Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa
File: kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa (raw, json)
Hash identifier: lMk7nLoLcwk9kewrlpPANHTPOoF/4a9BgA5lNMpfblg=
Subject key identifier: 90:A9:F4:0E:5C:F4:6C:C9:D0:2B:74:A4:80:51:B7:8B:3C:89:D5:98
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC349562AE7B61FB1C45EDA212D2C5037
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa
Signing time: Mon 01 Jan 2024 04:30:12 +0000
ROA not before: Mon 01 Jan 2024 04:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61135
IP address blocks: 89.213.140.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jan 2024 10:09:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:56:2a:e7:b6:1f:b1:c4:5e:da:21:2d:2c:50:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=90a9f40e5cf46cc9d02b74a48051b78b3c89d598
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:7a:31:74:59:26:ec:b5:95:3d:82:c2:ec:68:
a9:ce:94:f9:8e:35:35:f3:c4:42:7f:17:9b:a8:ad:
6a:e5:df:e1:ea:83:c3:51:18:59:17:6a:b0:1e:be:
76:86:8f:68:32:b4:f1:09:f3:3a:e8:5c:be:33:cd:
ae:f4:c1:50:fe:cf:e4:89:42:30:12:d0:b1:75:56:
b3:e6:62:3a:96:5a:28:c8:b7:d9:62:cf:c4:6b:bd:
30:ce:12:55:7d:f4:a8:cd:0d:45:02:0c:b6:81:86:
54:bd:11:e0:b7:1a:b8:28:35:69:f4:e5:b1:17:58:
be:76:79:f2:5c:07:94:ef:d1:6c:ca:2f:de:8f:fb:
85:8a:d5:75:9f:11:51:0f:8f:88:58:21:00:4c:1f:
27:52:b5:7c:6d:36:e8:1e:23:4b:9d:24:79:93:ae:
15:4a:77:6a:04:0a:e4:7d:a1:11:b3:f7:cf:73:07:
a4:ff:93:0c:57:0d:cc:b0:f7:31:ac:4c:41:00:d8:
84:20:74:b7:0f:61:03:68:74:19:51:fd:31:7d:4a:
be:18:6c:ec:be:53:24:8f:dd:45:3f:d3:8c:0f:43:
f8:0c:eb:86:c5:00:22:21:07:70:07:6d:96:81:4f:
7a:b6:a9:d5:b8:f8:cd:e3:ae:c8:9e:04:11:15:75:
b8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:A9:F4:0E:5C:F4:6C:C9:D0:2B:74:A4:80:51:B7:8B:3C:89:D5:98
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/kKn0Dlz0bMnQK3SkgFG3izyJ1Zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.140.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:a3:a8:51:6f:f4:46:8d:b8:9b:5e:14:08:2d:5e:f0:58:7b:
c2:df:47:2d:8f:d7:c9:63:19:48:50:e7:9e:2d:47:41:ee:08:
a4:92:06:37:68:c4:72:1a:92:cd:a2:14:d2:20:f4:17:09:60:
e5:bb:a1:a5:2b:1e:ed:62:2b:1a:f0:45:ae:a2:4a:b2:6d:4f:
6e:06:a2:df:ec:1b:9c:55:c9:34:09:84:26:4f:d4:c6:58:68:
75:ec:96:38:0e:cf:ea:cd:0c:e5:f2:a3:ed:c5:79:d1:c9:40:
33:a2:02:c2:e7:27:b7:27:f0:27:27:f7:5b:49:96:5f:ad:53:
60:39:60:fa:30:94:c6:ca:44:f2:03:af:0c:66:0e:4b:ee:c5:
f3:64:50:6f:c3:4e:62:73:bd:d6:17:71:7a:4e:43:9e:7c:91:
59:c9:ae:21:1d:a3:bf:29:dc:d6:83:91:02:98:3d:67:c9:a5:
b9:0e:c7:64:2f:c5:1a:c0:52:c7:b2:a4:a2:8e:3f:16:5d:12:
a1:1c:18:94:c7:ae:c5:0b:6a:cf:63:b2:09:bc:48:34:a2:4f:
fd:0d:28:dd:75:d3:e5:9e:b2:1c:d9:5b:b6:94:a3:23:d1:a4:
f3:17:d7:55:49:2b:0f:ec:c1:ae:91:f0:97:e4:7b:2b:02:ac:
b9:88:57:c0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSVYq57YfscRe2iEtLFA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGE5ZjQwZTVjZjQ2Y2M5ZDAyYjc0YTQ4MDUxYjc4YjNjODlkNTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyHoxdFkm7LWVPYLC7GipzpT5jjU1
88RCfxebqK1q5d/h6oPDURhZF2qwHr52ho9oMrTxCfM66Fy+M82u9MFQ/s/kiUIw
EtCxdVaz5mI6llooyLfZYs/Ea70wzhJVffSozQ1FAgy2gYZUvRHgtxq4KDVp9OWx
F1i+dnnyXAeU79Fsyi/ej/uFitV1nxFRD4+IWCEATB8nUrV8bTboHiNLnSR5k64V
SndqBArkfaERs/fPcwek/5MMVw3MsPcxrExBANiEIHS3D2EDaHQZUf0xfUq+GGzs
vlMkj91FP9OMD0P4DOuGxQAiIQdwB22WgU96tqnVuPjN467IngQRFXW4IwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJCp9A5c9GzJ0Ct0pIBRt4s8idWYMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva0tuMERsejBiTW5RSzNTa2dGRzNpenlKMVpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWMMA0G
CSqGSIb3DQEBCwUAA4IBAQCpo6hRb/RGjbibXhQILV7wWHvC30ctj9fJYxlIUOee
LUdB7gikkgY3aMRyGpLNohTSIPQXCWDlu6GlKx7tYisa8EWuokqybU9uBqLf7Buc
Vck0CYQmT9TGWGh17JY4Ds/qzQzl8qPtxXnRyUAzogLC5ye3J/AnJ/dbSZZfrVNg
OWD6MJTGykTyA68MZg5L7sXzZFBvw05ic73WF3F6TkOefJFZya4hHaO/KdzWg5EC
mD1nyaW5DsdkL8UawFLHsqSijj8WXRKhHBiUx67FC2rPY7IJvEg0ok/9DSjdddPl
nrIc2Vu2lKMj0aTzF9dVSSsP7MGukfCX5HsrAqy5iFfA
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:20:15 2025 by rpki-client