Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tviMF_75I21wakJ9HTfQN0BKHCM.roa
File: tviMF_75I21wakJ9HTfQN0BKHCM.roa (raw, json)
Hash identifier: 7/RwiKv1xcF63z16epg8EcDWRsael7J35cpy6AqgXzg=
Subject key identifier: B6:F8:8C:17:FE:F9:23:6D:70:6A:42:7D:1D:37:D0:37:40:4A:1C:23
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3494D0BFFD309BA60954384556234C9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tviMF_75I21wakJ9HTfQN0BKHCM.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
81.5.189.0/24 maxlen: 24
82.153.65.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
82.152.49.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 25 Mar 2024 14:50:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4d:0b:ff:d3:09:ba:60:95:43:84:55:62:34:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6f88c17fef9236d706a427d1d37d037404a1c23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:08:77:51:9e:4e:dc:d7:0e:d0:22:f6:16:14:
88:30:6c:96:ea:68:5a:9a:66:7f:99:2e:5c:80:a9:
56:27:58:69:0a:91:40:73:42:e5:3e:df:a3:27:09:
11:70:76:43:c4:98:c2:3f:29:cf:de:b4:3f:b7:3e:
77:6d:04:86:1d:8b:df:af:f3:53:6f:d0:e6:96:21:
9d:22:9b:32:cd:2b:d9:b8:dd:3e:de:06:f9:e3:15:
30:16:44:71:29:87:1d:e9:3c:ff:2f:4d:ca:bd:8a:
45:2d:45:83:33:29:84:61:28:0e:fc:5e:1e:b7:ae:
1a:c0:e4:64:df:04:f7:69:ae:ea:e2:bc:1d:f3:9c:
92:4a:00:53:ab:b4:ed:4e:c4:a3:13:97:10:9d:c2:
08:46:dd:f3:1f:5f:97:1e:09:7f:32:a8:da:80:dc:
dc:ae:bf:6c:9f:fa:af:51:9f:79:5a:7a:bb:bc:b8:
eb:9a:c8:9c:5b:32:04:83:da:6b:b9:da:32:4b:cb:
dc:04:d4:54:e1:26:d8:5c:6f:fd:67:88:b0:19:50:
cd:e8:23:f4:ef:d4:d4:dc:8a:35:0f:66:b1:11:b3:
de:d5:8a:ee:8a:ac:27:65:c4:e1:8c:54:a9:40:25:
92:da:50:d9:e4:6d:93:26:5d:cb:f6:c0:c2:1f:3f:
e8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F8:8C:17:FE:F9:23:6D:70:6A:42:7D:1D:37:D0:37:40:4A:1C:23
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/tviMF_75I21wakJ9HTfQN0BKHCM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
82.152.49.0/24
82.153.65.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:b8:34:af:28:3f:77:df:76:7a:df:10:04:9d:a3:58:7e:a1:
d4:e2:4c:83:54:0a:89:05:7c:ca:c1:e4:ae:6e:eb:fa:93:17:
6f:1f:d5:e9:f2:88:92:49:b4:a6:5b:d4:51:3d:f6:59:3f:74:
69:8c:4f:43:1d:4d:01:9d:17:aa:97:63:59:a7:6e:88:a8:3c:
cf:d5:86:dc:e5:ed:99:60:36:ae:59:55:63:9c:8e:00:7c:bf:
06:97:f9:84:87:91:07:f1:8e:1b:55:08:e4:1f:97:28:10:d7:
6f:92:7d:ff:f9:ab:92:20:f9:a7:4d:19:de:7f:9d:6a:4d:a3:
fb:04:3e:38:94:bb:b3:e3:f2:e2:f5:8f:ba:62:2b:e3:e6:76:
fc:23:35:f3:a1:cc:6f:91:b9:d1:97:8d:3e:02:fd:bd:19:50:
cd:c4:da:f1:a9:df:fa:2f:b6:21:af:33:2f:a5:24:40:ec:3c:
52:08:ca:48:c6:4e:c6:88:4e:74:b4:16:ef:cb:c2:53:78:e3:
08:5a:4c:cc:80:d9:72:b4:b2:18:2c:8b:f6:12:0a:4a:80:fa:
4c:e2:36:af:5e:da:43:27:cf:93:01:13:36:f8:eb:82:51:b3:
5e:f7:e9:f1:33:20:34:64:e0:b6:49:58:ed:59:c5:92:d6:ec:
1c:c6:23:4c
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDSU0L/9MJumCVQ4RVYjTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY4OGMxN2ZlZjkyMzZkNzA2YTQyN2QxZDM3ZDAzNzQwNGExYzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgwh3UZ5O3NcO0CL2FhSIMGyW6mha
mmZ/mS5cgKlWJ1hpCpFAc0LlPt+jJwkRcHZDxJjCPynP3rQ/tz53bQSGHYvfr/NT
b9DmliGdIpsyzSvZuN0+3gb54xUwFkRxKYcd6Tz/L03KvYpFLUWDMymEYSgO/F4e
t64awORk3wT3aa7q4rwd85ySSgBTq7TtTsSjE5cQncIIRt3zH1+XHgl/MqjagNzc
rr9sn/qvUZ95Wnq7vLjrmsicWzIEg9prudoyS8vcBNRU4SbYXG/9Z4iwGVDN6CP0
79TU3Io1D2axEbPe1YruiqwnZcThjFSpQCWS2lDZ5G2TJl3L9sDCHz/oEQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLb4jBf++SNtcGpCfR030DdAShwjMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdHZpTUZfNzVJMjF3YWtKOUhUZlFOMEJLSENNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUQW9AwQA
UpgxAwQAUplBAwQAWdWYAwQAWdWwAwQAWdW3MA0GCSqGSIb3DQEBCwUAA4IBAQBd
uDSvKD9333Z63xAEnaNYfqHU4kyDVAqJBXzKweSubuv6kxdvH9Xp8oiSSbSmW9RR
PfZZP3RpjE9DHU0BnReql2NZp26IqDzP1Ybc5e2ZYDauWVVjnI4AfL8Gl/mEh5EH
8Y4bVQjkH5coENdvkn3/+auSIPmnTRnef51qTaP7BD44lLuz4/Li9Y+6Yivj5nb8
IzXzocxvkbnRl40+Av29GVDNxNrxqd/6L7YhrzMvpSRA7DxSCMpIxk7GiE50tBbv
y8JTeOMIWkzMgNlytLIYLIv2EgpKgPpM4javXtpDJ8+TARM2+OuCUbNe9+nxMyA0
ZOC2SVjtWcWS1uwcxiNM
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:56 2025 by rpki-client