Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hocC2B4KZnI2gd21q0ekGbvICZU.roa
File: hocC2B4KZnI2gd21q0ekGbvICZU.roa (raw, json)
Hash identifier: og58geREihi9Xj54K2fbAhvFgPWeJqY6LW69HyQwmpY=
Subject key identifier: 86:87:02:D8:1E:0A:66:72:36:81:DD:B5:AB:47:A4:19:BB:C8:09:95
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01923DFBDC1E107E43259E1C70B0474D0168
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hocC2B4KZnI2gd21q0ekGbvICZU.roa
Signing time: Sun 29 Sep 2024 13:32:48 +0000
ROA not before: Sun 29 Sep 2024 13:32:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215269
IP address blocks: 89.213.44.0/24 maxlen: 24
89.213.49.0/24 maxlen: 24
109.176.254.0/23 maxlen: 24
Validation: Failed, certificate revoked on Mon 30 Sep 2024 12:52:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:3d:fb:dc:1e:10:7e:43:25:9e:1c:70:b0:47:4d:01:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 29 13:32:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=868702d81e0a66723681ddb5ab47a419bbc80995
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:75:69:c9:ba:5d:96:3b:d0:eb:54:4d:3e:a7:
03:51:77:9a:53:0f:15:66:cc:ce:3e:f5:b0:98:08:
fc:8d:01:45:dc:8c:5a:88:7b:e1:2a:b6:b1:a1:1d:
eb:82:c1:18:c1:6b:bf:4b:72:41:1b:9f:79:11:48:
67:bc:36:b3:87:0c:86:f0:cd:7d:60:78:88:84:ba:
0c:65:99:cd:8e:6a:75:a9:3c:5e:62:da:0a:d3:7e:
66:0a:64:82:c3:de:8d:fc:b9:1e:80:84:01:4b:52:
6e:1d:65:17:b3:06:c5:53:bb:63:10:79:c5:6a:e3:
9a:18:e5:82:dc:9d:e8:ed:56:69:10:7a:24:8b:c8:
b6:e9:73:be:a1:6e:b8:df:40:dd:e6:92:93:a6:20:
53:51:d8:6d:2d:29:02:6a:d3:cf:ae:65:c1:05:d4:
74:1f:09:67:b5:9b:10:0e:23:6b:56:70:84:c7:68:
d4:98:b5:80:1e:ac:58:fd:9a:d5:cc:ee:00:f2:19:
75:52:77:f7:66:4d:e8:77:a1:2d:02:2f:53:c8:ce:
1b:95:9a:d5:5b:7e:6e:33:c7:ea:a0:6d:2b:8f:d2:
1d:b3:83:8d:f0:21:4c:8f:ba:84:d5:b7:a6:0b:23:
03:ac:07:cf:03:70:ad:2a:9d:79:d7:6e:43:83:ca:
cc:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:87:02:D8:1E:0A:66:72:36:81:DD:B5:AB:47:A4:19:BB:C8:09:95
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hocC2B4KZnI2gd21q0ekGbvICZU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.44.0/24
89.213.49.0/24
109.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:47:6a:72:8c:3f:62:0f:db:c3:2f:08:50:d0:21:f5:58:48:
87:8c:c3:0d:5f:9e:2e:10:93:98:bf:69:3f:58:7b:6b:d4:1f:
91:a3:7c:1c:9b:e9:54:f2:00:55:45:26:d8:ab:f5:73:a4:d2:
73:12:4c:8b:28:eb:57:24:c1:5e:64:e1:00:2f:b8:37:90:97:
45:7d:c8:6e:1a:3e:66:6c:11:80:93:f7:1f:8e:10:a8:c8:e4:
a4:80:73:72:11:23:61:c4:62:4c:c5:50:a7:ad:57:f3:ab:08:
5b:f2:2e:e3:04:97:44:0e:9b:da:69:3c:8b:bf:d8:ab:02:1a:
99:e2:c6:c6:9e:d5:58:23:a7:a3:7d:b3:8a:12:16:b1:29:27:
2f:e3:dc:65:08:3e:0e:a4:37:31:bd:94:42:4b:1b:73:a7:e5:
d1:fc:4b:4f:1a:cc:73:3e:8b:2f:e5:ee:5f:85:9b:de:40:f0:
49:c3:a5:db:6e:79:48:b7:a0:3b:d5:48:87:c9:0e:ac:c4:ac:
c6:7e:01:c1:6b:2d:6b:8c:7c:ae:70:c4:c2:ce:de:0a:80:a6:
e9:eb:b6:1d:43:8e:69:ab:5c:0f:8a:9d:ca:dd:20:4f:b0:ff:
a7:0e:b4:f8:08:d9:0a:71:6d:d2:f8:87:4a:c2:1c:81:83:2b:
f3:c2:11:f2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZI9+9weEH5DJZ4ccLBHTQFoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTI5MTMzMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Njg3MDJkODFlMGE2NjcyMzY4MWRkYjVhYjQ3YTQxOWJiYzgwOTk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3VpybpdljvQ61RNPqcDUXeaUw8V
ZszOPvWwmAj8jQFF3IxaiHvhKraxoR3rgsEYwWu/S3JBG595EUhnvDazhwyG8M19
YHiIhLoMZZnNjmp1qTxeYtoK035mCmSCw96N/LkegIQBS1JuHWUXswbFU7tjEHnF
auOaGOWC3J3o7VZpEHoki8i26XO+oW6430Dd5pKTpiBTUdhtLSkCatPPrmXBBdR0
HwlntZsQDiNrVnCEx2jUmLWAHqxY/ZrVzO4A8hl1Unf3Zk3od6EtAi9TyM4blZrV
W35uM8fqoG0rj9Ids4ON8CFMj7qE1bemCyMDrAfPA3CtKp15125Dg8rM+QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIaHAtgeCmZyNoHdtatHpBm7yAmVMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaG9jQzJCNEtabkkyZ2QyMXEwZWtHYnZJQ1pVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdUsAwQA
WdUxAwQBbbD+MA0GCSqGSIb3DQEBCwUAA4IBAQB/R2pyjD9iD9vDLwhQ0CH1WEiH
jMMNX54uEJOYv2k/WHtr1B+Ro3wcm+lU8gBVRSbYq/VzpNJzEkyLKOtXJMFeZOEA
L7g3kJdFfchuGj5mbBGAk/cfjhCoyOSkgHNyESNhxGJMxVCnrVfzqwhb8i7jBJdE
DpvaaTyLv9irAhqZ4sbGntVYI6ejfbOKEhaxKScv49xlCD4OpDcxvZRCSxtzp+XR
/EtPGsxzPosv5e5fhZveQPBJw6XbbnlIt6A71UiHyQ6sxKzGfgHBay1rjHyucMTC
zt4KgKbp67YdQ45pq1wPip3K3SBPsP+nDrT4CNkKcW3S+IdKwhyBgyvzwhHy
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:08 2025 by rpki-client