Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i28o2M_RsyqsS6rfG3HeIp_jB-w.roa
File: i28o2M_RsyqsS6rfG3HeIp_jB-w.roa (raw, json)
Hash identifier: 1sZsqzllap/YW8d0WFIn95suJv5pY0a+pDWxlIs9V64=
Subject key identifier: 8B:6F:28:D8:CF:D1:B3:2A:AC:4B:AA:DF:1B:71:DE:22:9F:E3:07:EC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190227AD991C37651EAA917C98955587612
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i28o2M_RsyqsS6rfG3HeIp_jB-w.roa
Signing time: Sun 16 Jun 2024 19:16:34 +0000
ROA not before: Sun 16 Jun 2024 19:16:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 89.213.132.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
109.176.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 22:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:22:7a:d9:91:c3:76:51:ea:a9:17:c9:89:55:58:76:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 16 19:16:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b6f28d8cfd1b32aac4baadf1b71de229fe307ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fc:0a:40:93:17:3c:d8:d4:ec:e0:b8:ea:3e:
32:d3:0f:0d:aa:3f:8d:71:3f:8c:98:d7:fa:f5:6d:
f8:73:d4:20:8d:ed:a3:20:3f:13:45:37:40:58:80:
f2:02:3e:b7:cb:13:9e:87:d8:05:f3:77:98:a9:79:
f8:26:b9:01:97:8c:ac:b0:81:85:6f:76:e3:ec:5e:
28:2b:4b:4c:12:b8:ec:4b:ed:66:b7:e4:a9:60:19:
99:db:31:e3:31:29:38:9f:cd:5a:c2:f2:ca:a3:33:
88:e5:e5:81:6e:36:f5:76:75:78:f3:06:42:62:cc:
83:01:ff:6e:76:4c:b3:62:1a:f4:04:56:e6:a9:24:
e1:7a:e6:66:a5:37:99:da:dd:6d:14:d1:a3:a8:96:
54:04:3b:aa:1c:8a:8e:41:e4:42:23:95:f7:72:47:
df:01:45:de:d6:65:f1:02:49:93:31:e6:bc:d8:ca:
1e:d8:32:9a:f3:fe:09:85:15:f0:e1:93:19:6f:29:
52:fa:67:cb:bb:3f:c6:7e:56:93:64:a7:61:00:3c:
09:84:ee:30:ce:d7:3a:09:97:48:a4:85:72:d1:be:
4f:86:af:0c:50:3c:57:a4:d6:90:f5:15:4a:b2:8e:
9e:2b:d2:ad:03:b4:33:15:a3:cc:4e:07:35:f2:4b:
ea:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:6F:28:D8:CF:D1:B3:2A:AC:4B:AA:DF:1B:71:DE:22:9F:E3:07:EC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i28o2M_RsyqsS6rfG3HeIp_jB-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.132.0/24
89.213.173.0/24
109.176.18.0/24
Signature Algorithm: sha256WithRSAEncryption
90:1d:c1:1a:ce:7f:88:70:f0:92:a7:d3:82:9c:34:5b:9c:b5:
94:86:ad:b2:44:89:43:0a:85:fe:71:ca:29:e1:f0:0e:39:c4:
01:9d:30:05:a7:1e:aa:65:77:5c:40:ff:ff:a7:21:3d:90:b7:
5d:02:a4:d0:7e:c0:24:3b:5b:ca:da:8f:89:01:e9:49:06:e6:
ce:e7:ce:28:d8:17:49:0a:f7:19:96:85:52:a9:43:70:c7:78:
5c:20:82:12:7f:a4:e0:2b:60:05:b3:8d:e7:19:29:c6:fc:92:
0b:c5:01:77:44:07:cd:fb:34:64:e6:aa:d6:ff:30:01:c3:52:
f2:bb:2d:71:fe:7d:c9:e7:1e:05:e4:52:1c:b0:f3:c1:46:2c:
5a:0b:60:b3:59:dc:81:c7:74:79:c8:42:80:25:71:c5:d3:f7:
94:8a:36:bf:b9:62:33:7f:e9:7e:ed:cd:ca:54:88:9c:02:fe:
ac:cc:fd:bb:a6:1b:35:cc:4c:e7:8c:e2:0d:fe:19:8f:e1:ac:
b3:b3:b9:54:97:eb:af:d2:cc:a9:77:7a:e7:5c:9e:a9:c6:23:
70:bf:b1:6a:31:7e:16:78:b3:66:b3:54:21:ba:4c:cf:a1:6f:
6d:98:29:49:ee:6e:fb:c1:42:1c:2e:3c:9e:9d:0c:a5:15:b4:
06:95:9c:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAietmRw3ZR6qkXyYlVWHYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjE2MTkxNjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjZmMjhkOGNmZDFiMzJhYWM0YmFhZGYxYjcxZGUyMjlmZTMwN2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuvwKQJMXPNjU7OC46j4y0w8Nqj+N
cT+MmNf69W34c9Qgje2jID8TRTdAWIDyAj63yxOeh9gF83eYqXn4JrkBl4yssIGF
b3bj7F4oK0tMErjsS+1mt+SpYBmZ2zHjMSk4n81awvLKozOI5eWBbjb1dnV48wZC
YsyDAf9udkyzYhr0BFbmqSTheuZmpTeZ2t1tFNGjqJZUBDuqHIqOQeRCI5X3ckff
AUXe1mXxAkmTMea82Moe2DKa8/4JhRXw4ZMZbylS+mfLuz/GflaTZKdhADwJhO4w
ztc6CZdIpIVy0b5Phq8MUDxXpNaQ9RVKso6eK9KtA7QzFaPMTgc18kvqXwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFItvKNjP0bMqrEuq3xtx3iKf4wfsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaTI4bzJNX1JzeXFzUzZyZkczSGVJcF9qQi13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdWEAwQA
WdWtAwQAbbASMA0GCSqGSIb3DQEBCwUAA4IBAQCQHcEazn+IcPCSp9OCnDRbnLWU
hq2yRIlDCoX+ccop4fAOOcQBnTAFpx6qZXdcQP//pyE9kLddAqTQfsAkO1vK2o+J
AelJBubO584o2BdJCvcZloVSqUNwx3hcIIISf6TgK2AFs43nGSnG/JILxQF3RAfN
+zRk5qrW/zABw1Lyuy1x/n3J5x4F5FIcsPPBRixaC2CzWdyBx3R5yEKAJXHF0/eU
ija/uWIzf+l+7c3KVIicAv6szP27phs1zEznjOIN/hmP4ayzs7lUl+uv0sypd3rn
XJ6pxiNwv7FqMX4WeLNms1QhukzPoW9tmClJ7m77wUIcLjyenQylFbQGlZxr
-----END CERTIFICATE-----
Generated at Sat Jun 7 13:39:35 2025 by rpki-client