Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tSNMGPIYXn2VD4RPTob7fu5Wmvw.roa
File: tSNMGPIYXn2VD4RPTob7fu5Wmvw.roa (raw, json)
Hash identifier: LeZhsWLBoQw0UNKAcqhjx6j0i3jrHQVtl/zziuqw7QU=
Subject key identifier: B5:23:4C:18:F2:18:5E:7D:95:0F:84:4F:4E:86:FB:7E:EE:56:9A:FC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CE87D33607C8760B93D729A2178F41B88
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tSNMGPIYXn2VD4RPTob7fu5Wmvw.roa
Signing time: Mon 08 Jan 2024 09:52:48 +0000
ROA not before: Mon 08 Jan 2024 09:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397423
IP address blocks: 89.213.132.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 11 Mar 2024 14:25:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e8:7d:33:60:7c:87:60:b9:3d:72:9a:21:78:f4:1b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 8 09:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5234c18f2185e7d950f844f4e86fb7eee569afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:d6:86:4e:e1:b5:9b:5c:39:c9:b6:01:ce:da:
b7:89:a5:d7:78:5e:aa:94:0e:30:05:79:03:ca:be:
9f:fc:55:5e:05:bf:06:1b:13:fd:11:37:99:ae:2c:
4f:ac:68:00:53:57:a8:4d:19:d9:03:71:b0:e6:6d:
f3:1e:90:c8:75:d3:40:e1:d8:44:13:18:cb:1b:53:
9f:85:f4:ef:b7:79:a3:e0:cb:62:83:fd:4a:0f:af:
d4:06:56:17:fb:7c:ca:fb:5f:08:58:a3:97:48:a2:
65:b0:eb:9f:a2:8c:51:f0:73:5e:93:ff:53:8c:1c:
69:b3:ba:6b:69:c2:6d:ae:21:3f:97:bc:09:e2:8d:
22:4e:6b:38:eb:4e:95:12:0d:f2:70:eb:99:61:4c:
eb:8e:14:30:e9:80:10:e8:27:0d:18:06:6c:f0:a0:
82:ac:4a:c4:44:e7:e9:5c:9e:da:e0:6c:3f:75:14:
01:be:ec:29:2e:b0:4b:8d:2c:3f:ee:f6:e9:11:33:
bd:d5:9c:9a:ed:51:77:47:89:ac:1e:a3:04:c5:fd:
d1:18:3f:19:f1:7a:48:69:0a:34:48:19:88:21:67:
b1:7c:43:a8:2c:1c:74:52:d4:7a:dd:f9:7f:90:bb:
be:35:b3:aa:d6:aa:ae:fa:1c:f5:04:cb:f6:9e:51:
f9:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:23:4C:18:F2:18:5E:7D:95:0F:84:4F:4E:86:FB:7E:EE:56:9A:FC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tSNMGPIYXn2VD4RPTob7fu5Wmvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.132.0/24
Signature Algorithm: sha256WithRSAEncryption
33:65:fa:0b:35:71:86:d3:04:7b:b9:65:b1:dc:8e:46:e4:a9:
1a:11:5c:06:f1:ca:e2:da:2a:48:df:07:21:49:89:8b:c8:bb:
77:80:b9:e0:4d:89:cb:33:33:72:05:59:5a:63:2d:fe:eb:47:
9a:fd:47:8a:2b:cd:72:8c:0d:fc:77:21:2e:de:b4:3f:c6:61:
bd:6b:6a:b1:b3:e0:4a:f7:58:6e:5d:0e:5f:a8:a3:a9:49:0e:
5d:bf:ca:29:cc:5d:51:93:8c:95:f5:e8:9e:fa:59:6c:1c:94:
07:8a:84:f6:44:3a:48:0a:10:d1:28:8c:1c:93:19:ac:53:6a:
49:64:6b:00:b7:13:d2:34:8b:fd:ec:4d:10:e7:17:8d:92:ff:
99:6f:d1:14:82:31:3d:97:58:98:48:d8:21:4e:63:24:6d:f5:
6c:43:14:88:c6:ad:71:5e:59:4f:d2:43:0f:c8:e0:ae:47:b7:
37:06:30:a0:19:f8:16:11:3d:42:80:70:cd:34:21:e9:e8:db:
44:8a:13:cd:cf:f1:47:a5:10:14:ff:7b:d0:df:d0:6c:f6:3f:
b7:36:56:6d:1f:e5:ee:d3:d9:9b:8a:b2:44:42:49:02:bd:6a:
d4:d5:ca:42:18:e6:57:a0:11:f1:b4:0a:32:42:23:12:e8:fd:
fb:ca:6a:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzofTNgfIdguT1ymiF49BuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTA4MDk1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTIzNGMxOGYyMTg1ZTdkOTUwZjg0NGY0ZTg2ZmI3ZWVlNTY5YWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk9aGTuG1m1w5ybYBztq3iaXXeF6q
lA4wBXkDyr6f/FVeBb8GGxP9ETeZrixPrGgAU1eoTRnZA3Gw5m3zHpDIddNA4dhE
ExjLG1OfhfTvt3mj4Mtig/1KD6/UBlYX+3zK+18IWKOXSKJlsOufooxR8HNek/9T
jBxps7pracJtriE/l7wJ4o0iTms4606VEg3ycOuZYUzrjhQw6YAQ6CcNGAZs8KCC
rErEROfpXJ7a4Gw/dRQBvuwpLrBLjSw/7vbpETO91Zya7VF3R4msHqMExf3RGD8Z
8XpIaQo0SBmIIWexfEOoLBx0UtR63fl/kLu+NbOq1qqu+hz1BMv2nlH5aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLUjTBjyGF59lQ+ET06G+37uVpr8MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdFNOTUdQSVlYbjJWRDRSUFRvYjdmdTVXbXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWEMA0G
CSqGSIb3DQEBCwUAA4IBAQAzZfoLNXGG0wR7uWWx3I5G5KkaEVwG8cri2ipI3wch
SYmLyLt3gLngTYnLMzNyBVlaYy3+60ea/UeKK81yjA38dyEu3rQ/xmG9a2qxs+BK
91huXQ5fqKOpSQ5dv8opzF1Rk4yV9eie+llsHJQHioT2RDpIChDRKIwckxmsU2pJ
ZGsAtxPSNIv97E0Q5xeNkv+Zb9EUgjE9l1iYSNghTmMkbfVsQxSIxq1xXllP0kMP
yOCuR7c3BjCgGfgWET1CgHDNNCHp6NtEihPNz/FHpRAU/3vQ39Bs9j+3NlZtH+Xu
09mbirJEQkkCvWrU1cpCGOZXoBHxtAoyQiMS6P37ympx
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:49 2025 by rpki-client