Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yaQ3E_nrQ-fgr5xe0vkGP8725aA.roa
File: yaQ3E_nrQ-fgr5xe0vkGP8725aA.roa (raw, json)
Hash identifier: aZ1xV8pC5be2tZAFXSHK1rjNHRM0E0vjmPkjTaPmwLQ=
Subject key identifier: C9:A4:37:13:F9:EB:43:E7:E0:AF:9C:5E:D2:F9:06:3F:CE:F6:E5:A0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E5FF39EB85569BF166F4C70D27DDACEEA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yaQ3E_nrQ-fgr5xe0vkGP8725aA.roa
Signing time: Thu 21 Mar 2024 07:39:45 +0000
ROA not before: Thu 21 Mar 2024 07:39:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215672
IP address blocks: 89.213.219.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 17 May 2024 07:51:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:5f:f3:9e:b8:55:69:bf:16:6f:4c:70:d2:7d:da:ce:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Mar 21 07:39:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9a43713f9eb43e7e0af9c5ed2f9063fcef6e5a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:61:7d:65:9b:2b:c9:ba:87:d4:5a:92:8c:82:
61:ed:fd:0e:88:ca:93:e6:93:55:62:76:6c:f2:8d:
c4:4b:c1:d8:41:80:79:12:0b:65:04:3c:5e:d5:01:
dd:c8:83:11:4b:8f:b6:5e:20:66:b1:aa:04:93:d0:
57:71:a7:34:de:fc:44:06:5a:ff:36:8b:d5:7e:71:
51:7c:cd:c3:c1:9d:35:55:f3:da:70:60:1f:e2:6c:
36:cf:7d:78:d9:61:f7:31:57:d7:12:7c:65:12:76:
28:a3:2d:ef:7b:c7:33:5f:cc:ce:2d:c1:6e:64:33:
6c:fc:1e:1a:08:96:b5:65:dc:89:21:e9:e4:0b:aa:
0c:db:b3:6a:80:ee:72:6b:22:0c:34:ee:7b:f3:06:
d5:6d:5a:80:97:46:f9:6a:9e:50:05:fc:4d:fa:a4:
88:c7:20:28:63:c5:d5:84:d1:20:cf:6f:42:18:d0:
10:1c:35:68:0a:2c:da:3d:06:3c:30:b9:38:c0:ad:
99:c2:89:56:2c:55:de:37:e2:f9:52:af:6e:5e:4b:
0f:9e:c8:dd:34:d4:14:17:51:6a:cd:ec:0f:8c:90:
33:ad:c1:7c:da:72:62:e0:4d:a5:19:44:07:76:66:
c2:a7:5a:1e:74:39:c3:9e:65:bd:52:df:42:f8:47:
3e:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:A4:37:13:F9:EB:43:E7:E0:AF:9C:5E:D2:F9:06:3F:CE:F6:E5:A0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yaQ3E_nrQ-fgr5xe0vkGP8725aA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.219.0/24
Signature Algorithm: sha256WithRSAEncryption
41:e7:c5:18:bb:45:fc:46:c3:c8:49:e9:a1:c4:6c:15:cd:ea:
cf:43:75:37:3c:52:cf:28:8d:ab:17:f0:a7:98:71:d1:49:89:
3c:3c:46:55:15:13:4b:fb:af:04:b2:cd:38:00:e1:d4:98:e9:
e5:92:10:d2:fa:65:93:9c:07:28:49:c6:3d:fd:eb:c3:ad:64:
56:d0:65:e3:19:59:bf:85:6c:8b:49:5a:91:68:d5:6a:0b:89:
7a:5e:ef:a5:1b:e1:2b:4d:5a:43:c3:be:39:98:0a:c5:b2:b0:
9e:1d:5f:54:97:40:a5:74:06:dd:70:87:6e:76:61:66:f3:4a:
0a:8b:5f:65:42:07:46:53:94:85:96:6e:83:1e:3b:0a:05:7b:
b7:7b:20:cf:dd:a2:a4:12:60:b4:a7:fc:9b:8c:f5:7b:24:a2:
be:bf:04:12:3f:44:cd:76:63:24:c9:75:96:87:d3:62:24:27:
4a:f3:f0:77:d0:59:b5:17:ec:1d:6a:15:4c:7c:03:15:52:51:
c2:63:7f:38:0c:ec:69:4e:45:5a:11:d3:85:0c:20:03:8f:17:
de:41:bf:4f:36:6d:3e:0e:d3:41:37:bc:e0:21:0d:48:49:1f:
ff:cc:ae:72:23:46:e6:39:e0:11:fc:76:65:02:da:52:1c:2b:
89:47:c3:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY5f8564VWm/Fm9McNJ92s7qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMzIxMDczOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWE0MzcxM2Y5ZWI0M2U3ZTBhZjljNWVkMmY5MDYzZmNlZjZlNWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmF9ZZsrybqH1FqSjIJh7f0OiMqT
5pNVYnZs8o3ES8HYQYB5EgtlBDxe1QHdyIMRS4+2XiBmsaoEk9BXcac03vxEBlr/
NovVfnFRfM3DwZ01VfPacGAf4mw2z3142WH3MVfXEnxlEnYooy3ve8czX8zOLcFu
ZDNs/B4aCJa1ZdyJIenkC6oM27NqgO5yayIMNO578wbVbVqAl0b5ap5QBfxN+qSI
xyAoY8XVhNEgz29CGNAQHDVoCizaPQY8MLk4wK2ZwolWLFXeN+L5Uq9uXksPnsjd
NNQUF1FqzewPjJAzrcF82nJi4E2lGUQHdmbCp1oedDnDnmW9Ut9C+Ec+dQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMmkNxP560Pn4K+cXtL5Bj/O9uWgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveWFRM0VfbnJRLWZncjV4ZTB2a0dQODcyNWFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdXbMA0G
CSqGSIb3DQEBCwUAA4IBAQBB58UYu0X8RsPISemhxGwVzerPQ3U3PFLPKI2rF/Cn
mHHRSYk8PEZVFRNL+68Ess04AOHUmOnlkhDS+mWTnAcoScY9/evDrWRW0GXjGVm/
hWyLSVqRaNVqC4l6Xu+lG+ErTVpDw745mArFsrCeHV9Ul0CldAbdcIdudmFm80oK
i19lQgdGU5SFlm6DHjsKBXu3eyDP3aKkEmC0p/ybjPV7JKK+vwQSP0TNdmMkyXWW
h9NiJCdK8/B30Fm1F+wdahVMfAMVUlHCY384DOxpTkVaEdOFDCADjxfeQb9PNm0+
DtNBN7zgIQ1ISR//zK5yI0bmOeAR/HZlAtpSHCuJR8Ph
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:36 2025 by rpki-client