Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cBzJZIWPW-Wd0FtTr-__ijmxPZc.roa
File: cBzJZIWPW-Wd0FtTr-__ijmxPZc.roa (raw, json)
Hash identifier: mFFlJivUhX2Km/f6vIFWSRhxOdmEfaHezaLVkh/Kkeo=
Subject key identifier: 70:1C:C9:64:85:8F:5B:E5:9D:D0:5B:53:AF:EF:FF:8A:39:B1:3D:97
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC349680FA0E5DC055683C61B7D04B9F0
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cBzJZIWPW-Wd0FtTr-__ijmxPZc.roa
Signing time: Mon 01 Jan 2024 04:30:17 +0000
ROA not before: Mon 01 Jan 2024 04:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 272833
IP address blocks: 89.213.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 17 Jul 2024 16:02:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:68:0f:a0:e5:dc:05:56:83:c6:1b:7d:04:b9:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=701cc964858f5be59dd05b53afefff8a39b13d97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:06:9e:fc:b6:6c:0e:89:3d:41:ec:a7:f5:00:
35:71:b9:bc:96:4b:4f:d8:0c:e4:14:62:46:e9:f8:
bd:ed:0f:0f:3c:5e:cf:45:9e:75:9f:ba:c4:cf:20:
ef:54:33:47:a9:8d:35:81:82:16:63:46:2e:26:2f:
5c:29:f4:77:75:8f:4e:d2:73:f6:11:79:e7:7d:90:
c6:0a:18:d0:99:0c:8b:fa:2e:d6:cb:00:4d:90:d6:
af:ff:27:c8:c9:70:77:2c:de:2c:50:ed:21:5d:57:
d3:45:1c:05:2f:25:24:09:b0:37:00:57:9f:9e:fd:
97:cb:13:65:f9:f9:b5:a9:56:2a:2a:5d:6d:69:00:
4f:82:f1:3f:3d:fa:90:ea:77:e5:14:6c:4d:b1:79:
0e:78:a2:4e:5c:b5:6d:56:d1:42:11:df:55:91:d8:
d6:e3:cc:3f:8b:64:31:a6:c4:07:df:96:52:43:0e:
f2:ff:55:63:d9:7c:99:a6:b9:25:97:03:77:0a:33:
94:7a:ff:32:07:3e:b9:23:bf:5f:0e:bc:cf:1c:ad:
9b:42:48:a2:30:88:25:cd:8d:24:e5:d6:94:b2:b5:
54:3a:c0:fd:af:1d:58:ff:ad:14:e1:6c:75:a0:7f:
46:5a:06:c9:55:db:fa:a1:01:63:23:9f:24:35:b3:
e5:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:1C:C9:64:85:8F:5B:E5:9D:D0:5B:53:AF:EF:FF:8A:39:B1:3D:97
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/cBzJZIWPW-Wd0FtTr-__ijmxPZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.159.0/24
Signature Algorithm: sha256WithRSAEncryption
85:f6:a7:c4:1e:c4:05:1b:d4:4d:db:d3:85:ba:9a:50:a1:6a:
49:60:e8:7c:27:72:b2:7d:6b:32:df:19:e5:a8:f8:20:77:1a:
ae:bf:89:31:c9:ec:3c:f4:cd:b5:8d:70:49:1b:43:32:d7:b9:
ee:ae:05:47:cb:05:ff:13:cf:a5:f7:c6:8d:d1:5a:dd:79:69:
64:a4:8c:0e:e9:f2:d3:e2:e2:8b:79:0d:c3:75:9c:f5:8b:66:
52:6c:54:20:e1:da:f2:be:65:2a:ec:34:5b:34:11:11:53:fc:
8b:38:ac:75:b5:81:60:a4:df:77:2a:7f:e0:28:30:b2:31:30:
e8:a6:c8:5d:c5:33:8e:e1:35:c8:a1:00:b3:75:b7:d5:1a:7a:
77:61:42:7d:06:9c:18:23:e4:52:d2:33:6d:2f:3c:30:5e:5a:
0c:ab:41:3e:76:e3:2d:51:01:86:d3:ca:5b:65:3e:ae:30:49:
39:09:50:06:e9:74:7b:24:22:3a:77:fd:8a:af:ad:3c:7e:20:
82:41:a7:bc:78:16:75:84:a9:93:02:9d:3a:ac:d1:c8:71:eb:
50:10:72:e9:a6:79:7c:53:94:53:bd:85:5b:45:d1:3f:7d:06:
39:b1:66:8d:05:39:fa:11:a8:95:a3:15:03:25:ec:ad:52:4c:
c7:60:25:9e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWgPoOXcBVaDxht9BLnwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDFjYzk2NDg1OGY1YmU1OWRkMDViNTNhZmVmZmY4YTM5YjEzZDk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjwae/LZsDok9Qeyn9QA1cbm8lktP
2AzkFGJG6fi97Q8PPF7PRZ51n7rEzyDvVDNHqY01gYIWY0YuJi9cKfR3dY9O0nP2
EXnnfZDGChjQmQyL+i7WywBNkNav/yfIyXB3LN4sUO0hXVfTRRwFLyUkCbA3AFef
nv2XyxNl+fm1qVYqKl1taQBPgvE/PfqQ6nflFGxNsXkOeKJOXLVtVtFCEd9VkdjW
48w/i2QxpsQH35ZSQw7y/1Vj2XyZprkllwN3CjOUev8yBz65I79fDrzPHK2bQkii
MIglzY0k5daUsrVUOsD9rx1Y/60U4Wx1oH9GWgbJVdv6oQFjI58kNbPlNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAcyWSFj1vlndBbU6/v/4o5sT2XMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvY0J6SlpJV1BXLVdkMEZ0VHItX19pam14UFpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWfMA0G
CSqGSIb3DQEBCwUAA4IBAQCF9qfEHsQFG9RN29OFuppQoWpJYOh8J3KyfWsy3xnl
qPggdxquv4kxyew89M21jXBJG0My17nurgVHywX/E8+l98aN0VrdeWlkpIwO6fLT
4uKLeQ3DdZz1i2ZSbFQg4dryvmUq7DRbNBERU/yLOKx1tYFgpN93Kn/gKDCyMTDo
pshdxTOO4TXIoQCzdbfVGnp3YUJ9BpwYI+RS0jNtLzwwXloMq0E+duMtUQGG08pb
ZT6uMEk5CVAG6XR7JCI6d/2Kr608fiCCQae8eBZ1hKmTAp06rNHIcetQEHLppnl8
U5RTvYVbRdE/fQY5sWaNBTn6EaiVoxUDJeytUkzHYCWe
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:06:02 2025 by rpki-client