Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8zSR0330m3MzBWj2VH_XKJ2PWE.roa
File: t8zSR0330m3MzBWj2VH_XKJ2PWE.roa (raw, json)
Hash identifier: jl75LsWJeaBAvYPlvvRIdrIr1Hcod8gPc71TdSVGMrk=
Subject key identifier: B7:CC:D2:47:4D:F7:D2:6D:CC:CC:15:A3:D9:51:FF:5C:A2:76:3D:61
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018DF9910AA18FB2B977A5F319323E725DF9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8zSR0330m3MzBWj2VH_XKJ2PWE.roa
Signing time: Fri 01 Mar 2024 10:30:48 +0000
ROA not before: Fri 01 Mar 2024 10:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 398465
IP address blocks: 89.213.133.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Apr 2024 07:42:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:91:0a:a1:8f:b2:b9:77:a5:f3:19:32:3e:72:5d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 1 10:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7ccd2474df7d26dcccc15a3d951ff5ca2763d61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:ee:f1:fc:d8:d5:21:53:01:19:91:60:1a:c1:
12:0c:e3:7b:e7:f1:16:73:60:48:0a:7a:47:94:1e:
23:de:fa:2d:1b:e0:b0:33:ad:7b:bc:42:d7:d3:49:
f5:7c:50:0e:21:ca:1c:e6:51:f1:3b:68:25:2f:c5:
73:df:33:c3:4a:7f:8f:ce:8c:06:a3:80:8c:df:a8:
3d:02:ea:ed:35:12:96:f5:10:35:df:f7:87:15:58:
f0:17:f8:8d:60:77:f6:3a:ca:f1:80:0b:09:61:f1:
86:c5:a7:d7:46:3d:1b:11:c6:10:88:2b:b6:3e:dc:
a8:ca:da:1a:42:21:6f:bd:f6:27:64:4a:6d:39:59:
56:d5:df:73:c1:e1:16:7b:13:9f:83:8f:ca:52:f3:
dd:1d:b3:da:23:1d:21:0e:92:65:2a:07:f6:81:8a:
33:ec:13:cc:7d:2b:8f:26:9d:f9:18:62:b0:2e:cb:
be:27:79:01:a8:fa:56:ef:d3:8b:de:73:3b:6c:99:
01:81:b3:23:ba:88:7d:7e:bb:78:aa:75:81:07:36:
ab:ec:db:19:c2:2c:ca:3e:f8:0f:ee:00:f9:62:2c:
ce:8b:ba:98:1d:e7:65:15:e1:0c:aa:4f:84:6a:26:
d2:35:d2:2f:48:00:13:06:f1:38:28:f0:df:6b:bc:
89:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CC:D2:47:4D:F7:D2:6D:CC:CC:15:A3:D9:51:FF:5C:A2:76:3D:61
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/t8zSR0330m3MzBWj2VH_XKJ2PWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.133.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:61:4b:7e:64:ca:0a:66:df:89:ba:1f:22:80:d5:d1:09:90:
cc:ef:82:8d:bf:75:96:76:3b:6b:05:5e:75:7f:7d:71:dd:04:
ed:39:65:9f:7d:8f:96:8d:74:a9:af:a9:43:21:93:58:f3:1a:
37:9e:a4:14:73:42:79:5d:5c:4c:d1:20:3e:25:92:c8:99:12:
9b:0a:5d:e7:8d:01:e4:3e:48:c7:62:04:ef:2c:8b:00:61:5a:
dd:98:aa:65:cd:cc:72:8f:d6:88:67:7b:70:9f:8d:43:45:76:
82:0a:9e:8d:00:7a:e4:29:56:39:d9:41:61:39:82:7e:d2:fa:
5c:6e:b0:0a:24:47:6c:6e:33:2c:16:2a:7a:42:12:af:69:fc:
eb:ed:e4:09:0f:e7:3a:68:5a:fc:c6:34:59:a3:a0:a4:08:58:
d2:71:07:48:a3:f8:19:82:d7:de:f1:00:81:b8:28:2f:71:62:
5a:da:b9:dc:28:0e:2f:be:50:0d:a5:77:ad:4a:2c:41:e9:80:
fd:00:9e:cf:8d:e5:94:dc:79:da:13:f5:da:4a:a2:3c:3c:7e:
12:9d:f2:25:34:d9:0c:06:1f:e3:23:ee:6c:1e:84:9b:24:fe:
7e:d9:10:50:6d:df:20:6f:7a:1f:53:47:f6:8b:fe:12:f4:f1:
cf:31:be:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY35kQqhj7K5d6XzGTI+cl35MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzAxMTAzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NjZDI0NzRkZjdkMjZkY2NjYzE1YTNkOTUxZmY1Y2EyNzYzZDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7e7x/NjVIVMBGZFgGsESDON75/EW
c2BICnpHlB4j3votG+CwM617vELX00n1fFAOIcoc5lHxO2glL8Vz3zPDSn+PzowG
o4CM36g9AurtNRKW9RA13/eHFVjwF/iNYHf2OsrxgAsJYfGGxafXRj0bEcYQiCu2
PtyoytoaQiFvvfYnZEptOVlW1d9zweEWexOfg4/KUvPdHbPaIx0hDpJlKgf2gYoz
7BPMfSuPJp35GGKwLsu+J3kBqPpW79OL3nM7bJkBgbMjuoh9frt4qnWBBzar7NsZ
wizKPvgP7gD5YizOi7qYHedlFeEMqk+EaibSNdIvSAATBvE4KPDfa7yJGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLfM0kdN99JtzMwVo9lR/1yidj1hMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdDh6U1IwMzMwbTNNekJXajJWSF9YS0oyUFdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWFMA0G
CSqGSIb3DQEBCwUAA4IBAQCNYUt+ZMoKZt+Juh8igNXRCZDM74KNv3WWdjtrBV51
f31x3QTtOWWffY+WjXSpr6lDIZNY8xo3nqQUc0J5XVxM0SA+JZLImRKbCl3njQHk
PkjHYgTvLIsAYVrdmKplzcxyj9aIZ3twn41DRXaCCp6NAHrkKVY52UFhOYJ+0vpc
brAKJEdsbjMsFip6QhKvafzr7eQJD+c6aFr8xjRZo6CkCFjScQdIo/gZgtfe8QCB
uCgvcWJa2rncKA4vvlANpXetSixB6YD9AJ7PjeWU3HnaE/XaSqI8PH4SnfIlNNkM
Bh/jI+5sHoSbJP5+2RBQbd8gb3ofU0f2i/4S9PHPMb6f
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:14:13 2025 by rpki-client