Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qjFt4Cx6fpVO5r_MaDm_HknBym8.roa
File: qjFt4Cx6fpVO5r_MaDm_HknBym8.roa (raw, json)
Hash identifier: 70cY/6FAPteyhRgItZulAiV4m8QMi4oasxQCEy5gBZU=
Subject key identifier: AA:31:6D:E0:2C:7A:7E:95:4E:E6:BF:CC:68:39:BF:1E:49:C1:CA:6F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E0E07E18F0446C5282136232343C0B8E4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qjFt4Cx6fpVO5r_MaDm_HknBym8.roa
Signing time: Tue 05 Mar 2024 09:53:01 +0000
ROA not before: Tue 05 Mar 2024 09:53:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216075
IP address blocks: 89.213.140.0/24 maxlen: 24
89.213.144.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 May 2024 07:53:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:07:e1:8f:04:46:c5:28:21:36:23:23:43:c0:b8:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 5 09:53:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa316de02c7a7e954ee6bfcc6839bf1e49c1ca6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:89:37:c1:af:a9:95:42:ec:b9:28:a1:c0:09:
85:45:a5:9b:ed:1d:37:42:a0:5c:f3:14:2d:ef:bc:
d6:28:5d:cd:d6:b2:f5:32:30:a0:0c:2b:ec:1c:ac:
7c:0b:f9:cb:0c:a8:1d:5b:de:2d:c1:f9:ea:9e:c0:
67:d7:63:3d:87:91:56:f2:b2:3c:23:21:f0:43:f4:
4b:60:ef:e4:2b:1e:98:df:a6:a6:e3:b1:ef:e0:0c:
18:8f:43:d8:d0:59:b2:27:0c:69:3e:48:34:e7:1c:
88:54:96:28:43:e7:7c:c0:36:60:b1:e0:4f:7b:f8:
ef:7e:7e:cc:70:18:93:5a:0d:56:87:a5:8f:a0:af:
56:01:b6:67:c7:fc:42:f4:a7:84:c6:d6:3b:92:36:
6a:fa:d7:dc:d6:44:8f:2a:b9:9b:1b:13:be:41:b4:
74:82:b2:78:9f:40:4a:f7:12:aa:93:04:fb:14:3b:
f2:93:c1:2e:6f:04:01:80:2a:a6:59:94:0a:d6:c3:
46:02:d9:03:db:a8:c2:05:ce:37:45:f1:c8:76:83:
fa:2c:7c:e5:43:e3:bf:a8:31:a9:d2:63:7c:66:8e:
2d:fe:aa:9c:0f:d5:f7:df:f3:29:6a:8f:6a:25:32:
59:69:08:2a:60:6d:a9:d4:71:9f:98:f5:dc:1e:66:
6f:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:31:6D:E0:2C:7A:7E:95:4E:E6:BF:CC:68:39:BF:1E:49:C1:CA:6F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qjFt4Cx6fpVO5r_MaDm_HknBym8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.140.0/24
89.213.144.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:28:28:eb:af:bc:90:4c:71:ba:96:ec:60:e3:3a:46:b5:a3:
67:f8:b0:a6:3f:dc:34:0a:30:cf:fa:d1:14:9d:6f:cc:66:22:
42:dc:e5:70:9f:64:00:70:c8:9e:41:80:81:aa:3d:d6:93:98:
1f:cf:6d:4d:7d:82:7a:55:65:af:f4:ca:bf:87:6d:eb:91:4b:
6c:6a:ff:42:b2:ac:3d:69:09:e2:6c:84:87:2d:b4:8e:25:a3:
09:fb:86:57:c7:00:e0:4d:48:ae:4c:cb:75:a9:cf:71:5a:74:
b1:62:d5:e8:ea:8e:3a:bf:d8:10:c4:86:0b:56:6c:6b:d5:be:
43:04:f7:1e:fa:58:7d:66:48:5d:ca:06:84:66:46:56:f0:58:
5c:d7:82:21:12:d0:c5:b5:1c:e7:a6:56:83:e5:ae:11:75:38:
2a:45:dd:12:40:68:f8:30:0a:ba:b0:99:cc:b6:69:39:6b:a1:
13:cd:96:c2:11:60:54:50:8c:60:57:df:b6:dc:27:a8:a4:94:
04:ff:7a:e9:b6:3b:40:e3:2f:6a:47:56:e0:d7:95:d3:40:8a:
27:0a:9c:69:b3:05:41:4a:17:2a:6b:ff:0c:24:fc:1f:ae:d4:
9f:d5:87:dc:8f:c1:06:21:1d:56:99:82:5c:87:da:fe:c8:a4:
6e:95:ed:24
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY4OB+GPBEbFKCE2IyNDwLjkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzA1MDk1MzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTMxNmRlMDJjN2E3ZTk1NGVlNmJmY2M2ODM5YmYxZTQ5YzFjYTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiok3wa+plULsuSihwAmFRaWb7R03
QqBc8xQt77zWKF3N1rL1MjCgDCvsHKx8C/nLDKgdW94twfnqnsBn12M9h5FW8rI8
IyHwQ/RLYO/kKx6Y36am47Hv4AwYj0PY0FmyJwxpPkg05xyIVJYoQ+d8wDZgseBP
e/jvfn7McBiTWg1Wh6WPoK9WAbZnx/xC9KeExtY7kjZq+tfc1kSPKrmbGxO+QbR0
grJ4n0BK9xKqkwT7FDvyk8EubwQBgCqmWZQK1sNGAtkD26jCBc43RfHIdoP6LHzl
Q+O/qDGp0mN8Zo4t/qqcD9X33/Mpao9qJTJZaQgqYG2p1HGfmPXcHmZvvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKoxbeAsen6VTua/zGg5vx5JwcpvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWpGdDRDeDZmcFZPNXJfTWFEbV9Ia25CeW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWMAwQA
WdWQMA0GCSqGSIb3DQEBCwUAA4IBAQBMKCjrr7yQTHG6luxg4zpGtaNn+LCmP9w0
CjDP+tEUnW/MZiJC3OVwn2QAcMieQYCBqj3Wk5gfz21NfYJ6VWWv9Mq/h23rkUts
av9Csqw9aQnibISHLbSOJaMJ+4ZXxwDgTUiuTMt1qc9xWnSxYtXo6o46v9gQxIYL
Vmxr1b5DBPce+lh9ZkhdygaEZkZW8Fhc14IhEtDFtRznplaD5a4RdTgqRd0SQGj4
MAq6sJnMtmk5a6ETzZbCEWBUUIxgV9+23CeopJQE/3rptjtA4y9qR1bg15XTQIon
CpxpswVBShcqa/8MJPwfrtSf1Yfcj8EGIR1WmYJch9r+yKRule0k
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:30:05 2025 by rpki-client