Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKba-UJR96_FdfXJiPgzsCJyZVk.roa
File: tKba-UJR96_FdfXJiPgzsCJyZVk.roa (raw, json)
Hash identifier: SYUnz2UqWF/Bd6zCbE1WFdPoa09Idg1oaiOjTFUogw8=
Subject key identifier: B4:A6:DA:F9:42:51:F7:AF:C5:75:F5:C9:88:F8:33:B0:22:72:65:59
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019164D58EDD4739B074D114D58379F0116D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKba-UJR96_FdfXJiPgzsCJyZVk.roa
Signing time: Sun 18 Aug 2024 09:33:22 +0000
ROA not before: Sun 18 Aug 2024 09:33:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 89.213.43.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
109.176.200.0/24 maxlen: 24
213.130.155.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 23 Sep 2024 08:05:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:64:d5:8e:dd:47:39:b0:74:d1:14:d5:83:79:f0:11:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 18 09:33:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4a6daf94251f7afc575f5c988f833b022726559
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b5:f2:b8:84:83:84:ad:9b:b3:34:a5:38:06:
7d:e2:7f:af:f2:a7:1b:55:7a:65:d4:2b:83:b0:87:
da:fe:0b:4f:ed:88:8d:8a:ec:82:7c:c5:e3:13:b0:
8e:0f:37:06:e8:37:7b:55:8c:4b:18:ba:2f:7d:74:
92:3d:ce:da:4e:cc:bc:c8:e9:d1:ec:4f:d5:d6:95:
f0:38:75:78:36:8a:f4:9f:f1:cd:f7:b3:19:4a:15:
b2:24:ae:54:48:fb:fb:8c:79:6b:ea:6e:6f:65:9e:
5f:1e:29:04:10:b3:be:45:df:88:b6:f8:a8:0d:f3:
a4:1d:f3:80:ff:4e:a0:e2:e4:ac:51:fe:21:10:44:
4f:ae:1f:36:11:9a:ad:f1:b2:73:82:7f:00:dd:2d:
e8:80:10:72:dc:4a:79:34:1e:50:d9:2e:95:ed:04:
49:41:69:db:83:72:e1:c6:17:b5:1b:2a:00:1d:27:
25:51:b9:ee:68:2c:2a:52:ad:01:29:e2:ec:bf:60:
86:a7:58:b2:7d:d4:ca:b6:94:25:c4:96:79:29:63:
f4:80:4c:64:35:a0:2c:f4:6c:1f:e1:aa:7c:41:10:
95:ba:43:1d:9e:13:8d:dc:0a:1e:5e:c6:55:f1:7e:
8a:a5:a0:66:0a:36:81:85:77:0c:dc:3d:e8:0c:94:
09:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A6:DA:F9:42:51:F7:AF:C5:75:F5:C9:88:F8:33:B0:22:72:65:59
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tKba-UJR96_FdfXJiPgzsCJyZVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.43.0/24
89.213.99.0/24
89.213.131.0/24
109.176.200.0/24
213.130.155.0/24
213.218.213.0/24
213.218.225.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
89:22:67:4f:e0:31:c7:4d:2f:ec:db:81:aa:38:62:3e:6c:42:
f6:b3:73:db:3d:7c:a0:d3:ad:05:06:da:22:b0:94:4a:a1:13:
f5:ec:23:f4:30:c1:31:fc:5d:d4:bd:50:6b:60:13:ce:a9:13:
96:cd:98:e5:24:ff:d0:48:15:7a:ef:2e:78:fd:1c:61:a6:e0:
7f:63:94:35:aa:ee:ad:3c:b3:52:26:30:24:c4:d5:c7:8a:a4:
1f:fd:71:a5:d0:59:81:0a:71:8a:13:e7:19:5b:20:1d:d4:cc:
22:f8:4c:fb:32:83:93:c4:9a:c4:07:82:58:56:94:2c:e7:58:
55:8c:cf:0a:05:a3:7d:ef:f3:36:d9:ef:90:0d:a0:59:b1:95:
83:d4:b1:e7:4e:34:31:ee:cc:0e:cb:b4:22:6f:07:b8:32:91:
d8:1c:5e:00:9e:c6:94:18:8c:71:3f:0f:78:fb:cc:84:95:0d:
b4:b5:64:e5:1d:d5:81:04:6c:8b:73:77:73:d5:88:26:ae:e0:
3b:20:13:2c:40:88:0b:88:04:87:52:63:93:dc:38:8b:70:88:
e0:39:02:00:b3:14:ea:49:86:52:28:b3:ea:ac:c8:53:a4:5b:
8e:26:88:f1:ad:5a:8a:ba:4e:57:3d:fe:e6:3f:0f:a0:2c:d3:
1d:3d:df:01
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZFk1Y7dRzmwdNEU1YN58BFtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODE4MDkzMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGE2ZGFmOTQyNTFmN2FmYzU3NWY1Yzk4OGY4MzNiMDIyNzI2NTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLXyuISDhK2bszSlOAZ94n+v8qcb
VXpl1CuDsIfa/gtP7YiNiuyCfMXjE7CODzcG6Dd7VYxLGLovfXSSPc7aTsy8yOnR
7E/V1pXwOHV4Nor0n/HN97MZShWyJK5USPv7jHlr6m5vZZ5fHikEELO+Rd+Itvio
DfOkHfOA/06g4uSsUf4hEERPrh82EZqt8bJzgn8A3S3ogBBy3Ep5NB5Q2S6V7QRJ
QWnbg3Lhxhe1GyoAHSclUbnuaCwqUq0BKeLsv2CGp1iyfdTKtpQlxJZ5KWP0gExk
NaAs9Gwf4ap8QRCVukMdnhON3AoeXsZV8X6KpaBmCjaBhXcM3D3oDJQJ/wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFLSm2vlCUfevxXX1yYj4M7AicmVZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdEtiYS1VSlI5Nl9GZGZYSmlQZ3pzQ0p5WlZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAWdUrAwQA
WdVjAwQAWdWDAwQAbbDIAwQA1YKbAwQA1drVAwQA1drhAwQA1drjMA0GCSqGSIb3
DQEBCwUAA4IBAQCJImdP4DHHTS/s24GqOGI+bEL2s3PbPXyg060FBtoisJRKoRP1
7CP0MMEx/F3UvVBrYBPOqROWzZjlJP/QSBV67y54/RxhpuB/Y5Q1qu6tPLNSJjAk
xNXHiqQf/XGl0FmBCnGKE+cZWyAd1Mwi+Ez7MoOTxJrEB4JYVpQs51hVjM8KBaN9
7/M22e+QDaBZsZWD1LHnTjQx7swOy7Qibwe4MpHYHF4AnsaUGIxxPw94+8yElQ20
tWTlHdWBBGyLc3dz1YgmruA7IBMsQIgLiASHUmOT3DiLcIjgOQIAsxTqSYZSKLPq
rMhTpFuOJojxrVqKuk5XPf7mPw+gLNMdPd8B
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:13 2025 by rpki-client