Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZiyiT64F2UIoznHwqZz9DcUXq0.roa
File: hZiyiT64F2UIoznHwqZz9DcUXq0.roa (raw, json)
Hash identifier: Xp72y4Y7KO8qonapcUJEtk+53WV4UMH4whdSylqaato=
Subject key identifier: 85:98:B2:89:3E:B8:17:65:08:A3:39:C7:C2:A6:73:F4:37:14:5E:AD
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942144386BD70E73278E8EF2AF9FD56587
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZiyiT64F2UIoznHwqZz9DcUXq0.roa
Signing time: Wed 01 Jan 2025 09:48:26 +0000
ROA not before: Wed 01 Jan 2025 09:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216425
IP address blocks: 89.213.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Jan 2025 12:05:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:38:6b:d7:0e:73:27:8e:8e:f2:af:9f:d5:65:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8598b2893eb8176508a339c7c2a673f437145ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:aa:c4:4e:72:1b:71:f0:89:3f:fb:f7:25:8c:
de:69:e6:6b:7e:e6:9f:17:64:dd:24:37:2a:6d:b8:
d0:1a:9e:18:ef:57:e0:88:a2:78:a5:5e:17:b3:80:
2a:3a:bf:7a:9e:4e:e8:4a:a0:06:30:14:5a:f3:e6:
bc:4b:5e:63:db:87:dd:18:0b:51:2f:6d:6a:fe:40:
41:a9:f6:9c:fa:2c:d9:cb:dc:68:31:4d:ec:20:80:
22:fa:dd:e5:16:d2:ee:06:54:9c:73:f2:0c:b1:64:
8a:5f:72:76:0b:51:c3:e6:43:07:2f:01:a7:4b:2f:
a3:20:2b:45:49:4c:07:ef:4d:72:82:b8:4a:a1:c6:
3f:87:ef:02:db:b6:d7:1c:95:ea:a0:b5:51:05:c8:
a3:b1:3f:25:5b:2c:d6:cd:35:1f:b4:bc:5b:9b:a8:
2d:0e:38:34:ca:5c:84:21:30:80:46:ad:fd:5a:40:
a0:d1:85:18:5b:c4:20:09:b4:8f:ce:dc:d3:e8:14:
1b:fe:ea:a0:ec:f3:92:96:b4:e2:4e:43:13:1c:52:
7d:d2:5d:5d:d5:1d:ac:33:a4:dc:ae:28:82:4a:09:
42:3b:50:25:3f:71:34:87:49:1e:b9:ad:93:62:4b:
ac:83:f1:c3:52:34:5c:b0:43:db:14:5e:70:59:18:
40:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:98:B2:89:3E:B8:17:65:08:A3:39:C7:C2:A6:73:F4:37:14:5E:AD
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hZiyiT64F2UIoznHwqZz9DcUXq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.248.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:c4:43:78:9a:d3:94:47:18:e5:1c:f0:34:d6:b3:d5:c6:2d:
f5:f9:ef:ef:42:2f:e2:79:8a:d4:e6:57:aa:49:a8:87:c2:c5:
d6:0b:58:a4:80:13:46:f6:57:f8:71:b6:54:67:24:a1:c3:4d:
6a:dd:c2:aa:4b:18:09:99:44:b8:79:85:a8:39:f9:00:e6:70:
a0:86:ac:ed:30:6a:db:b4:71:43:8b:fa:25:a8:d4:cf:9d:49:
28:0a:4d:e5:87:48:6d:c0:ac:a0:a9:27:ad:b4:d7:9f:a0:b2:
fc:44:64:0e:b1:ce:77:00:bb:b1:56:4a:0d:2a:a7:94:a7:53:
68:9f:fc:a5:ea:5d:0a:37:4c:96:66:59:92:0f:f1:9e:46:e6:
cb:96:15:31:8d:26:ac:4e:03:da:3d:3c:80:a2:07:4e:f2:4b:
91:8c:27:17:14:4e:ba:16:97:a8:90:25:15:f8:87:f7:ce:35:
ae:33:d6:7c:4d:39:8a:ac:c3:cd:24:49:6a:be:17:64:9b:f8:
e7:be:52:9c:c5:9c:2c:81:25:5e:ff:e0:10:f2:61:49:8f:48:
6c:4c:18:03:48:ae:3d:3d:a9:7f:c3:7a:fd:bc:ca:2b:70:cd:
5c:b3:a1:0d:5b:eb:a8:b5:9e:2f:18:7a:22:51:a2:72:75:fd:
3c:ea:df:e4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDhr1w5zJ46O8q+f1WWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTk4YjI4OTNlYjgxNzY1MDhhMzM5YzdjMmE2NzNmNDM3MTQ1ZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvqrETnIbcfCJP/v3JYzeaeZrfuaf
F2TdJDcqbbjQGp4Y71fgiKJ4pV4Xs4AqOr96nk7oSqAGMBRa8+a8S15j24fdGAtR
L21q/kBBqfac+izZy9xoMU3sIIAi+t3lFtLuBlScc/IMsWSKX3J2C1HD5kMHLwGn
Sy+jICtFSUwH701ygrhKocY/h+8C27bXHJXqoLVRBcijsT8lWyzWzTUftLxbm6gt
Djg0ylyEITCARq39WkCg0YUYW8QgCbSPztzT6BQb/uqg7POSlrTiTkMTHFJ90l1d
1R2sM6TcriiCSglCO1AlP3E0h0keua2TYkusg/HDUjRcsEPbFF5wWRhAXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIWYsok+uBdlCKM5x8Kmc/Q3FF6tMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaFppeWlUNjRGMlVJb3puSHdxWno5RGNVWHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdX4MA0G
CSqGSIb3DQEBCwUAA4IBAQCNxEN4mtOURxjlHPA01rPVxi31+e/vQi/ieYrU5leq
SaiHwsXWC1ikgBNG9lf4cbZUZyShw01q3cKqSxgJmUS4eYWoOfkA5nCghqztMGrb
tHFDi/olqNTPnUkoCk3lh0htwKygqSettNefoLL8RGQOsc53ALuxVkoNKqeUp1No
n/yl6l0KN0yWZlmSD/GeRubLlhUxjSasTgPaPTyAogdO8kuRjCcXFE66FpeokCUV
+If3zjWuM9Z8TTmKrMPNJElqvhdkm/jnvlKcxZwsgSVe/+AQ8mFJj0hsTBgDSK49
Pal/w3r9vMorcM1cs6ENW+uotZ4vGHoiUaJydf086t/k
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:40:46 2025 by rpki-client