Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iHH4D-SoyX7JXcBTk5yh6ZX0V3k.roa
File: iHH4D-SoyX7JXcBTk5yh6ZX0V3k.roa (raw, json)
Hash identifier: Dym+xRgjxFa/b5ZrUQ8tADonlroUxpxivmXtcjMerRE=
Subject key identifier: 88:71:F8:0F:E4:A8:C9:7E:C9:5D:C0:53:93:9C:A1:E9:95:F4:57:79
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC34965FDA71B14DD6FC1B324633D7CC1
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iHH4D-SoyX7JXcBTk5yh6ZX0V3k.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216414
IP address blocks: 89.213.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 03 Nov 2024 22:51:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:65:fd:a7:1b:14:dd:6f:c1:b3:24:63:3d:7c:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8871f80fe4a8c97ec95dc053939ca1e995f45779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:37:cd:1b:1b:1d:a1:ca:e7:b3:63:17:09:a7:
81:6b:7f:95:c6:dd:e1:0f:b0:04:ae:84:23:36:01:
ad:77:6a:93:cb:42:fc:87:cb:7b:3c:d4:07:64:59:
b2:25:1b:c9:52:48:8a:34:8e:2d:51:64:fa:34:e8:
4d:f0:d5:78:d4:27:50:67:49:8b:93:80:02:9c:19:
bf:0e:c4:28:ef:86:c4:47:f4:c9:80:29:e7:f3:08:
76:a3:8f:cf:57:92:81:07:51:ba:41:1b:73:01:e5:
96:23:f4:fc:c9:d2:e7:4d:c2:02:0c:0f:5e:ab:26:
83:0b:a8:55:4a:6a:7e:54:c2:ea:b7:9d:58:92:fe:
01:ac:0f:a5:1d:64:8b:cb:77:22:ea:4f:39:86:4c:
19:35:c9:94:dc:e9:3b:28:a2:b3:2d:f1:cf:4e:11:
fe:b6:e0:29:84:e1:71:9b:31:61:b5:b6:28:d0:38:
0e:5c:db:ac:a8:67:71:13:19:c8:6d:a6:9e:b5:ce:
28:14:ca:3c:0f:e4:22:ea:28:e4:54:72:8f:53:72:
b1:74:a6:1e:0a:3d:4f:32:d1:b7:39:e3:1e:5e:83:
62:0c:0f:8f:1f:b0:fc:ea:85:98:84:17:b6:6e:3b:
07:b5:dc:c2:cd:07:f3:1f:ce:3c:ed:40:f0:4c:fc:
1f:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:71:F8:0F:E4:A8:C9:7E:C9:5D:C0:53:93:9C:A1:E9:95:F4:57:79
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iHH4D-SoyX7JXcBTk5yh6ZX0V3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.132.0/24
Signature Algorithm: sha256WithRSAEncryption
23:34:87:78:9d:57:c3:23:46:21:5f:77:b0:5b:0b:6e:c6:58:
c5:10:f3:09:33:77:ce:74:d0:c6:22:19:55:14:ce:75:cb:fd:
01:02:e6:42:b3:9e:7a:24:ec:6f:0d:30:52:7a:37:fa:2f:1b:
85:0c:33:c7:df:6d:18:d9:48:ee:be:6c:a8:fb:f3:8c:1c:4c:
b3:15:c1:e5:eb:5c:68:d5:be:fb:cd:7c:8d:0e:27:0c:0b:c9:
b1:c8:9d:33:b1:ef:be:50:c1:3e:3f:9f:3e:47:06:68:d8:e5:
e6:76:b8:d9:13:29:27:6c:ff:99:d4:35:59:7a:cd:85:7a:bf:
ca:24:ee:0e:2b:50:68:43:6f:63:ec:71:be:5e:d4:b2:6b:71:
c4:84:35:f3:d7:23:7b:b5:3f:2b:47:cc:eb:c2:74:fd:42:50:
fc:74:8c:a9:4f:71:86:27:34:de:0a:2a:a4:b9:9a:af:eb:34:
be:c2:05:0c:3d:6c:40:96:e0:a2:8c:09:65:50:55:ae:8b:ba:
75:30:e6:54:35:fe:c1:98:34:d0:39:e3:04:5f:23:b8:39:3c:
6c:19:f4:2f:9e:b5:c9:a5:22:68:d1:92:1d:71:91:26:83:93:
27:51:b8:5a:dc:e2:2c:ce:d3:d6:5a:b2:8e:a3:93:11:97:af:
20:43:a0:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWX9pxsU3W/BsyRjPXzBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODcxZjgwZmU0YThjOTdlYzk1ZGMwNTM5MzljYTFlOTk1ZjQ1Nzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjjfNGxsdocrns2MXCaeBa3+Vxt3h
D7AEroQjNgGtd2qTy0L8h8t7PNQHZFmyJRvJUkiKNI4tUWT6NOhN8NV41CdQZ0mL
k4ACnBm/DsQo74bER/TJgCnn8wh2o4/PV5KBB1G6QRtzAeWWI/T8ydLnTcICDA9e
qyaDC6hVSmp+VMLqt51Ykv4BrA+lHWSLy3ci6k85hkwZNcmU3Ok7KKKzLfHPThH+
tuAphOFxmzFhtbYo0DgOXNusqGdxExnIbaaetc4oFMo8D+Qi6ijkVHKPU3KxdKYe
Cj1PMtG3OeMeXoNiDA+PH7D86oWYhBe2bjsHtdzCzQfzH8487UDwTPwfBQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIhx+A/kqMl+yV3AU5OcoemV9Fd5MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaUhINEQtU295WDdKWGNCVGs1eWg2WlgwVjNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWEMA0G
CSqGSIb3DQEBCwUAA4IBAQAjNId4nVfDI0YhX3ewWwtuxljFEPMJM3fOdNDGIhlV
FM51y/0BAuZCs556JOxvDTBSejf6LxuFDDPH320Y2Ujuvmyo+/OMHEyzFcHl61xo
1b77zXyNDicMC8mxyJ0zse++UME+P58+RwZo2OXmdrjZEyknbP+Z1DVZes2Fer/K
JO4OK1BoQ29j7HG+XtSya3HEhDXz1yN7tT8rR8zrwnT9QlD8dIypT3GGJzTeCiqk
uZqv6zS+wgUMPWxAluCijAllUFWui7p1MOZUNf7BmDTQOeMEXyO4OTxsGfQvnrXJ
pSJo0ZIdcZEmg5MnUbha3OIsztPWWrKOo5MRl68gQ6Ar
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:07 2025 by rpki-client