Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa
File: hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa (raw, json)
Hash identifier: k1Ra7BGMVAhdosuz9j5FGVnHY6QFKiZtB90S7A47Kao=
Subject key identifier: 86:FE:19:04:03:07:58:52:F5:E5:EB:DD:8C:86:CD:59:37:A8:5C:44
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E75701C2BD14E30A5C92FC68312A0FEBB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa
Signing time: Mon 25 Mar 2024 11:47:45 +0000
ROA not before: Mon 25 Mar 2024 11:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 89.213.115.0/24 maxlen: 24
89.213.218.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Apr 2024 13:35:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:70:1c:2b:d1:4e:30:a5:c9:2f:c6:83:12:a0:fe:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 25 11:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=86fe190403075852f5e5ebdd8c86cd5937a85c44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a2:11:86:c0:a3:87:63:07:82:3b:0d:d8:7f:
1c:bc:21:8c:86:25:59:0d:dd:49:c1:46:b5:bd:51:
ca:57:7b:51:af:ee:8d:77:27:b0:f4:9e:59:cb:6f:
14:a7:55:d5:7e:bc:52:de:d1:44:0b:41:52:52:92:
4e:ce:89:1f:64:fb:1b:f6:84:c3:74:5a:30:c2:75:
04:a6:fb:52:ff:5e:eb:b3:a4:ae:cf:04:d5:31:26:
36:b6:8b:29:71:46:69:6f:a1:d2:26:70:14:b2:bb:
03:6a:d6:39:e4:88:f7:0b:84:a5:a4:ac:03:6f:37:
6a:eb:7e:df:a2:85:23:e4:61:c6:8e:4c:27:52:6a:
09:94:9e:97:e3:22:f9:5a:99:7f:75:76:48:90:27:
ae:f7:32:26:1c:e3:74:b8:38:79:2e:49:43:cb:a7:
97:0a:f2:48:6b:51:b6:71:02:43:a5:50:ec:56:db:
c6:67:ce:78:59:35:ba:cd:e3:db:62:8c:4e:0e:22:
13:53:52:d0:f4:40:12:3a:f7:59:ee:6f:f5:15:fc:
ef:ab:4d:29:b8:bd:46:0d:ff:df:62:52:f1:5a:2d:
96:fa:a2:83:07:f6:05:06:d3:18:d4:15:c3:b0:b3:
13:41:79:df:f4:ec:93:fb:15:ba:69:4e:0b:5b:ec:
74:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:FE:19:04:03:07:58:52:F5:E5:EB:DD:8C:86:CD:59:37:A8:5C:44
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/hv4ZBAMHWFL15evdjIbNWTeoXEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.115.0/24
89.213.218.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:66:ae:13:17:d5:84:9e:5c:e9:ea:0d:c9:8a:ed:26:97:d7:
a9:d1:be:58:23:e6:db:90:07:f4:bf:02:8f:94:4f:b6:60:94:
2e:4f:e9:f9:1f:50:cb:fb:51:03:8f:a4:ce:1b:d3:b1:41:85:
c8:da:7a:eb:87:84:52:c8:7c:8e:ae:04:04:17:3d:c1:87:c1:
a8:50:f3:89:3b:da:06:8d:70:4d:e5:ce:5c:3a:af:f7:72:c9:
e9:71:de:17:cf:9c:a6:04:49:c3:f3:a2:03:03:8a:39:1b:ec:
4e:6c:bd:4b:0c:c9:d8:9e:c2:9b:ff:48:3f:61:93:bd:a2:4c:
70:1b:d0:35:f5:76:a0:c1:2b:c9:75:4e:2a:25:ca:16:48:b8:
e3:34:97:af:ed:bd:19:22:c1:e2:7b:67:e6:bb:f9:a2:ee:32:
3d:55:27:f4:94:43:76:d0:a7:11:8f:cc:7c:eb:18:05:41:03:
93:94:e1:ef:e3:89:6c:ab:78:80:75:1e:42:ce:20:59:16:16:
73:b9:5b:0c:0e:26:88:c8:7a:b1:25:86:a6:5d:20:8e:fe:3d:
b8:6f:56:89:70:58:73:95:ed:b4:47:9c:d2:c2:ad:bc:21:2b:
20:06:56:85:4b:a8:80:2f:5f:36:3d:b8:ab:cf:e5:ee:b5:c1:
97:79:1c:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY51cBwr0U4wpckvxoMSoP67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzI1MTE0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NmZlMTkwNDAzMDc1ODUyZjVlNWViZGQ4Yzg2Y2Q1OTM3YTg1YzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaIRhsCjh2MHgjsN2H8cvCGMhiVZ
Dd1JwUa1vVHKV3tRr+6Ndyew9J5Zy28Up1XVfrxS3tFEC0FSUpJOzokfZPsb9oTD
dFowwnUEpvtS/17rs6SuzwTVMSY2tospcUZpb6HSJnAUsrsDatY55Ij3C4SlpKwD
bzdq637fooUj5GHGjkwnUmoJlJ6X4yL5Wpl/dXZIkCeu9zImHON0uDh5LklDy6eX
CvJIa1G2cQJDpVDsVtvGZ854WTW6zePbYoxODiITU1LQ9EASOvdZ7m/1Ffzvq00p
uL1GDf/fYlLxWi2W+qKDB/YFBtMY1BXDsLMTQXnf9OyT+xW6aU4LW+x0ywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIb+GQQDB1hS9eXr3YyGzVk3qFxEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaHY0WkJBTUhXRkwxNWV2ZGpJYk5XVGVvWEVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdVzAwQA
WdXaMA0GCSqGSIb3DQEBCwUAA4IBAQB8Zq4TF9WEnlzp6g3Jiu0ml9ep0b5YI+bb
kAf0vwKPlE+2YJQuT+n5H1DL+1EDj6TOG9OxQYXI2nrrh4RSyHyOrgQEFz3Bh8Go
UPOJO9oGjXBN5c5cOq/3csnpcd4Xz5ymBEnD86IDA4o5G+xObL1LDMnYnsKb/0g/
YZO9okxwG9A19XagwSvJdU4qJcoWSLjjNJev7b0ZIsHie2fmu/mi7jI9VSf0lEN2
0KcRj8x86xgFQQOTlOHv44lsq3iAdR5CziBZFhZzuVsMDiaIyHqxJYamXSCO/j24
b1aJcFhzle20R5zSwq28ISsgBlaFS6iAL182Pbirz+XutcGXeRwk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:36 2025 by rpki-client