Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dr_8zAR52HoAM_aSu4L2EfpdZE8.roa
File: dr_8zAR52HoAM_aSu4L2EfpdZE8.roa (raw, json)
Hash identifier: GRbfgkAoWp9wo0ZAWatr92iXmjlR6KP0kaUfVmN1z+o=
Subject key identifier: 76:BF:FC:CC:04:79:D8:7A:00:33:F6:92:BB:82:F6:11:FA:5D:64:4F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194CB3712BD082B6240C74C7C7074113B7E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dr_8zAR52HoAM_aSu4L2EfpdZE8.roa
Signing time: Mon 03 Feb 2025 09:49:31 +0000
ROA not before: Mon 03 Feb 2025 09:49:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210538
IP address blocks: 89.213.56.0/24 maxlen: 24
89.213.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 04 Mar 2025 17:47:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:cb:37:12:bd:08:2b:62:40:c7:4c:7c:70:74:11:3b:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Feb 3 09:49:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=76bffccc0479d87a0033f692bb82f611fa5d644f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:46:ff:34:55:c1:22:5a:90:a7:ef:b7:32:35:
d2:98:a5:ee:ed:32:c8:84:2c:be:fa:ab:06:66:b2:
0b:70:11:64:bd:48:98:fc:94:06:9e:58:c0:62:f7:
b7:a5:c2:aa:aa:d8:fe:ba:73:17:e8:5a:3f:a6:cf:
08:4f:c2:56:e7:e6:dd:ec:ce:1b:3a:42:ae:60:ba:
c3:19:e3:a6:45:7c:51:3b:3d:8d:d3:b5:10:15:97:
51:c7:a6:f4:9d:b8:f6:ea:30:36:f7:d2:ca:d4:3a:
98:ee:0a:25:49:09:b4:f9:b3:1d:ec:f5:06:00:f8:
0b:70:7c:51:59:20:66:98:35:db:d0:15:c9:23:64:
a3:c3:a3:9a:04:e0:ca:c9:8e:b6:4e:9e:1c:79:ed:
35:00:9f:16:c1:1d:30:ec:a3:5a:c7:d3:a7:ac:0e:
0d:ca:74:53:7a:9f:00:b7:36:64:f1:02:d4:76:6d:
e5:7c:ad:7f:f1:9f:e7:75:16:55:91:00:fc:01:30:
24:a2:0a:81:2d:25:bd:3d:b3:8c:80:c9:9c:43:29:
1c:4d:5e:87:a2:a4:d7:b5:71:c4:ee:1e:37:15:49:
c6:a2:1a:01:5e:cc:14:65:1c:76:2c:fa:28:51:f1:
8a:3e:ef:99:21:fb:f5:8e:d1:79:b2:d9:e2:52:76:
81:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:BF:FC:CC:04:79:D8:7A:00:33:F6:92:BB:82:F6:11:FA:5D:64:4F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dr_8zAR52HoAM_aSu4L2EfpdZE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.56.0/24
89.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:ee:28:83:84:f3:a2:03:6e:a5:65:fc:85:27:cf:25:7e:e2:
5f:7b:bb:ba:fe:1c:78:57:b3:92:17:d5:de:56:6e:9e:5e:c7:
08:4d:dd:58:0c:e9:af:e4:75:83:f5:e7:cb:56:2c:48:09:ca:
f8:96:14:98:d1:9f:00:c6:40:e9:e3:58:ce:fc:8b:fb:35:66:
0d:ed:aa:41:74:e9:a1:90:68:dc:85:78:11:c2:d4:c4:4a:2d:
1a:8e:83:29:e7:ca:0a:46:ae:ca:e4:47:e8:15:69:8b:e5:5e:
f7:d2:6e:89:52:78:14:01:33:e3:3a:98:fd:7f:d2:f5:25:93:
4e:15:64:cf:73:de:24:4d:6c:57:5b:41:a7:d4:bf:c1:f1:17:
a0:8d:75:27:da:94:ff:3c:71:47:59:81:63:1a:93:4b:36:27:
6e:3d:b4:cf:ee:3a:86:74:a5:b0:17:e2:c1:f1:c7:18:2a:4f:
6a:fc:f2:aa:ee:82:a2:0e:1c:9d:df:57:ec:db:2e:4a:f8:a2:
1a:5f:2a:fb:4e:0c:67:05:f7:b7:c3:ed:8f:51:0f:f2:ed:d0:
1f:4b:8b:b2:b4:6d:d1:cb:e9:95:68:c3:0c:85:c7:40:7d:ab:
68:4a:c9:55:50:c2:77:4f:f8:19:a4:51:10:fa:3b:8a:63:66:
c5:59:8e:e3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZTLNxK9CCtiQMdMfHB0ETt+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMjAzMDk0OTMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NmJmZmNjYzA0NzlkODdhMDAzM2Y2OTJiYjgyZjYxMWZhNWQ2NDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ub/NFXBIlqQp++3MjXSmKXu7TLI
hCy++qsGZrILcBFkvUiY/JQGnljAYve3pcKqqtj+unMX6Fo/ps8IT8JW5+bd7M4b
OkKuYLrDGeOmRXxROz2N07UQFZdRx6b0nbj26jA299LK1DqY7golSQm0+bMd7PUG
APgLcHxRWSBmmDXb0BXJI2Sjw6OaBODKyY62Tp4cee01AJ8WwR0w7KNax9OnrA4N
ynRTep8AtzZk8QLUdm3lfK1/8Z/ndRZVkQD8ATAkogqBLSW9PbOMgMmcQykcTV6H
oqTXtXHE7h43FUnGohoBXswUZRx2LPooUfGKPu+ZIfv1jtF5stniUnaBMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHa//MwEedh6ADP2kruC9hH6XWRPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZHJfOHpBUjUySG9BTV9hU3U0TDJFZnBkWkU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdU4AwQA
WdX4MA0GCSqGSIb3DQEBCwUAA4IBAQCL7iiDhPOiA26lZfyFJ88lfuJfe7u6/hx4
V7OSF9XeVm6eXscITd1YDOmv5HWD9efLVixICcr4lhSY0Z8AxkDp41jO/Iv7NWYN
7apBdOmhkGjchXgRwtTESi0ajoMp58oKRq7K5EfoFWmL5V730m6JUngUATPjOpj9
f9L1JZNOFWTPc94kTWxXW0Gn1L/B8RegjXUn2pT/PHFHWYFjGpNLNiduPbTP7jqG
dKWwF+LB8ccYKk9q/PKq7oKiDhyd31fs2y5K+KIaXyr7TgxnBfe3w+2PUQ/y7dAf
S4uytG3Ry+mVaMMMhcdAfatoSslVUMJ3T/gZpFEQ+juKY2bFWY7j
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:31:00 2025 by rpki-client