Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j890cPdqW5VFStscxiWq8XPZEPw.roa
File: j890cPdqW5VFStscxiWq8XPZEPw.roa (raw, json)
Hash identifier: CD0oD3vic5FpmizuAJVxGNChr9KeAmXMFXOhD00Hbo4=
Subject key identifier: 8F:CF:74:70:F7:6A:5B:95:45:4A:DB:1C:C6:25:AA:F1:73:D9:10:FC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019113FA204D6FB4C2F50A9B310109BED904
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j890cPdqW5VFStscxiWq8XPZEPw.roa
Signing time: Fri 02 Aug 2024 16:44:04 +0000
ROA not before: Fri 02 Aug 2024 16:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211750
IP address blocks: 82.163.15.0/24 maxlen: 24
89.213.210.0/24 maxlen: 24
89.213.238.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 Aug 2024 16:31:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:13:fa:20:4d:6f:b4:c2:f5:0a:9b:31:01:09:be:d9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 2 16:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8fcf7470f76a5b95454adb1cc625aaf173d910fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:74:d0:f2:cc:3e:b2:12:ba:ab:12:91:7e:51:
4b:b2:76:41:19:39:1f:3b:a3:51:42:b0:ee:75:f3:
fc:19:af:b0:a5:bd:e7:6d:4e:3c:ab:eb:ca:34:23:
01:46:62:3a:1a:1d:be:3e:d5:a0:bb:76:d0:52:4d:
ec:ea:78:d4:f2:11:cb:83:cb:0d:97:de:5b:d2:40:
59:a6:c9:fd:8a:af:39:e4:3a:dc:b7:39:06:a3:08:
ed:62:4c:7e:18:42:6f:ad:f1:79:91:76:d0:06:11:
c0:6b:17:45:31:5d:58:0d:6d:0b:e9:34:d2:ef:a9:
da:8c:87:ff:9a:07:14:08:88:a2:c9:2d:3e:b4:aa:
1d:35:d6:4f:8d:f6:e4:8f:26:0d:08:9a:a9:a4:2a:
15:b9:4c:b7:b9:d7:8a:21:98:96:66:5d:7c:fe:5c:
c3:4c:a2:a5:20:6f:e7:44:b2:0c:11:69:cd:d6:d0:
e6:2a:18:0a:fa:7b:c8:21:2e:99:4e:74:a4:aa:95:
c3:35:24:ec:ce:50:81:63:a6:3e:90:14:ef:14:fa:
bf:2b:0c:ca:9a:20:3c:d0:69:d3:94:8f:0d:b6:7b:
6d:63:46:ff:57:a4:04:3f:77:26:dd:8e:31:6a:4b:
c7:a9:96:61:3e:34:4c:42:4f:65:82:49:be:2c:bd:
cd:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:CF:74:70:F7:6A:5B:95:45:4A:DB:1C:C6:25:AA:F1:73:D9:10:FC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/j890cPdqW5VFStscxiWq8XPZEPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.163.15.0/24
89.213.210.0/24
89.213.238.0/24
Signature Algorithm: sha256WithRSAEncryption
59:ff:94:2a:78:43:73:d7:ab:e3:f9:7f:12:5c:7c:5e:91:3c:
24:1a:28:f6:d2:a0:f1:8d:4d:b9:ce:85:8d:d7:f4:2a:90:89:
58:b4:c8:9f:77:e9:f1:10:0f:5b:a4:70:49:6b:ba:67:1e:a0:
d9:4f:b6:cc:ae:cd:2d:86:3d:af:bb:27:22:bb:f2:b3:89:b0:
0d:95:91:14:01:3c:99:cf:1e:cd:20:b4:de:e0:87:69:c1:a4:
13:ec:c4:26:e8:dd:00:80:c6:f9:22:88:c8:11:36:d5:2d:ec:
59:c2:91:b0:9b:c3:68:21:8b:08:94:a0:39:1a:c0:51:2f:15:
11:32:f0:a3:c3:cf:49:b0:98:9f:7b:22:0e:80:c8:c1:16:b3:
dc:0d:b6:c5:e5:4f:73:d5:4c:b2:d1:2e:b9:4a:a5:fe:ce:47:
b4:1f:a5:28:6f:10:ca:7d:f2:0b:d1:11:aa:ee:b8:46:7d:5b:
8f:86:13:77:65:75:ad:c6:15:df:ee:e3:9b:24:4e:3a:de:bf:
05:44:36:42:64:b1:a6:b1:a3:4b:ca:db:5f:4a:e9:cf:fa:43:
ca:87:e1:14:b3:3a:fd:f7:84:ed:bd:b5:df:a1:34:78:ab:78:
9d:3b:33:93:f7:4f:1c:36:34:63:a6:13:70:45:9d:d3:3d:ba:
53:2e:46:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZET+iBNb7TC9QqbMQEJvtkEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODAyMTY0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZmNmNzQ3MGY3NmE1Yjk1NDU0YWRiMWNjNjI1YWFmMTczZDkxMGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7nTQ8sw+shK6qxKRflFLsnZBGTkf
O6NRQrDudfP8Ga+wpb3nbU48q+vKNCMBRmI6Gh2+PtWgu3bQUk3s6njU8hHLg8sN
l95b0kBZpsn9iq855DrctzkGowjtYkx+GEJvrfF5kXbQBhHAaxdFMV1YDW0L6TTS
76najIf/mgcUCIiiyS0+tKodNdZPjfbkjyYNCJqppCoVuUy3udeKIZiWZl18/lzD
TKKlIG/nRLIMEWnN1tDmKhgK+nvIIS6ZTnSkqpXDNSTszlCBY6Y+kBTvFPq/KwzK
miA80GnTlI8NtnttY0b/V6QEP3cm3Y4xakvHqZZhPjRMQk9lgkm+LL3N3QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFI/PdHD3aluVRUrbHMYlqvFz2RD8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvajg5MGNQZHFXNVZGU3RzY3hpV3E4WFBaRVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUqMPAwQA
WdXSAwQAWdXuMA0GCSqGSIb3DQEBCwUAA4IBAQBZ/5QqeENz16vj+X8SXHxekTwk
Gij20qDxjU25zoWN1/QqkIlYtMifd+nxEA9bpHBJa7pnHqDZT7bMrs0thj2vuyci
u/KzibANlZEUATyZzx7NILTe4IdpwaQT7MQm6N0AgMb5IojIETbVLexZwpGwm8No
IYsIlKA5GsBRLxURMvCjw89JsJifeyIOgMjBFrPcDbbF5U9z1Uyy0S65SqX+zke0
H6UobxDKffIL0RGq7rhGfVuPhhN3ZXWtxhXf7uObJE463r8FRDZCZLGmsaNLyttf
SunP+kPKh+EUszr994TtvbXfoTR4q3idOzOT908cNjRjphNwRZ3TPbpTLkaz
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:26:26 2025 by rpki-client