Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i6QzKTvjQRbnRGMPaGT5Tq9KfIc.roa
File: i6QzKTvjQRbnRGMPaGT5Tq9KfIc.roa (raw, json)
Hash identifier: USjUXbpZEkRdyLx/7ZrAyEQxyHBuZlno5/kcRxhZS8E=
Subject key identifier: 8B:A4:33:29:3B:E3:41:16:E7:44:63:0F:68:64:F9:4E:AF:4A:7C:87
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FBA4C183DFC5BB6E605D2B49A6A194FD3
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i6QzKTvjQRbnRGMPaGT5Tq9KfIc.roa
Signing time: Mon 27 May 2024 13:45:00 +0000
ROA not before: Mon 27 May 2024 13:45:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50917
IP address blocks: 212.38.89.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 09 Jul 2024 16:37:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ba:4c:18:3d:fc:5b:b6:e6:05:d2:b4:9a:6a:19:4f:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 27 13:45:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ba433293be34116e744630f6864f94eaf4a7c87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f3:26:b0:5c:d6:ef:1c:40:ea:65:99:52:2c:
d4:34:aa:f8:60:04:52:79:18:7f:1e:b8:ed:94:c6:
57:66:99:a5:e9:2b:ce:8b:e4:ab:65:1e:3c:3a:f6:
48:66:19:46:a7:41:f2:97:ff:5d:6e:bf:b9:59:2b:
7c:98:ad:1f:8a:6f:d1:99:46:40:d8:87:c4:0d:11:
ee:19:7b:34:66:6a:d2:61:9d:89:9e:5e:36:fd:8e:
df:72:14:f6:7e:2e:d4:2e:30:f0:b6:b4:cf:87:f8:
43:90:e4:6e:7a:b9:45:a0:83:8b:c7:45:d2:f8:67:
0f:3d:57:9a:9a:4d:77:84:7f:e2:fa:40:9f:6d:23:
d6:99:b1:36:6b:80:0d:e7:a0:0f:23:e1:61:27:6a:
58:fc:7a:a0:5e:c1:1b:be:4c:6b:86:f3:75:db:cc:
b5:5b:2e:ae:06:d4:44:f8:c4:55:a2:3e:55:51:d6:
53:4f:98:74:15:bc:da:9d:c0:ae:26:72:a1:3f:ee:
b4:a7:67:6e:1f:8e:cb:c1:92:3e:41:cb:e1:29:5b:
1e:f3:a9:1e:b0:e0:7a:d8:9e:0d:cd:b5:79:a1:42:
31:8e:48:ce:d3:da:e6:03:a9:96:36:be:7e:4c:05:
e0:7f:07:00:97:51:8a:2d:d3:b5:0b:22:2b:1c:76:
cb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:A4:33:29:3B:E3:41:16:E7:44:63:0F:68:64:F9:4E:AF:4A:7C:87
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/i6QzKTvjQRbnRGMPaGT5Tq9KfIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.38.89.0/24
Signature Algorithm: sha256WithRSAEncryption
68:bc:99:db:40:a8:a0:36:bd:91:f2:f6:9f:96:eb:fb:a4:01:
b6:fb:f8:81:77:ad:c7:63:b9:a0:4a:b2:e9:ac:1b:17:15:b0:
f9:46:36:19:0c:3b:8e:53:2b:50:28:00:f2:7a:9f:c9:4d:0a:
07:e6:1b:0e:ef:74:e9:ab:90:1b:36:c4:6c:2b:8c:67:c1:48:
76:1c:4c:aa:b8:67:2a:f5:52:96:b8:47:16:6c:48:18:5a:ea:
5f:3f:71:05:5d:f8:8e:3a:11:3b:1d:8c:fd:30:57:7b:bc:b8:
41:b9:c2:19:7e:a0:cb:eb:57:8b:27:f3:44:79:98:4d:78:97:
f0:40:ab:52:75:29:1c:4b:e3:c2:2c:bd:ce:ae:43:a2:88:79:
1a:62:90:28:a7:3c:b2:6f:95:f1:0f:7b:76:f8:52:00:59:a8:
da:94:ab:0e:d8:fc:0b:9d:69:fa:4e:47:ea:4c:c1:b1:f3:17:
1e:c3:52:2b:1c:ed:8f:01:63:d6:02:fe:8b:9d:e9:b4:05:2a:
b0:17:00:c7:a1:96:de:cc:17:79:dd:15:d7:11:ab:38:67:43:
e1:c8:f7:92:d2:ea:53:41:c8:57:04:d9:9a:4d:2e:a3:20:5e:
94:0c:0c:ce:9e:31:8d:02:d8:8d:fb:82:fd:5a:53:73:24:db:
bb:80:c7:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+6TBg9/Fu25gXStJpqGU/TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI3MTM0NTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmE0MzMyOTNiZTM0MTE2ZTc0NDYzMGY2ODY0Zjk0ZWFmNGE3Yzg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPMmsFzW7xxA6mWZUizUNKr4YARS
eRh/HrjtlMZXZpml6SvOi+SrZR48OvZIZhlGp0Hyl/9dbr+5WSt8mK0fim/RmUZA
2IfEDRHuGXs0ZmrSYZ2Jnl42/Y7fchT2fi7ULjDwtrTPh/hDkORuerlFoIOLx0XS
+GcPPVeamk13hH/i+kCfbSPWmbE2a4AN56API+FhJ2pY/HqgXsEbvkxrhvN128y1
Wy6uBtRE+MRVoj5VUdZTT5h0FbzancCuJnKhP+60p2duH47LwZI+QcvhKVse86ke
sOB62J4NzbV5oUIxjkjO09rmA6mWNr5+TAXgfwcAl1GKLdO1CyIrHHbLzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIukMyk740EW50RjD2hk+U6vSnyHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaTZRektUdmpRUmJuUkdNUGFHVDVUcTlLZkljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1CZZMA0G
CSqGSIb3DQEBCwUAA4IBAQBovJnbQKigNr2R8vafluv7pAG2+/iBd63HY7mgSrLp
rBsXFbD5RjYZDDuOUytQKADyep/JTQoH5hsO73Tpq5AbNsRsK4xnwUh2HEyquGcq
9VKWuEcWbEgYWupfP3EFXfiOOhE7HYz9MFd7vLhBucIZfqDL61eLJ/NEeZhNeJfw
QKtSdSkcS+PCLL3OrkOiiHkaYpAopzyyb5XxD3t2+FIAWajalKsO2PwLnWn6Tkfq
TMGx8xcew1IrHO2PAWPWAv6Lnem0BSqwFwDHoZbezBd53RXXEas4Z0PhyPeS0upT
QchXBNmaTS6jIF6UDAzOnjGNAtiN+4L9WlNzJNu7gMcQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:27 2025 by rpki-client