Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rzzw0NQ1I3ph0oXk_-2vIO2XykY.roa
File: rzzw0NQ1I3ph0oXk_-2vIO2XykY.roa (raw, json)
Hash identifier: ZZEeEGL5i9RoXjoLADgJ0Q2yHByAjeu4Cnrp9TDDHYc=
Subject key identifier: AF:3C:F0:D0:D4:35:23:7A:61:D2:85:E4:FF:ED:AF:20:ED:97:CA:46
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FA121441C4CDBBD647697190ABD2F8DA6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rzzw0NQ1I3ph0oXk_-2vIO2XykY.roa
Signing time: Wed 22 May 2024 16:27:42 +0000
ROA not before: Wed 22 May 2024 16:27:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215287
IP address blocks: 89.213.239.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 14:31:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:21:44:1c:4c:db:bd:64:76:97:19:0a:bd:2f:8d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 22 16:27:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=af3cf0d0d435237a61d285e4ffedaf20ed97ca46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a0:7f:94:ba:ed:48:e0:73:36:c8:12:d6:ce:
ba:76:ed:bb:66:26:28:1c:f0:3f:67:4a:3e:40:13:
df:f1:6b:0a:31:08:1b:7f:35:67:04:f6:c8:61:36:
55:af:4d:02:f6:32:52:d2:2e:36:43:f1:a0:e4:eb:
21:0e:79:de:87:fd:67:f8:9c:4b:d4:2b:9d:2b:5c:
7e:74:42:d0:55:4c:f0:b5:b2:21:27:db:54:79:34:
02:46:d1:2d:b1:e6:34:a3:dd:ae:15:ed:09:6c:7f:
20:7d:dd:57:8a:ef:ea:91:fb:13:70:a9:45:cb:06:
7e:39:3b:01:f3:b1:cb:f8:08:91:29:b9:2c:f9:f0:
99:e1:2d:dc:96:5e:e0:5c:e2:03:72:a0:7f:20:26:
1c:d6:a4:f5:12:ae:05:cd:09:6b:4b:de:bb:96:b0:
35:b6:0c:da:b8:ff:7d:c6:db:03:fd:2a:d2:bd:4c:
ca:2c:46:a6:ee:57:3e:8c:c3:1f:fb:ab:c1:b1:72:
7c:f8:8f:f4:d1:c8:0e:81:1d:96:bb:7c:a2:6c:7d:
ee:7c:d4:13:32:61:67:0c:24:f0:78:f7:e8:41:be:
d7:7b:83:4d:ce:bc:c5:f6:d7:0c:c9:8d:f4:b9:12:
01:1b:2a:8c:67:50:4c:86:57:4f:49:58:78:2a:02:
ad:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:3C:F0:D0:D4:35:23:7A:61:D2:85:E4:FF:ED:AF:20:ED:97:CA:46
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/rzzw0NQ1I3ph0oXk_-2vIO2XykY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.239.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:c6:41:ea:89:3a:80:c2:49:88:48:0c:95:0c:69:f0:79:d8:
bb:1c:22:3a:42:68:c4:fd:8e:27:3a:11:32:14:f3:d5:76:b0:
6b:f9:b2:d0:0f:dd:da:57:e0:98:d1:55:ef:cb:18:d5:8d:b4:
1e:19:42:e4:0a:da:24:56:e6:81:fe:81:04:9f:78:b1:f6:5a:
de:20:68:37:2d:b7:ba:44:67:be:84:85:51:c4:fe:87:d9:6f:
e0:ed:76:36:f1:ad:a0:9e:83:f3:f6:ec:b9:e1:ec:f4:3a:f0:
d0:25:d3:7b:89:31:65:95:96:22:1b:5a:26:b7:3d:f6:4a:1d:
9f:e0:7f:27:46:f0:7c:10:0c:76:30:cb:fb:12:96:25:16:40:
b8:30:57:94:7d:63:33:d3:02:99:99:f5:9c:3b:c2:42:f4:73:
e6:69:6f:a1:15:8b:d9:8a:b1:4d:9f:dc:3d:e1:74:6d:c5:06:
26:dd:2a:7d:5e:55:a2:40:b0:de:00:08:52:4b:ad:79:6c:db:
14:7f:03:25:6f:ef:a1:54:95:83:a4:bc:26:c7:aa:76:c4:a8:
6c:f2:1d:e2:44:62:03:25:da:f4:0b:97:3c:c3:3b:1d:93:eb:
e3:a7:a7:17:65:9f:76:1d:ef:7d:b6:b4:2e:68:60:93:ba:fe:
74:c1:6a:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+hIUQcTNu9ZHaXGQq9L42mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIyMTYyNzQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjNjZjBkMGQ0MzUyMzdhNjFkMjg1ZTRmZmVkYWYyMGVkOTdjYTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKB/lLrtSOBzNsgS1s66du27ZiYo
HPA/Z0o+QBPf8WsKMQgbfzVnBPbIYTZVr00C9jJS0i42Q/Gg5OshDnneh/1n+JxL
1CudK1x+dELQVUzwtbIhJ9tUeTQCRtEtseY0o92uFe0JbH8gfd1Xiu/qkfsTcKlF
ywZ+OTsB87HL+AiRKbks+fCZ4S3cll7gXOIDcqB/ICYc1qT1Eq4FzQlrS967lrA1
tgzauP99xtsD/SrSvUzKLEam7lc+jMMf+6vBsXJ8+I/00cgOgR2Wu3yibH3ufNQT
MmFnDCTwePfoQb7Xe4NNzrzF9tcMyY30uRIBGyqMZ1BMhldPSVh4KgKtBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK888NDUNSN6YdKF5P/tryDtl8pGMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcnp6dzBOUTFJM3BoMG9Ya18tMnZJTzJYeWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdXvMA0G
CSqGSIb3DQEBCwUAA4IBAQCaxkHqiTqAwkmISAyVDGnwedi7HCI6QmjE/Y4nOhEy
FPPVdrBr+bLQD93aV+CY0VXvyxjVjbQeGULkCtokVuaB/oEEn3ix9lreIGg3Lbe6
RGe+hIVRxP6H2W/g7XY28a2gnoPz9uy54ez0OvDQJdN7iTFllZYiG1omtz32Sh2f
4H8nRvB8EAx2MMv7EpYlFkC4MFeUfWMz0wKZmfWcO8JC9HPmaW+hFYvZirFNn9w9
4XRtxQYm3Sp9XlWiQLDeAAhSS615bNsUfwMlb++hVJWDpLwmx6p2xKhs8h3iRGID
Jdr0C5c8wzsdk+vjp6cXZZ92He99trQuaGCTuv50wWp8
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:29 2025 by rpki-client