Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wSU2FP3I-BxWATr3LOHhWzPTiz4.roa
File: wSU2FP3I-BxWATr3LOHhWzPTiz4.roa (raw, json)
Hash identifier: 5eXDrGIAe7CjVnIDJlbsg9ke3tGZMmCTq+SEzohIF8Y=
Subject key identifier: C1:25:36:14:FD:C8:F8:1C:56:01:3A:F7:2C:E1:E1:5B:33:D3:8B:3E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190DBEF6CBDF3B10E3112EAC35E064099F5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wSU2FP3I-BxWATr3LOHhWzPTiz4.roa
Signing time: Mon 22 Jul 2024 19:33:39 +0000
ROA not before: Mon 22 Jul 2024 19:33:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39600
IP address blocks: 89.213.223.0/24 maxlen: 24
89.213.228.0/23 maxlen: 24
Validation: Failed, certificate revoked on Wed 28 Aug 2024 16:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:db:ef:6c:bd:f3:b1:0e:31:12:ea:c3:5e:06:40:99:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 22 19:33:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1253614fdc8f81c56013af72ce1e15b33d38b3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:14:7b:b5:ea:63:27:09:e5:6a:9f:ff:da:28:
35:f2:68:6f:d3:4a:54:f7:44:ca:2d:52:ac:7f:8a:
af:f5:75:77:c4:37:e8:0c:c8:b3:74:36:7f:a8:10:
de:ab:fc:62:e8:ff:9e:80:6a:80:7c:02:d2:77:bf:
f9:dc:e8:7b:5e:33:81:60:55:17:1b:ab:17:64:4e:
9d:b8:8a:98:2d:e4:31:4e:f3:3e:c8:f8:be:fc:33:
1b:f1:ab:a3:c3:aa:f5:ab:6a:b1:20:f6:01:1d:fe:
2a:13:ce:02:51:09:58:38:bb:71:56:c7:81:77:ed:
de:9d:a2:73:2d:09:24:1c:b8:81:4b:39:ae:a9:20:
45:8d:1d:de:b7:a2:b9:62:30:fb:5c:6a:64:40:4c:
5b:1d:f9:46:bb:66:f1:5b:a0:ae:ad:44:1d:00:0a:
a9:58:61:5e:be:2b:a1:79:3e:01:a8:30:e0:fd:28:
cb:f7:eb:d9:fa:f6:0a:45:cb:63:5d:50:84:5d:65:
84:d2:c8:50:f2:7f:a5:89:14:9b:88:1a:7e:5d:9c:
72:09:b7:14:37:c0:98:4d:de:e0:c4:a0:f3:62:73:
15:18:2f:4d:6a:84:d1:73:47:fe:29:02:a1:d2:fc:
6a:95:c1:cf:5b:1d:77:dd:be:8a:8f:83:33:28:a3:
e5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:25:36:14:FD:C8:F8:1C:56:01:3A:F7:2C:E1:E1:5B:33:D3:8B:3E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wSU2FP3I-BxWATr3LOHhWzPTiz4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.223.0/24
89.213.228.0/23
Signature Algorithm: sha256WithRSAEncryption
69:f8:ab:3f:d0:f1:b9:c5:d7:50:68:c1:b7:0d:e3:9f:67:af:
91:b2:59:79:c7:e2:d3:f7:05:4e:cb:05:2d:48:8f:1f:25:75:
28:77:30:74:a7:43:bb:da:90:ef:fc:db:e1:15:f7:19:f7:d5:
bf:5d:23:36:19:85:0a:c4:c7:87:19:a6:09:4c:f6:36:5f:28:
9b:a6:22:f5:c6:0c:4b:93:a9:6a:2d:04:01:fc:59:4a:56:1a:
cc:20:bb:a7:7a:d6:b0:23:64:7a:6d:68:1a:43:1b:b2:ac:a3:
32:20:f6:fb:e0:27:87:68:20:d2:f0:24:13:6d:1c:4f:3a:98:
08:37:36:58:a0:63:ae:a0:6d:65:b4:58:a9:bd:6e:e7:e4:62:
82:87:f3:fd:2b:3a:84:81:c3:3d:9a:c5:08:5f:6c:f0:08:23:
07:c4:31:6f:5c:89:7a:00:98:09:c8:a2:32:c7:b0:be:1f:62:
8f:a5:fd:c7:51:5d:12:b0:2b:67:45:90:34:11:0b:c7:2f:28:
7c:6a:a2:be:2f:cd:6a:2c:0f:d5:d5:dd:c4:9f:4f:2a:39:3c:
f4:e2:50:50:19:8c:7d:c2:09:8b:af:54:dc:46:60:df:dd:f3:
d4:cc:f8:8b:c1:53:2e:1f:a5:34:e0:4a:82:73:d5:d3:2b:0d:
99:5d:14:34
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDb72y987EOMRLqw14GQJn1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzIyMTkzMzM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTI1MzYxNGZkYzhmODFjNTYwMTNhZjcyY2UxZTE1YjMzZDM4YjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RR7tepjJwnlap//2ig18mhv00pU
90TKLVKsf4qv9XV3xDfoDMizdDZ/qBDeq/xi6P+egGqAfALSd7/53Oh7XjOBYFUX
G6sXZE6duIqYLeQxTvM+yPi+/DMb8aujw6r1q2qxIPYBHf4qE84CUQlYOLtxVseB
d+3enaJzLQkkHLiBSzmuqSBFjR3et6K5YjD7XGpkQExbHflGu2bxW6CurUQdAAqp
WGFeviuheT4BqDDg/SjL9+vZ+vYKRctjXVCEXWWE0shQ8n+liRSbiBp+XZxyCbcU
N8CYTd7gxKDzYnMVGC9NaoTRc0f+KQKh0vxqlcHPWx133b6Kj4MzKKPlmwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMElNhT9yPgcVgE69yzh4Vsz04s+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd1NVMkZQM0ktQnhXQVRyM0xPSGhXelBUaXo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdXfAwQB
WdXkMA0GCSqGSIb3DQEBCwUAA4IBAQBp+Ks/0PG5xddQaMG3DeOfZ6+Rsll5x+LT
9wVOywUtSI8fJXUodzB0p0O72pDv/NvhFfcZ99W/XSM2GYUKxMeHGaYJTPY2Xyib
piL1xgxLk6lqLQQB/FlKVhrMILunetawI2R6bWgaQxuyrKMyIPb74CeHaCDS8CQT
bRxPOpgINzZYoGOuoG1ltFipvW7n5GKCh/P9KzqEgcM9msUIX2zwCCMHxDFvXIl6
AJgJyKIyx7C+H2KPpf3HUV0SsCtnRZA0EQvHLyh8aqK+L81qLA/V1d3En08qOTz0
4lBQGYx9wgmLr1TcRmDf3fPUzPiLwVMuH6U04EqCc9XTKw2ZXRQ0
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:20 2025 by rpki-client