Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sTG6EtfHtANJH4EKlMJ1tS9QHO8.roa
File: sTG6EtfHtANJH4EKlMJ1tS9QHO8.roa (raw, json)
Hash identifier: FlrzFMDsYcCiFGvgZRJj4S/B9tAWmQX0qVTnYIS/Gxw=
Subject key identifier: B1:31:BA:12:D7:C7:B4:03:49:1F:81:0A:94:C2:75:B5:2F:50:1C:EF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0196F1BFF24E6B4976A923CC41B7478E7142
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sTG6EtfHtANJH4EKlMJ1tS9QHO8.roa
Signing time: Wed 21 May 2025 07:30:10 +0000
ROA not before: Wed 21 May 2025 07:30:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215287
IP address blocks: 89.213.127.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 27 May 2025 12:10:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:bf:f2:4e:6b:49:76:a9:23:cc:41:b7:47:8e:71:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 21 07:30:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b131ba12d7c7b403491f810a94c275b52f501cef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:e5:2a:cb:b1:58:72:be:e6:cf:88:b9:d0:bf:
62:56:2d:aa:4b:b5:5d:f9:d3:c6:03:f5:a7:30:3e:
2c:df:e1:af:b0:22:0f:4d:7a:0b:34:92:a0:96:0c:
80:a0:27:57:80:bb:45:20:e3:1e:cb:ad:09:a5:38:
1e:0f:c9:ab:c2:d9:87:fb:3a:f3:5c:94:fe:ef:2c:
b8:7e:42:f3:05:f0:9f:6b:72:d3:fa:42:5f:1f:63:
06:0e:d9:0e:f2:20:f4:9a:e6:7c:cc:37:fd:80:f5:
81:d9:4a:46:52:c8:9a:c9:eb:ad:55:c4:de:fd:92:
3f:37:86:a1:6c:51:15:26:9f:47:1c:dc:79:fe:38:
21:5a:56:41:6c:a6:7d:4e:05:09:93:53:cd:c4:47:
35:71:2f:56:65:95:3f:8c:b3:cd:77:03:91:22:f4:
2c:14:87:65:49:8d:76:af:b9:1d:42:af:74:4a:06:
4d:80:7b:04:5c:54:26:9c:54:0e:27:a7:69:8a:f3:
53:d0:22:6e:aa:7f:09:0a:76:87:5e:dc:fc:aa:99:
c7:8d:33:08:ec:ad:d2:f0:dd:de:14:35:50:18:a6:
04:23:b9:46:92:66:e1:1c:85:65:f3:4f:8f:36:32:
41:0f:ba:75:18:9d:66:05:98:58:a5:74:ab:64:e1:
fc:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:31:BA:12:D7:C7:B4:03:49:1F:81:0A:94:C2:75:B5:2F:50:1C:EF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sTG6EtfHtANJH4EKlMJ1tS9QHO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.127.0/24
212.38.81.0/24
Signature Algorithm: sha256WithRSAEncryption
31:37:2f:81:30:50:cf:29:4c:96:7c:04:d2:bf:01:9e:64:eb:
6e:13:02:b0:6e:c0:cc:6c:84:1d:1e:de:84:10:35:a5:55:7c:
ef:01:62:7e:9e:ca:59:4b:fe:b9:d3:20:a2:be:86:fc:61:0e:
b7:7e:2d:d8:cd:ce:ee:52:10:a6:07:20:dc:47:e9:35:33:2d:
d6:32:9e:a5:c1:1d:dd:83:60:89:0d:d1:6f:df:76:9a:1e:37:
f9:1c:92:b9:18:4a:d4:e7:48:4a:bf:f9:92:19:cc:8c:b2:a4:
36:ff:fc:cf:8a:34:69:2b:5c:22:cc:6a:95:f8:33:a3:24:d1:
3f:81:92:49:d5:a3:22:c2:c9:f3:ab:21:cb:37:73:d7:a2:94:
50:8b:17:4f:c0:a6:46:43:3a:42:57:c3:b5:0d:0f:fd:99:6c:
88:6f:5a:89:d1:03:41:3c:f4:71:31:98:35:fe:f8:5a:55:da:
cd:d4:91:c9:e4:3b:22:f6:50:b1:f8:15:1a:b7:bc:42:1e:67:
99:56:94:96:91:b6:76:91:02:9b:57:d1:07:18:9c:50:3d:c1:
ef:a0:3d:32:22:cd:e9:34:b9:57:8b:58:ea:3d:7b:cc:4c:a8:
e7:fa:57:96:0e:49:51:b5:34:e1:8b:96:ae:92:27:60:a8:d1:
8b:ee:d3:0e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbxv/JOa0l2qSPMQbdHjnFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTIxMDczMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTMxYmExMmQ3YzdiNDAzNDkxZjgxMGE5NGMyNzViNTJmNTAxY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruUqy7FYcr7mz4i50L9iVi2qS7Vd
+dPGA/WnMD4s3+GvsCIPTXoLNJKglgyAoCdXgLtFIOMey60JpTgeD8mrwtmH+zrz
XJT+7yy4fkLzBfCfa3LT+kJfH2MGDtkO8iD0muZ8zDf9gPWB2UpGUsiayeutVcTe
/ZI/N4ahbFEVJp9HHNx5/jghWlZBbKZ9TgUJk1PNxEc1cS9WZZU/jLPNdwORIvQs
FIdlSY12r7kdQq90SgZNgHsEXFQmnFQOJ6dpivNT0CJuqn8JCnaHXtz8qpnHjTMI
7K3S8N3eFDVQGKYEI7lGkmbhHIVl80+PNjJBD7p1GJ1mBZhYpXSrZOH8OwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLExuhLXx7QDSR+BCpTCdbUvUBzvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc1RHNkV0Zkh0QU5KSDRFS2xNSjF0UzlRSE84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdV/AwQA
1CZRMA0GCSqGSIb3DQEBCwUAA4IBAQAxNy+BMFDPKUyWfATSvwGeZOtuEwKwbsDM
bIQdHt6EEDWlVXzvAWJ+nspZS/650yCivob8YQ63fi3Yzc7uUhCmByDcR+k1My3W
Mp6lwR3dg2CJDdFv33aaHjf5HJK5GErU50hKv/mSGcyMsqQ2//zPijRpK1wizGqV
+DOjJNE/gZJJ1aMiwsnzqyHLN3PXopRQixdPwKZGQzpCV8O1DQ/9mWyIb1qJ0QNB
PPRxMZg1/vhaVdrN1JHJ5Dsi9lCx+BUat7xCHmeZVpSWkbZ2kQKbV9EHGJxQPcHv
oD0yIs3pNLlXi1jqPXvMTKjn+leWDklRtTThi5aukidgqNGL7tMO
-----END CERTIFICATE-----
Generated at Sun Jun 8 15:26:07 2025 by rpki-client