Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hWmiCAv5LIYOvsd353cye7E_uMw.roa
File: hWmiCAv5LIYOvsd353cye7E_uMw.roa (raw, json)
Hash identifier: UnusdN3+O4+J3qQlEIh+x6INDpIwYofIR2MTNdBFp4o=
Subject key identifier: 85:69:A2:08:0B:F9:2C:86:0E:BE:C7:77:E7:77:32:7B:B1:3F:B8:CC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01939B3DAB4CFDFF804C5D28C4BE61FABA0A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hWmiCAv5LIYOvsd353cye7E_uMw.roa
Signing time: Fri 06 Dec 2024 09:12:10 +0000
ROA not before: Fri 06 Dec 2024 09:12:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198990
IP address blocks: 89.28.237.0/24 maxlen: 24
89.213.214.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:9b:3d:ab:4c:fd:ff:80:4c:5d:28:c4:be:61:fa:ba:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 6 09:12:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8569a2080bf92c860ebec777e777327bb13fb8cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:01:91:8e:b3:a7:3a:04:12:76:2c:22:97:d0:
a5:6c:65:06:31:63:6f:51:87:cb:43:29:aa:16:34:
04:2c:32:49:5e:e4:a9:40:5a:e3:15:dc:4a:27:ed:
2e:63:b3:18:92:8f:1d:c5:8c:c4:96:5e:fe:ed:16:
99:54:9d:ca:6e:b2:7d:28:10:7e:0e:a9:48:6e:be:
68:5f:cc:75:06:cd:a2:70:b6:fd:b3:1c:e5:3d:a4:
ca:db:cb:ef:cc:16:5b:f5:fc:ec:35:30:22:f9:bf:
89:52:33:89:aa:c7:ec:f1:8f:f2:b0:b3:28:68:d2:
40:db:aa:43:bf:38:1c:38:25:3d:94:a0:5b:9b:a9:
58:96:24:c4:62:fd:6e:b6:2c:68:be:66:90:22:c0:
e9:73:f4:fd:5e:62:a7:0c:b7:58:07:d9:25:26:f0:
f0:92:d4:34:7e:61:76:11:53:2b:21:9e:46:57:0b:
d8:d8:f0:f3:04:69:4a:97:f0:95:d1:96:03:ee:e4:
cf:a6:ba:1a:d8:87:9f:17:c3:a0:8c:da:43:c8:fa:
cf:c1:02:d0:76:15:54:3b:a4:06:3b:30:f1:7b:e4:
f6:90:c5:31:1c:f6:16:49:11:a2:df:77:b8:d0:c7:
46:d4:80:e4:1c:9c:d7:7c:80:e7:f4:e8:49:b0:2a:
75:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:69:A2:08:0B:F9:2C:86:0E:BE:C7:77:E7:77:32:7B:B1:3F:B8:CC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hWmiCAv5LIYOvsd353cye7E_uMw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.237.0/24
89.213.214.0/24
Signature Algorithm: sha256WithRSAEncryption
82:d7:01:a6:d2:af:20:90:2b:4d:62:90:ef:68:30:8e:eb:ad:
8c:f0:da:38:15:d3:ca:0c:41:ed:39:19:17:a8:38:9e:25:7d:
28:34:0a:34:28:40:b8:26:a2:2a:78:c1:9b:1d:7a:b4:34:b3:
fc:ac:cc:20:95:8b:81:88:08:ea:cc:0c:fb:75:3b:3d:be:d6:
16:19:21:31:01:ab:8b:98:ba:53:bf:68:43:d2:0d:ea:58:db:
8b:96:1f:ab:1b:55:3e:97:8b:df:0e:49:9a:a6:c9:82:40:d5:
b9:00:92:6e:6b:ff:d6:b5:5a:4c:e3:f6:23:60:ce:47:a0:ab:
fc:ce:77:1f:14:32:d2:7b:9a:7a:84:1d:96:a4:44:e4:c3:76:
8e:87:1f:54:ac:84:3e:3b:49:a7:af:78:89:8a:f9:8c:cc:8b:
31:4f:55:09:1f:47:49:d4:fa:de:5f:dc:51:78:74:8b:22:81:
f9:09:e1:af:45:d3:09:f5:ac:2d:6f:fa:9e:b9:d4:06:fa:90:
3f:00:ae:48:bb:f0:df:31:47:9d:53:17:3e:4e:18:d6:c7:b1:
dc:ca:c3:93:c3:f8:35:39:b0:c0:b7:f6:7b:a1:6a:51:26:41:
55:97:f9:d0:2e:6d:88:9a:7f:7b:03:3b:47:e0:06:03:65:2d:
5e:d4:b4:a4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZObPatM/f+ATF0oxL5h+roKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA2MDkxMjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTY5YTIwODBiZjkyYzg2MGViZWM3NzdlNzc3MzI3YmIxM2ZiOGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQGRjrOnOgQSdiwil9ClbGUGMWNv
UYfLQymqFjQELDJJXuSpQFrjFdxKJ+0uY7MYko8dxYzEll7+7RaZVJ3KbrJ9KBB+
DqlIbr5oX8x1Bs2icLb9sxzlPaTK28vvzBZb9fzsNTAi+b+JUjOJqsfs8Y/ysLMo
aNJA26pDvzgcOCU9lKBbm6lYliTEYv1utixovmaQIsDpc/T9XmKnDLdYB9klJvDw
ktQ0fmF2EVMrIZ5GVwvY2PDzBGlKl/CV0ZYD7uTPproa2IefF8OgjNpDyPrPwQLQ
dhVUO6QGOzDxe+T2kMUxHPYWSRGi33e40MdG1IDkHJzXfIDn9OhJsCp1owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIVpoggL+SyGDr7Hd+d3MnuxP7jMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaFdtaUNBdjVMSVlPdnNkMzUzY3llN0VfdU13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRztAwQA
WdXWMA0GCSqGSIb3DQEBCwUAA4IBAQCC1wGm0q8gkCtNYpDvaDCO662M8No4FdPK
DEHtORkXqDieJX0oNAo0KEC4JqIqeMGbHXq0NLP8rMwglYuBiAjqzAz7dTs9vtYW
GSExAauLmLpTv2hD0g3qWNuLlh+rG1U+l4vfDkmapsmCQNW5AJJua//WtVpM4/Yj
YM5HoKv8zncfFDLSe5p6hB2WpETkw3aOhx9UrIQ+O0mnr3iJivmMzIsxT1UJH0dJ
1PreX9xReHSLIoH5CeGvRdMJ9awtb/qeudQG+pA/AK5Iu/DfMUedUxc+ThjWx7Hc
ysOTw/g1ObDAt/Z7oWpRJkFVl/nQLm2Imn97AztH4AYDZS1e1LSk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:22 2025 by rpki-client