Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xzPYEoXeZs3nYdavnJsAGq7BfB8.roa
File: xzPYEoXeZs3nYdavnJsAGq7BfB8.roa (raw, json)
Hash identifier: 21s4EVMmNICr++0rd9rRU748J1wTecgRiTp4oiUAd/c=
Subject key identifier: C7:33:D8:12:85:DE:66:CD:E7:61:D6:AF:9C:9B:00:1A:AE:C1:7C:1F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906B0354F3F332882E73BAD06DADA91C33
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xzPYEoXeZs3nYdavnJsAGq7BfB8.roa
Signing time: Sun 30 Jun 2024 21:18:18 +0000
ROA not before: Sun 30 Jun 2024 21:18:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214986
IP address blocks: 89.213.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 24 Jul 2024 09:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6b:03:54:f3:f3:32:88:2e:73:ba:d0:6d:ad:a9:1c:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:18:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c733d81285de66cde761d6af9c9b001aaec17c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3e:4e:a9:8d:c1:b7:13:08:75:cc:c6:1d:3f:
75:e5:e7:7e:d7:d3:6b:c6:02:7f:8c:4f:29:dc:ab:
fb:6b:61:9a:e4:6a:cd:97:e6:fd:bd:c3:f9:83:23:
6f:11:f7:d3:10:33:2d:46:64:8f:16:d5:e1:48:43:
8d:19:63:2a:fb:1d:f1:90:d2:b8:ec:87:36:b5:af:
b8:bb:0a:5d:62:68:e1:69:d8:71:6b:ab:bc:fd:8a:
bd:4c:68:fd:5b:0a:59:47:62:28:a3:a6:2e:8d:84:
a3:23:2e:b6:18:a8:52:8b:a8:bf:3d:b8:1b:e6:33:
c3:01:3b:bc:aa:75:15:92:57:d4:6e:83:02:82:cd:
52:43:da:94:77:79:2e:e3:3a:16:5b:33:a1:52:c1:
e3:3f:3a:b1:27:82:9e:c6:4c:e4:5c:2b:b7:ce:e7:
a3:31:86:59:31:7e:62:a5:59:cc:ce:0c:7a:70:b0:
e1:36:d5:f4:e7:23:ba:a0:44:de:0b:ec:78:02:61:
6e:f6:01:56:e7:e2:68:af:6d:1a:b7:5a:3a:e7:38:
3a:dd:ba:3f:94:c7:79:b1:35:7d:b7:36:80:36:6e:
73:45:c5:20:1d:57:04:d6:8f:b5:da:e9:f3:22:b0:
fe:ac:cd:89:a3:25:ad:f8:c0:aa:58:3a:6a:e8:79:
68:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:33:D8:12:85:DE:66:CD:E7:61:D6:AF:9C:9B:00:1A:AE:C1:7C:1F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/xzPYEoXeZs3nYdavnJsAGq7BfB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.120.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:5d:ce:f1:ec:8c:70:0b:52:6d:c6:f0:1c:dc:b4:ab:32:48:
4a:cf:c3:73:da:84:e4:b7:26:ea:c0:5b:09:2b:03:fd:2f:58:
c4:e6:5c:1e:00:11:78:76:a0:e5:c3:6c:cf:31:92:e0:64:06:
cb:4f:0a:c5:bc:ab:c7:ab:95:c1:27:21:fe:77:e3:f8:77:6a:
ac:10:59:a7:be:ec:79:fd:66:2c:d9:99:3a:7a:f2:c3:45:5d:
79:b1:e9:a0:5b:f5:8c:17:81:0a:5b:e8:14:8f:a4:68:87:8e:
1a:5d:45:f9:0e:86:18:f1:57:45:68:eb:66:8c:71:f7:c0:9d:
20:de:2e:95:b3:54:79:52:d3:de:dc:42:77:ca:ee:18:46:cf:
22:ac:c4:bd:4a:43:78:81:37:1f:ec:37:d9:4f:e9:20:d7:99:
a4:86:89:97:69:7c:12:66:ae:c7:78:ce:9b:84:ca:11:a0:2b:
15:25:a9:f3:7d:49:7c:57:ba:5d:b6:2e:5b:b1:1f:f1:67:9a:
63:dd:d8:de:bc:32:55:66:b2:83:70:80:ab:34:b0:ca:79:6a:
b9:22:48:e6:15:e2:9e:d4:32:2b:d2:9a:ab:18:94:08:31:47:
07:02:fd:f8:e3:46:c7:d4:26:9a:0a:7f:94:73:b6:75:5f:bf:
f6:b2:1f:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBrA1Tz8zKILnO60G2tqRwzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjExODE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNzMzZDgxMjg1ZGU2NmNkZTc2MWQ2YWY5YzliMDAxYWFlYzE3YzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvz5OqY3BtxMIdczGHT915ed+19Nr
xgJ/jE8p3Kv7a2Ga5GrNl+b9vcP5gyNvEffTEDMtRmSPFtXhSEONGWMq+x3xkNK4
7Ic2ta+4uwpdYmjhadhxa6u8/Yq9TGj9WwpZR2Ioo6YujYSjIy62GKhSi6i/Pbgb
5jPDATu8qnUVklfUboMCgs1SQ9qUd3ku4zoWWzOhUsHjPzqxJ4KexkzkXCu3zuej
MYZZMX5ipVnMzgx6cLDhNtX05yO6oETeC+x4AmFu9gFW5+Jor20at1o65zg63bo/
lMd5sTV9tzaANm5zRcUgHVcE1o+12unzIrD+rM2JoyWt+MCqWDpq6HlotwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMcz2BKF3mbN52HWr5ybABquwXwfMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveHpQWUVvWGVaczNuWWRhdm5Kc0FHcTdCZkI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdV4MA0G
CSqGSIb3DQEBCwUAA4IBAQAeXc7x7IxwC1JtxvAc3LSrMkhKz8Nz2oTktybqwFsJ
KwP9L1jE5lweABF4dqDlw2zPMZLgZAbLTwrFvKvHq5XBJyH+d+P4d2qsEFmnvux5
/WYs2Zk6evLDRV15semgW/WMF4EKW+gUj6Roh44aXUX5DoYY8VdFaOtmjHH3wJ0g
3i6Vs1R5UtPe3EJ3yu4YRs8irMS9SkN4gTcf7DfZT+kg15mkhomXaXwSZq7HeM6b
hMoRoCsVJanzfUl8V7pdti5bsR/xZ5pj3djevDJVZrKDcICrNLDKeWq5IkjmFeKe
1DIr0pqrGJQIMUcHAv3440bH1CaaCn+Uc7Z1X7/2sh+Z
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:46 2025 by rpki-client