Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qkynhrIBhZKTpF50cFGG_J5tZkM.roa
File: qkynhrIBhZKTpF50cFGG_J5tZkM.roa (raw, json)
Hash identifier: yP4+np6DdoTOEIWBziS6vcOAcw307cpZh24fFixMLqg=
Subject key identifier: AA:4C:A7:86:B2:01:85:92:93:A4:5E:74:70:51:86:FC:9E:6D:66:43
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F3848F6B7A502FE17FE5EA6423A334ED6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qkynhrIBhZKTpF50cFGG_J5tZkM.roa
Signing time: Thu 02 May 2024 07:50:56 +0000
ROA not before: Thu 02 May 2024 07:50:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 151106
IP address blocks: 89.213.154.0/24 maxlen: 24
109.176.20.0/24 maxlen: 24
109.176.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 13:52:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:38:48:f6:b7:a5:02:fe:17:fe:5e:a6:42:3a:33:4e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 2 07:50:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aa4ca786b201859293a45e74705186fc9e6d6643
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:72:20:ac:89:dc:d4:25:e1:fe:94:58:a7:84:
dc:ea:c6:9b:c7:99:7c:0c:4f:2f:d4:d6:b7:c9:26:
a5:21:f9:35:8f:85:05:7e:77:26:c6:e9:d5:38:70:
0b:7f:0d:30:ed:57:56:6c:cc:fc:b1:bd:ca:73:90:
6b:30:21:3b:1f:3c:8d:1a:62:82:f9:7a:9d:75:8f:
00:58:fb:59:88:1b:17:1f:38:16:1d:dd:ad:cd:37:
e5:82:2c:4c:c6:7a:4c:de:2f:68:07:92:9c:5b:27:
a6:45:b8:61:0e:37:af:fc:d6:e3:ca:69:26:f1:24:
a0:34:e1:c3:df:a7:80:2e:82:c5:97:e9:c1:cb:76:
5b:af:3f:67:62:e1:d7:b2:5b:77:78:a6:df:b4:51:
20:1c:08:f3:9d:b3:0b:68:0b:e4:28:96:97:97:81:
72:4c:b4:32:c9:3e:12:4d:9e:49:20:36:96:ef:28:
0e:3a:b9:cb:d6:db:44:f1:a2:d4:9c:a5:01:bf:26:
df:75:b8:40:76:8a:36:85:db:86:f6:4f:36:0a:8e:
7b:ff:55:49:f1:41:da:c2:db:ae:fc:8a:ee:08:31:
f1:aa:09:70:d6:be:59:26:09:c2:76:4c:fa:47:9d:
7d:76:7c:dc:8d:ad:a3:73:6e:78:c5:92:a2:6f:9c:
70:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4C:A7:86:B2:01:85:92:93:A4:5E:74:70:51:86:FC:9E:6D:66:43
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/qkynhrIBhZKTpF50cFGG_J5tZkM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.154.0/24
109.176.20.0/24
109.176.23.0/24
Signature Algorithm: sha256WithRSAEncryption
27:21:71:63:e0:ec:5b:f2:d7:7c:23:26:b5:66:81:96:b6:c3:
4a:ef:8e:19:87:ac:f7:b9:af:b2:2b:40:a0:9b:3f:73:e0:46:
0d:91:32:14:a0:75:d7:1d:c5:c4:29:a9:b1:80:5e:f5:73:10:
71:76:85:70:44:88:66:56:35:de:c5:e3:d8:67:91:c5:cb:5a:
2a:ab:3c:36:e3:08:30:e5:b3:c7:62:9f:61:c8:ac:60:ec:e6:
47:ba:22:f3:19:e5:da:e7:11:0a:79:36:e0:ac:fe:61:e8:e2:
68:ec:92:02:5b:84:20:77:d9:59:d7:3f:ea:0b:5e:e5:c1:1a:
6e:4b:ae:70:02:25:26:3a:b7:34:d9:df:d5:7f:fe:d5:23:4f:
82:4a:83:4d:5f:3e:4c:37:0d:00:c9:9d:2c:ed:5e:08:b6:28:
ac:c4:c6:69:99:24:bd:e6:d8:f3:11:14:76:07:e6:5b:f4:1c:
4d:db:88:ec:c5:b5:09:9e:2e:42:fd:b9:9c:13:13:a8:2a:9f:
6e:3d:da:76:6d:d7:b5:b6:c7:ff:d3:4e:4c:07:e1:9e:f6:21:
06:52:bf:47:6d:88:4b:1c:4a:f8:dd:31:05:ca:80:58:02:d0:
ef:6b:5d:fd:5b:8c:d5:d7:68:ff:fd:ef:13:3f:c2:40:16:39:
57:ce:90:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY84SPa3pQL+F/5epkI6M07WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTAyMDc1MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTRjYTc4NmIyMDE4NTkyOTNhNDVlNzQ3MDUxODZmYzllNmQ2NjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXIgrInc1CXh/pRYp4Tc6sabx5l8
DE8v1Na3ySalIfk1j4UFfncmxunVOHALfw0w7VdWbMz8sb3Kc5BrMCE7HzyNGmKC
+XqddY8AWPtZiBsXHzgWHd2tzTflgixMxnpM3i9oB5KcWyemRbhhDjev/Nbjymkm
8SSgNOHD36eALoLFl+nBy3Zbrz9nYuHXslt3eKbftFEgHAjznbMLaAvkKJaXl4Fy
TLQyyT4STZ5JIDaW7ygOOrnL1ttE8aLUnKUBvybfdbhAdoo2hduG9k82Co57/1VJ
8UHawtuu/IruCDHxqglw1r5ZJgnCdkz6R519dnzcja2jc254xZKib5xwFwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKpMp4ayAYWSk6RedHBRhvyebWZDMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcWt5bmhySUJoWktUcEY1MGNGR0dfSjV0WmtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWdWaAwQA
bbAUAwQAbbAXMA0GCSqGSIb3DQEBCwUAA4IBAQAnIXFj4Oxb8td8Iya1ZoGWtsNK
744Zh6z3ua+yK0Cgmz9z4EYNkTIUoHXXHcXEKamxgF71cxBxdoVwRIhmVjXexePY
Z5HFy1oqqzw24wgw5bPHYp9hyKxg7OZHuiLzGeXa5xEKeTbgrP5h6OJo7JICW4Qg
d9lZ1z/qC17lwRpuS65wAiUmOrc02d/Vf/7VI0+CSoNNXz5MNw0AyZ0s7V4Itiis
xMZpmSS95tjzERR2B+Zb9BxN24jsxbUJni5C/bmcExOoKp9uPdp2bde1tsf/005M
B+Ge9iEGUr9HbYhLHEr43TEFyoBYAtDva139W4zV12j//e8TP8JAFjlXzpCP
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:42 2025 by rpki-client