Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pJB_rTsbehmTYD90fYbx9y772xE.roa
File: pJB_rTsbehmTYD90fYbx9y772xE.roa (raw, json)
Hash identifier: VSAMZzhpz1oT+5CcQ+FK1YGgSUtbSG11h7xODc1AYY4=
Subject key identifier: A4:90:7F:AD:3B:1B:7A:19:93:60:3F:74:7D:86:F1:F7:2E:FB:DB:11
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D30AE658B31CA5AC74712B7C8E9FDC885
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pJB_rTsbehmTYD90fYbx9y772xE.roa
Signing time: Mon 22 Jan 2024 10:19:12 +0000
ROA not before: Mon 22 Jan 2024 10:19:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 89.213.164.0/24 maxlen: 24
89.213.172.0/24 maxlen: 24
89.213.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 23 Jan 2024 11:02:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:30:ae:65:8b:31:ca:5a:c7:47:12:b7:c8:e9:fd:c8:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 22 10:19:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4907fad3b1b7a1993603f747d86f1f72efbdb11
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:67:7f:cf:30:bf:e6:0c:2f:bd:de:6d:ec:4b:
c1:0d:bb:45:2c:89:51:13:e2:17:cb:4c:e0:03:4d:
d2:a3:39:69:a6:19:4f:b9:0f:66:eb:ef:ef:f2:08:
07:4c:4f:0f:3e:e9:f1:f4:c9:79:48:58:e7:f7:22:
8e:0c:d6:16:e0:1b:55:21:75:d8:2d:44:46:e6:86:
53:48:0b:ec:b8:66:a1:15:53:43:16:86:7c:f7:53:
a3:d5:73:b3:e5:81:21:ee:de:a4:21:e0:aa:f7:7d:
35:a4:b8:6c:f5:fb:e2:02:dc:8c:85:45:b4:f2:ae:
f1:6e:a4:4c:70:bc:17:f9:a3:30:2e:c1:cc:57:2e:
8d:3e:c4:f1:3d:0f:e9:c0:c9:0c:1f:2c:e2:06:8d:
f5:cb:7d:54:6e:c2:b7:5a:6b:5f:09:6b:64:c8:02:
65:f8:72:1b:d0:88:79:72:45:a6:04:d4:16:b3:e5:
a7:97:81:d9:ca:76:ba:50:f0:f3:ea:73:74:bc:e1:
d5:bd:07:af:c3:e0:80:ef:80:c7:6b:80:7f:e1:60:
80:ef:d0:63:76:c7:e1:37:08:90:a5:89:58:05:92:
15:f2:4c:58:a3:b6:0a:66:85:15:30:2f:9b:ec:ba:
2b:68:62:29:2e:d7:92:7d:74:a8:51:a6:00:9b:ca:
d8:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:90:7F:AD:3B:1B:7A:19:93:60:3F:74:7D:86:F1:F7:2E:FB:DB:11
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pJB_rTsbehmTYD90fYbx9y772xE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.164.0/24
89.213.172.0/23
Signature Algorithm: sha256WithRSAEncryption
5d:9a:f5:61:f2:53:6f:04:13:05:ee:0b:8f:9a:f4:e8:4e:5d:
33:91:58:4e:57:b3:ed:71:ff:48:71:79:47:12:13:e0:69:7f:
cf:08:03:41:6b:d9:25:2c:fc:88:52:a9:e9:d9:e1:75:6b:9c:
0e:e2:06:70:92:12:87:7d:1b:a8:c5:91:26:17:57:ed:53:51:
ca:52:81:bb:b0:84:50:f5:05:c1:68:c0:c4:00:e8:44:f9:7e:
a8:51:c3:bd:86:74:8f:e2:e7:b2:ee:0e:94:f5:b5:a5:85:76:
18:c5:bf:1c:23:ae:e7:5e:aa:0b:b2:34:f2:8c:32:71:97:9d:
5d:b1:75:a8:3d:00:05:18:e5:b6:a3:38:89:bf:a9:25:e9:8c:
ac:ff:b2:7c:46:f8:71:fe:c7:c6:9f:62:2c:3e:60:a3:c8:47:
10:4f:20:5c:5e:1e:82:96:53:e4:c2:ff:8b:b4:32:1d:1c:db:
d0:6f:d1:c8:38:e5:f9:da:40:77:ec:3a:30:a0:64:57:f1:04:
43:29:87:95:28:6c:ee:30:3e:37:fb:c2:22:0a:a9:68:ef:64:
57:2a:fd:43:c1:3c:89:95:54:87:29:71:57:05:b8:d3:2b:f0:
5a:29:d1:2b:95:a5:4a:2f:1b:58:69:69:89:8c:23:64:a1:5a:
a8:53:95:07
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY0wrmWLMcpax0cSt8jp/ciFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTIyMTAxOTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDkwN2ZhZDNiMWI3YTE5OTM2MDNmNzQ3ZDg2ZjFmNzJlZmJkYjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2d/zzC/5gwvvd5t7EvBDbtFLIlR
E+IXy0zgA03SozlpphlPuQ9m6+/v8ggHTE8PPunx9Ml5SFjn9yKODNYW4BtVIXXY
LURG5oZTSAvsuGahFVNDFoZ891Oj1XOz5YEh7t6kIeCq9301pLhs9fviAtyMhUW0
8q7xbqRMcLwX+aMwLsHMVy6NPsTxPQ/pwMkMHyziBo31y31UbsK3WmtfCWtkyAJl
+HIb0Ih5ckWmBNQWs+Wnl4HZyna6UPDz6nN0vOHVvQevw+CA74DHa4B/4WCA79Bj
dsfhNwiQpYlYBZIV8kxYo7YKZoUVMC+b7LoraGIpLteSfXSoUaYAm8rYMwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKSQf607G3oZk2A/dH2G8fcu+9sRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcEpCX3JUc2JlaG1UWUQ5MGZZYng5eTc3MnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWkAwQB
WdWsMA0GCSqGSIb3DQEBCwUAA4IBAQBdmvVh8lNvBBMF7guPmvToTl0zkVhOV7Pt
cf9IcXlHEhPgaX/PCANBa9klLPyIUqnp2eF1a5wO4gZwkhKHfRuoxZEmF1ftU1HK
UoG7sIRQ9QXBaMDEAOhE+X6oUcO9hnSP4uey7g6U9bWlhXYYxb8cI67nXqoLsjTy
jDJxl51dsXWoPQAFGOW2oziJv6kl6Yys/7J8Rvhx/sfGn2IsPmCjyEcQTyBcXh6C
llPkwv+LtDIdHNvQb9HIOOX52kB37DowoGRX8QRDKYeVKGzuMD43+8IiCqlo72RX
Kv1DwTyJlVSHKXFXBbjTK/BaKdErlaVKLxtYaWmJjCNkoVqoU5UH
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:10 2025 by rpki-client