Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/whsxQz7WA_v6E48IyGxXh5Ye2xc.roa
File: whsxQz7WA_v6E48IyGxXh5Ye2xc.roa (raw, json)
Hash identifier: QhvQ9L9ZlOuw89xeLHOysFCMtUVbXD5pgynnWyP25ck=
Subject key identifier: C2:1B:31:43:3E:D6:03:FB:FA:13:8F:08:C8:6C:57:87:96:1E:DB:17
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190F47DF637BB174F821096B3CDD2699223
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/whsxQz7WA_v6E48IyGxXh5Ye2xc.roa
Signing time: Sat 27 Jul 2024 14:00:13 +0000
ROA not before: Sat 27 Jul 2024 14:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 81.5.189.0/24 maxlen: 24
89.213.146.0/24 maxlen: 24
89.213.152.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 13:41:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:f4:7d:f6:37:bb:17:4f:82:10:96:b3:cd:d2:69:92:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 27 14:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c21b31433ed603fbfa138f08c86c5787961edb17
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:4f:13:ef:4e:5d:6b:f6:64:1c:e1:b8:90:
dd:e8:0c:41:5d:74:9f:d1:f4:33:70:3c:ec:78:ac:
15:55:c1:b4:32:66:e4:03:10:20:e0:5a:b4:3e:58:
fd:19:44:ad:c1:42:74:67:77:4b:1e:d3:2a:aa:2a:
5e:64:80:75:92:7e:2f:50:ef:e6:55:15:44:69:f7:
f0:01:1d:14:57:c7:16:68:f2:e7:c1:6e:0b:f4:80:
af:dc:87:f6:e1:b1:b3:df:36:2e:09:ba:34:bb:8f:
19:17:d0:dd:8d:17:61:bd:1e:a9:b4:87:36:ff:7b:
8e:64:de:7d:61:ba:ec:c4:23:c7:ca:09:64:35:33:
9e:7d:36:19:31:ab:ff:4a:d1:28:89:f7:96:43:8b:
97:7b:25:7e:89:d2:57:37:ed:bb:cf:ba:66:80:9b:
74:36:be:c7:11:15:59:80:94:6d:6c:d5:35:5e:e0:
31:d7:23:64:ff:c3:ee:ff:9f:f5:62:fd:19:1f:c6:
c7:1d:90:b8:4f:1a:dc:21:f3:7a:c2:0a:6a:c8:16:
c8:cd:54:85:ca:6e:91:8f:dc:ac:69:e9:46:31:72:
31:32:12:f9:ab:57:81:a3:fd:31:d5:c9:10:07:62:
40:45:47:c1:77:ce:20:8c:3d:ff:61:1e:fc:d9:f9:
94:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1B:31:43:3E:D6:03:FB:FA:13:8F:08:C8:6C:57:87:96:1E:DB:17
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/whsxQz7WA_v6E48IyGxXh5Ye2xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.5.189.0/24
89.213.146.0/24
89.213.152.0/24
89.213.176.0/24
89.213.183.0/24
89.213.212.0/24
Signature Algorithm: sha256WithRSAEncryption
30:1b:c1:07:c1:64:42:63:c8:36:4a:99:38:a2:84:eb:b5:da:
ac:5e:29:c8:67:97:09:aa:26:2d:d8:4e:b7:eb:22:c2:0e:21:
23:36:e5:97:82:24:41:b6:53:11:4c:4c:c4:d4:1e:ea:7f:22:
45:ff:68:01:46:4a:17:c8:c0:54:dd:63:b5:ed:7b:70:93:33:
a0:2c:b3:a9:a4:dd:48:26:30:78:87:41:59:7d:d9:13:d2:45:
4e:ce:ad:f9:39:94:02:c0:dd:c1:35:fc:fb:88:fe:ad:43:a1:
66:72:7a:75:c4:2c:26:c1:5b:83:df:34:cd:d7:d3:dc:fc:75:
05:27:3e:5d:4f:6d:ea:c5:1e:c0:64:1d:6f:41:39:91:ee:64:
17:36:56:00:d9:6c:82:26:2d:88:48:73:7f:cb:d5:b9:1b:6d:
94:30:58:7f:0c:4f:22:a7:d7:08:93:76:a4:1a:7b:93:d8:2d:
78:97:81:61:39:1a:13:d9:24:aa:54:a1:06:2c:fe:4a:14:53:
82:b0:35:59:84:f7:e7:bf:73:05:34:3c:78:12:6a:a4:4d:52:
34:1c:93:61:ee:c5:a4:e4:47:16:05:03:ce:bc:fb:74:f4:e0:
98:1f:5b:69:40:e4:a2:e9:cd:84:8a:a3:90:15:bd:cb:ee:9a:
31:47:f5:30
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZD0ffY3uxdPghCWs83SaZIjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzI3MTQwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjFiMzE0MzNlZDYwM2ZiZmExMzhmMDhjODZjNTc4Nzk2MWVkYjE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFNPE+9OXWv2ZBzhuJDd6AxBXXSf
0fQzcDzseKwVVcG0MmbkAxAg4Fq0Plj9GUStwUJ0Z3dLHtMqqipeZIB1kn4vUO/m
VRVEaffwAR0UV8cWaPLnwW4L9ICv3If24bGz3zYuCbo0u48ZF9DdjRdhvR6ptIc2
/3uOZN59YbrsxCPHyglkNTOefTYZMav/StEoifeWQ4uXeyV+idJXN+27z7pmgJt0
Nr7HERVZgJRtbNU1XuAx1yNk/8Pu/5/1Yv0ZH8bHHZC4TxrcIfN6wgpqyBbIzVSF
ym6Rj9ysaelGMXIxMhL5q1eBo/0x1ckQB2JARUfBd84gjD3/YR782fmUQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFMIbMUM+1gP7+hOPCMhsV4eWHtsXMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd2hzeFF6N1dBX3Y2RTQ4SXlHeFhoNVllMnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUQW9AwQA
WdWSAwQAWdWYAwQAWdWwAwQAWdW3AwQAWdXUMA0GCSqGSIb3DQEBCwUAA4IBAQAw
G8EHwWRCY8g2Spk4ooTrtdqsXinIZ5cJqiYt2E636yLCDiEjNuWXgiRBtlMRTEzE
1B7qfyJF/2gBRkoXyMBU3WO17XtwkzOgLLOppN1IJjB4h0FZfdkT0kVOzq35OZQC
wN3BNfz7iP6tQ6Fmcnp1xCwmwVuD3zTN19Pc/HUFJz5dT23qxR7AZB1vQTmR7mQX
NlYA2WyCJi2ISHN/y9W5G22UMFh/DE8ip9cIk3akGnuT2C14l4FhORoT2SSqVKEG
LP5KFFOCsDVZhPfnv3MFNDx4EmqkTVI0HJNh7sWk5EcWBQPOvPt09OCYH1tpQOSi
6c2EiqOQFb3L7poxR/Uw
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:36:20 2025 by rpki-client