Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGNtTJeQniKsb4zdBwibrvb0jyw.roa
File: sGNtTJeQniKsb4zdBwibrvb0jyw.roa (raw, json)
Hash identifier: T1CzBDiO8TWzsiSDE/cj5/5UWqeOIyQi/yRRNWQrvXI=
Subject key identifier: B0:63:6D:4C:97:90:9E:22:AC:6F:8C:DD:07:08:9B:AE:F6:F4:8F:2C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3496291F3A37BFF5391DABC6BBC3A2E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGNtTJeQniKsb4zdBwibrvb0jyw.roa
Signing time: Mon 01 Jan 2024 04:30:15 +0000
ROA not before: Mon 01 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212104
IP address blocks: 89.213.174.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 22 Jan 2024 10:23:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:62:91:f3:a3:7b:ff:53:91:da:bc:6b:bc:3a:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b0636d4c97909e22ac6f8cdd07089baef6f48f2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:f1:de:6c:da:e5:b7:a8:7d:da:78:1e:8f:27:
04:a6:43:ac:16:62:6e:b8:c0:0a:dc:52:fd:f5:62:
94:e0:73:01:89:6e:a9:44:1a:e7:9c:9e:49:af:3e:
f7:83:96:52:29:a6:cb:64:1b:40:7f:f7:2f:1b:a5:
5f:65:13:86:a3:66:a3:e3:e4:47:52:28:f2:0a:ab:
ee:7a:68:fd:09:a9:22:88:6d:a2:13:fa:5d:ca:0e:
0d:1e:90:48:85:02:63:cb:7c:57:a0:42:3c:2f:77:
9f:60:50:6a:a6:45:c1:8c:29:c8:2b:c4:9d:7d:37:
81:3c:68:ec:53:e2:d3:aa:a9:e6:fd:64:f1:2d:d7:
29:8c:3d:42:fc:7b:ae:f6:57:93:58:64:08:3d:ba:
57:fe:65:99:66:4d:de:9f:7e:34:01:98:20:dd:c6:
3b:6f:84:50:93:d4:8a:c3:e4:c5:d0:77:34:30:26:
54:9a:47:77:e9:02:53:3b:25:84:d1:2d:bd:07:48:
a4:30:16:02:37:ed:70:7b:a4:55:e6:ff:c5:0e:40:
6d:ad:fc:57:8c:43:cb:fd:64:65:43:2e:23:3a:bb:
d2:82:48:1e:9a:30:d1:db:90:40:9d:b8:17:fc:a5:
d1:15:39:f9:7a:48:6d:92:2e:d4:3d:9d:cd:8f:2a:
d0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:63:6D:4C:97:90:9E:22:AC:6F:8C:DD:07:08:9B:AE:F6:F4:8F:2C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sGNtTJeQniKsb4zdBwibrvb0jyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.174.0/24
Signature Algorithm: sha256WithRSAEncryption
82:b0:2a:cf:1b:ad:6b:51:6b:06:9a:15:6e:1a:b9:ad:8a:0c:
9a:6a:22:9c:9e:98:2b:c4:d5:fb:12:0b:95:71:dc:93:c7:28:
e5:4c:bd:20:20:4c:11:a8:3d:08:98:40:bf:af:4b:29:f3:12:
c8:e9:f3:15:20:f8:bc:c4:71:62:47:a4:03:d2:14:a1:dd:27:
5b:99:24:3c:92:ec:7f:62:e9:67:93:09:cd:65:42:1d:0c:c4:
7a:0e:d1:34:75:f2:c6:d3:fe:8c:4f:52:5d:6e:44:d7:b0:8f:
09:87:b1:fa:ac:63:5b:22:16:a0:75:c5:6c:6c:22:06:20:d1:
fa:b5:20:68:85:42:73:cb:4d:3c:f2:67:b8:ab:0d:38:33:4e:
a1:27:2a:c0:b2:d6:2e:4f:bb:13:5e:9e:a8:e5:67:ab:ae:8f:
6a:14:f9:53:5f:fa:10:8b:30:b8:6f:2a:b0:74:e9:76:72:2c:
83:90:0b:60:39:19:e7:1e:90:4d:2e:57:c1:55:97:c2:a6:7c:
5b:18:61:5e:cb:9a:d1:0c:d5:77:30:d4:a4:3b:6f:64:d2:40:
c5:f4:ac:36:f9:be:3b:c9:de:f1:dd:d3:66:34:0d:99:43:2c:
24:fb:a9:bb:69:00:c2:5e:56:f2:2f:28:b1:ae:db:b6:f0:fb:
fe:8a:35:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWKR86N7/1OR2rxrvDouMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDYzNmQ0Yzk3OTA5ZTIyYWM2ZjhjZGQwNzA4OWJhZWY2ZjQ4ZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfHebNrlt6h92ngejycEpkOsFmJu
uMAK3FL99WKU4HMBiW6pRBrnnJ5Jrz73g5ZSKabLZBtAf/cvG6VfZROGo2aj4+RH
UijyCqvuemj9CakiiG2iE/pdyg4NHpBIhQJjy3xXoEI8L3efYFBqpkXBjCnIK8Sd
fTeBPGjsU+LTqqnm/WTxLdcpjD1C/Huu9leTWGQIPbpX/mWZZk3en340AZgg3cY7
b4RQk9SKw+TF0Hc0MCZUmkd36QJTOyWE0S29B0ikMBYCN+1we6RV5v/FDkBtrfxX
jEPL/WRlQy4jOrvSgkgemjDR25BAnbgX/KXRFTn5ekhtki7UPZ3NjyrQfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLBjbUyXkJ4irG+M3QcIm6729I8sMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc0dOdFRKZVFuaUtzYjR6ZEJ3aWJydmIwanl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWuMA0G
CSqGSIb3DQEBCwUAA4IBAQCCsCrPG61rUWsGmhVuGrmtigyaaiKcnpgrxNX7EguV
cdyTxyjlTL0gIEwRqD0ImEC/r0sp8xLI6fMVIPi8xHFiR6QD0hSh3SdbmSQ8kux/
YulnkwnNZUIdDMR6DtE0dfLG0/6MT1JdbkTXsI8Jh7H6rGNbIhagdcVsbCIGINH6
tSBohUJzy0088me4qw04M06hJyrAstYuT7sTXp6o5Werro9qFPlTX/oQizC4byqw
dOl2ciyDkAtgORnnHpBNLlfBVZfCpnxbGGFey5rRDNV3MNSkO29k0kDF9Kw2+b47
yd7x3dNmNA2ZQywk+6m7aQDCXlbyLyixrtu28Pv+ijUK
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:28 2025 by rpki-client