:46:19:08:40:bd:b5:62:fa:4d:2f:1b:
c5:29:20:ca:71:56:4d:7a:0c:54:fd:d9:54:0e:78:39:24:71:
cb:32:38:0e:1c:68:74:ae:68:6d:b2:cd:82:7a:11:bf:1d:5a:
f7:2a:c3:e3:af:9d:ae:b6:38:7a:4a:d2:10:d5:07:d9:bb:f7:
57:a4:ac:ac:90:1d:dc:16:6e:44:9f:f5:2c:f0:85:0a:fd:8a:
00:c0:38:6d:76:c7:89:b7:1a:4b:bc:d4:ce:65:30:0a:bd:ad:
03:fb:5a:72:a1:1e:74:56:c9:cc:8d:de:f7:c8:e5:77:b7:ca:
0b:2f:a9:89:8b:0b:9f:ff:30:f2:a9:e4:53:05:7f:88:d4:62:
09:c0:b9:72:05:d8:03:4d:b7:34:14:40:ca:bc:d9:8d:60:ca:
6a:25:d4:df:90:9c:52:da:00:13:93:37:d5:02:be:2f:7e:3e:
f2:12:3f:82:c5:89:80:88:fb:bb:59:a6:a9:3a:1e:89:2b:68:
07:bc:5a:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZCdJIYipu6P03g6uliaXNUZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzEwMTQ1NTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MzY0NzhiNzczNGNmMTJlMmI4ODI5NGZiOWQ0NzBjM2YxZjBlOGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aYK7ZMx942BqVnzwYd59nRdXE6h
PCOVRUy9SemS3+lW/8t+bv7aPmrZrjh5sa1fSUkG4W1+iyAV++Sx98IR3uRjNpli
Ltv4oRspNaW1AgZKJFzr8rPPOH5VjqvyoqoahDSbSVpkmYeEuPiSMBhW6O3yuwP5
VUEJXhH98QvoJIIQ0NluMlMCyPNs/fUp+WEWOhrM5UDo7w8/stTG/UX081ahACfO
opsWhD/GEzHQQ+EleCTaJq6HIbmg4xTRjn36CYanCPIBEGAsv9/VOi1HGR5u1q90
YWwxg5LJkTQzuCDXeTzednWOz4h7w7qATG5KfVgOHdjGU5Cnl6jV2/ER3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHNkeLdzTPEuK4gpT7nUcMPx8OjqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYzJSNHQzTk04UzRyaUNsUHVkUnd3X0h3Nk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdV4AwQA
1dInAwQA1drqAwQA2ZFEMA0GCSqGSIb3DQEBCwUAA4IBAQA6V8e02oWzTKC/AA0K
6DlcvKhLCETAa4CDoYaJImrwVSfPGFm2wlHQiW1ynogp+tsd7+yi2ksGFAKN0cCR
RhkIQL21YvpNLxvFKSDKcVZNegxU/dlUDng5JHHLMjgOHGh0rmhtss2CehG/HVr3
KsPjr52utjh6StIQ1QfZu/dXpKyskB3cFm5En/Us8IUK/YoAwDhtdseJtxpLvNTO
ZTAKva0D+1pyoR50VsnMjd73yOV3t8oLL6mJiwuf/zDyqeRTBX+I1GIJwLlyBdgD
Tbc0FEDKvNmNYMpqJdTfkJxS2gATkzfVAr4vfj7yEj+CxYmAiPu7WaapOh6JK2gH
vFqA
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:12 2025 by rpki-client