Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gimNhKN8Nv2ShH2RRmvb3LTHhk0.roa
File: gimNhKN8Nv2ShH2RRmvb3LTHhk0.roa (raw, json)
Hash identifier: Mn+FTQvnjF8GTKpcpQ8XJstIjh2ueZj0zzvg5wkUXtg=
Subject key identifier: 82:29:8D:84:A3:7C:36:FD:92:84:7D:91:46:6B:DB:DC:B4:C7:86:4D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019242FD99D4374096E517308FEEA41FED3D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gimNhKN8Nv2ShH2RRmvb3LTHhk0.roa
Signing time: Mon 30 Sep 2024 12:52:49 +0000
ROA not before: Mon 30 Sep 2024 12:52:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215269
IP address blocks: 89.213.44.0/24 maxlen: 24
89.213.49.0/24 maxlen: 24
89.213.51.0/24 maxlen: 24
109.176.254.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 02 Oct 2024 23:57:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:fd:99:d4:37:40:96:e5:17:30:8f:ee:a4:1f:ed:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 30 12:52:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=82298d84a37c36fd92847d91466bdbdcb4c7864d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ab:8d:18:99:08:91:82:2e:5b:a8:78:0c:9a:
9c:a0:82:61:bd:dd:60:68:ac:f7:eb:0b:a4:9a:cd:
5d:40:41:6f:ea:6c:41:52:06:dd:37:be:95:71:3c:
28:24:25:3d:8c:9d:47:3a:f5:80:1f:c0:82:de:9e:
00:0a:0b:1b:d0:6c:48:c5:1d:f4:67:34:d1:20:5a:
fc:e7:20:1d:b6:54:ca:b1:b4:8f:c0:55:a1:7e:d4:
00:1a:f6:70:71:bd:87:da:43:42:cf:1d:ca:31:d2:
77:81:8d:04:ae:61:3f:5e:c8:26:68:6f:c4:6b:80:
e8:2d:de:5b:cc:4e:6b:50:2c:ba:5e:53:bc:08:60:
18:dd:ea:b9:1d:fe:2f:86:8a:23:6c:1d:64:1f:0a:
e6:93:ae:f0:7e:ed:4d:11:3b:7b:01:87:a0:c2:98:
c6:86:91:e4:84:80:c4:1e:1f:62:41:48:0c:97:ea:
6f:83:a8:32:7d:90:b3:7d:5a:47:82:3d:31:c8:af:
c1:56:5e:7c:1a:df:4f:14:50:a5:79:1f:56:d9:7e:
74:ca:04:89:b4:a4:fe:6a:56:3d:e5:9b:e6:57:18:
0d:38:e0:e8:4c:75:4a:e9:09:03:ac:28:fd:04:56:
b6:d7:10:6f:3a:2c:b2:df:79:39:78:02:3e:0c:d7:
fd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:29:8D:84:A3:7C:36:FD:92:84:7D:91:46:6B:DB:DC:B4:C7:86:4D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/gimNhKN8Nv2ShH2RRmvb3LTHhk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.44.0/24
89.213.49.0/24
89.213.51.0/24
109.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:7e:7d:09:dd:6f:31:e2:f6:b9:8c:25:e6:78:c6:27:f9:3e:
d6:82:9c:7b:03:2f:55:bb:25:32:2d:96:54:8f:cd:45:5c:e6:
69:f1:f4:ac:67:34:17:56:6e:85:1f:d1:4b:0b:92:7f:df:be:
0d:ac:37:e5:39:2e:12:51:e2:d2:a6:df:86:f7:1f:9a:60:bc:
8a:d8:c3:7e:74:80:91:ce:9e:8b:0e:4b:0c:0c:6b:6f:e7:bd:
b1:83:63:7c:f3:7f:a3:64:86:fc:ed:65:2e:c2:09:7b:e6:a7:
d4:c6:a1:70:a3:69:53:99:58:76:1a:2b:10:9d:1d:34:6d:bf:
7d:ec:fb:26:e5:fe:8f:c6:53:d2:28:18:3a:b9:95:15:32:69:
35:04:c8:a4:06:b7:23:a2:52:50:32:c1:3c:1b:40:10:8c:ce:
54:33:b4:0a:ab:f3:31:45:1f:02:2b:57:2d:f3:98:18:f5:3e:
c2:61:d9:18:32:53:41:7e:e1:54:28:1c:da:6d:bb:40:c7:88:
e3:4c:6d:89:97:a9:ea:3c:dd:2c:9d:f1:45:16:45:9b:e7:39:
a1:72:20:90:dc:da:b2:0e:84:4a:ae:33:ee:63:b0:ce:d6:53:
f2:4f:23:65:8e:2f:ca:16:50:e9:40:fa:54:7a:49:2c:14:4a:
b3:79:56:94
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZJC/ZnUN0CW5Rcwj+6kH+09MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTMwMTI1MjQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MjI5OGQ4NGEzN2MzNmZkOTI4NDdkOTE0NjZiZGJkY2I0Yzc4NjRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtKuNGJkIkYIuW6h4DJqcoIJhvd1g
aKz36wukms1dQEFv6mxBUgbdN76VcTwoJCU9jJ1HOvWAH8CC3p4ACgsb0GxIxR30
ZzTRIFr85yAdtlTKsbSPwFWhftQAGvZwcb2H2kNCzx3KMdJ3gY0ErmE/XsgmaG/E
a4DoLd5bzE5rUCy6XlO8CGAY3eq5Hf4vhoojbB1kHwrmk67wfu1NETt7AYegwpjG
hpHkhIDEHh9iQUgMl+pvg6gyfZCzfVpHgj0xyK/BVl58Gt9PFFCleR9W2X50ygSJ
tKT+alY95ZvmVxgNOODoTHVK6QkDrCj9BFa21xBvOiyy33k5eAI+DNf9jwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIIpjYSjfDb9koR9kUZr29y0x4ZNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ2ltTmhLTjhOdjJTaEgyUlJtdmIzTFRIaGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdUsAwQA
WdUxAwQAWdUzAwQBbbD+MA0GCSqGSIb3DQEBCwUAA4IBAQAdfn0J3W8x4va5jCXm
eMYn+T7Wgpx7Ay9VuyUyLZZUj81FXOZp8fSsZzQXVm6FH9FLC5J/374NrDflOS4S
UeLSpt+G9x+aYLyK2MN+dICRzp6LDksMDGtv572xg2N883+jZIb87WUuwgl75qfU
xqFwo2lTmVh2GisQnR00bb997Psm5f6PxlPSKBg6uZUVMmk1BMikBrcjolJQMsE8
G0AQjM5UM7QKq/MxRR8CK1ct85gY9T7CYdkYMlNBfuFUKBzabbtAx4jjTG2Jl6nq
PN0snfFFFkWb5zmhciCQ3NqyDoRKrjPuY7DO1lPyTyNlji/KFlDpQPpUekksFEqz
eVaU
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:05:12 2025 by rpki-client