Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/l5IMimUkuJL0D-BJ6ZW47-rquPE.roa
File: l5IMimUkuJL0D-BJ6ZW47-rquPE.roa (raw, json)
Hash identifier: UWiOAMXNCfzy9EtDq0NM589Cbe37mFMETlFQSrLTXjc=
Subject key identifier: 97:92:0C:8A:65:24:B8:92:F4:0F:E0:49:E9:95:B8:EF:EA:EA:B8:F1
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190175E4EA219A4B36535984D11FA8E936B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/l5IMimUkuJL0D-BJ6ZW47-rquPE.roa
Signing time: Fri 14 Jun 2024 15:29:34 +0000
ROA not before: Fri 14 Jun 2024 15:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 10103
IP address blocks: 89.213.212.0/24 maxlen: 24
89.213.214.0/24 maxlen: 24
194.105.76.0/22 maxlen: 22
Validation: Failed, certificate revoked on Thu 25 Jul 2024 16:34:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:5e:4e:a2:19:a4:b3:65:35:98:4d:11:fa:8e:93:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 14 15:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97920c8a6524b892f40fe049e995b8efeaeab8f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5f:05:64:eb:ed:27:a8:2b:95:53:e7:35:17:
75:83:ba:c5:ac:92:53:37:89:ae:76:00:23:5b:b1:
76:e7:3a:d7:e0:77:fc:6c:af:81:e7:0e:f2:c8:e8:
ff:98:ab:de:6b:2e:4f:1d:71:c4:44:0e:22:23:2d:
29:60:e4:40:3b:9e:86:62:95:34:7c:27:c4:27:27:
94:00:d5:b9:c6:97:ae:27:c2:68:b0:c9:f0:94:90:
19:a2:60:57:3d:87:9c:b7:3d:59:5f:4e:09:71:c9:
5c:4a:f7:a6:63:ca:5e:47:ba:16:ae:18:9e:2a:9c:
47:04:30:ac:ae:c9:e4:fb:c4:be:f3:69:2e:12:bf:
e6:c4:69:7f:73:a8:39:d9:3d:69:b4:a6:59:5b:28:
e1:f8:64:f1:3a:57:c4:34:1e:be:aa:da:e3:65:b6:
b1:fe:f2:2f:5e:8a:fd:ee:11:95:65:eb:96:8d:02:
5d:d4:3f:bf:79:9b:1b:9d:30:3d:b6:ff:21:eb:9d:
19:92:e0:4c:fb:6d:fa:d8:42:05:28:0f:76:26:14:
f9:1b:44:1a:31:f8:37:6c:18:e8:66:a7:3b:fb:06:
07:ac:4e:26:7c:fd:14:86:11:4a:ff:18:d3:70:d3:
2e:33:a1:b5:93:19:b6:19:60:68:df:21:89:35:25:
12:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:92:0C:8A:65:24:B8:92:F4:0F:E0:49:E9:95:B8:EF:EA:EA:B8:F1
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/l5IMimUkuJL0D-BJ6ZW47-rquPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.212.0/24
89.213.214.0/24
194.105.76.0/22
Signature Algorithm: sha256WithRSAEncryption
54:bf:c0:61:88:5a:6e:41:a2:b7:ff:38:c8:11:1f:63:7b:85:
2a:c7:ab:dc:fe:bd:91:c8:e7:ea:96:15:c5:4a:a7:cc:e0:b0:
ee:73:85:01:3d:cc:d1:e0:56:a9:75:c5:af:2c:bd:56:67:3b:
2c:51:07:e9:25:a4:8e:fe:29:ed:34:24:7f:91:15:7e:54:32:
26:8f:40:3c:7b:ac:90:06:95:de:40:02:be:13:93:cf:c3:db:
36:90:5c:a4:33:6d:97:30:41:cc:dd:05:6d:ca:04:34:2c:bb:
bb:fc:73:f4:a5:9c:9a:1e:db:ba:92:69:90:f0:8b:b4:ef:bb:
d6:fe:9a:59:28:52:33:08:3b:a2:eb:da:d0:19:9f:79:2d:16:
55:4e:e5:fd:b5:2f:d7:a0:d0:99:96:f9:dc:29:41:d8:b4:fd:
f4:96:5b:d1:73:ec:ae:d0:0e:b3:c5:7d:4f:ac:90:b1:2e:09:
1f:6f:4f:e3:6d:ef:0c:0b:91:01:d8:0c:49:d4:99:c7:b5:7c:
f4:e3:59:d3:2d:90:fa:0a:4f:3e:c1:7b:b0:3e:73:88:0a:f5:
1c:c7:fc:df:c3:0b:10:35:31:d8:65:dd:f2:7d:1a:71:35:08:
8a:cf:41:5e:de:c4:54:6d:40:e9:5e:9e:21:a2:4a:2a:ce:57:
4d:17:98:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAXXk6iGaSzZTWYTRH6jpNrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjE0MTUyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzkyMGM4YTY1MjRiODkyZjQwZmUwNDllOTk1YjhlZmVhZWFiOGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqF8FZOvtJ6grlVPnNRd1g7rFrJJT
N4mudgAjW7F25zrX4Hf8bK+B5w7yyOj/mKveay5PHXHERA4iIy0pYORAO56GYpU0
fCfEJyeUANW5xpeuJ8JosMnwlJAZomBXPYectz1ZX04JcclcSvemY8peR7oWrhie
KpxHBDCsrsnk+8S+82kuEr/mxGl/c6g52T1ptKZZWyjh+GTxOlfENB6+qtrjZbax
/vIvXor97hGVZeuWjQJd1D+/eZsbnTA9tv8h650ZkuBM+2362EIFKA92JhT5G0Qa
Mfg3bBjoZqc7+wYHrE4mfP0UhhFK/xjTcNMuM6G1kxm2GWBo3yGJNSUS8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJeSDIplJLiS9A/gSemVuO/q6rjxMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbDVJTWltVWt1SkwwRC1CSjZaVzQ3LXJxdVBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdXUAwQA
WdXWAwQCwmlMMA0GCSqGSIb3DQEBCwUAA4IBAQBUv8BhiFpuQaK3/zjIER9je4Uq
x6vc/r2RyOfqlhXFSqfM4LDuc4UBPczR4FapdcWvLL1WZzssUQfpJaSO/intNCR/
kRV+VDImj0A8e6yQBpXeQAK+E5PPw9s2kFykM22XMEHM3QVtygQ0LLu7/HP0pZya
Htu6kmmQ8Iu077vW/ppZKFIzCDui69rQGZ95LRZVTuX9tS/XoNCZlvncKUHYtP30
llvRc+yu0A6zxX1PrJCxLgkfb0/jbe8MC5EB2AxJ1JnHtXz041nTLZD6Ck8+wXuw
PnOICvUcx/zfwwsQNTHYZd3yfRpxNQiKz0Fe3sRUbUDpXp4hokoqzldNF5gW
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:09:59 2025 by rpki-client