Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ymiGMyBfBD7KMne3zzGXWj-ICxM.roa
File: ymiGMyBfBD7KMne3zzGXWj-ICxM.roa (raw, json)
Hash identifier: lNQJumMXIbooJFv4HBX4M2xLWyraZInLehvcxoKfHms=
Subject key identifier: CA:68:86:33:20:5F:04:3E:CA:32:77:B7:CF:31:97:5A:3F:88:0B:13
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FB93CD682D627CEAADA7BF4E79FEBDF90
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ymiGMyBfBD7KMne3zzGXWj-ICxM.roa
Signing time: Mon 27 May 2024 08:48:43 +0000
ROA not before: Mon 27 May 2024 08:48:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 89.213.146.0/24 maxlen: 24
109.176.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 02 Jul 2024 16:40:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b9:3c:d6:82:d6:27:ce:aa:da:7b:f4:e7:9f:eb:df:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 27 08:48:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ca688633205f043eca3277b7cf31975a3f880b13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:14:53:93:3a:56:23:30:d5:03:4f:46:da:25:
a0:a1:23:69:12:e4:c5:db:1b:c9:aa:74:ee:a1:9b:
ea:a3:5e:3c:5d:d5:7e:a3:3a:9e:e3:82:43:da:c0:
03:f5:9d:bf:dd:d8:17:c4:8a:68:7c:54:b0:e0:8a:
ff:bf:a5:7d:96:63:56:8b:f2:7e:ae:d9:27:98:51:
47:ca:2b:43:d8:64:5a:5c:32:fb:62:67:1f:d2:41:
39:3e:d4:e1:f2:c2:1a:dc:18:dd:34:d6:30:5e:fe:
07:bf:99:7f:4f:df:c1:bd:98:94:61:af:dc:9b:1d:
e5:9c:c2:d9:5b:e0:1b:a9:46:20:e0:d4:5f:36:88:
ff:8e:0f:f2:ff:27:db:b1:e7:95:06:c4:b1:7d:fc:
09:69:ea:6f:5d:84:67:ca:e3:c8:74:9c:a2:d5:96:
5d:7b:d5:07:dd:d9:33:91:01:19:1d:51:c4:a7:29:
38:87:fb:ae:0c:5e:a7:4e:92:63:7a:70:7c:46:d0:
52:0a:87:1d:ea:39:dd:e9:cf:55:fa:1e:7d:c0:a5:
e5:40:f3:fe:e9:ab:9b:a7:7c:ba:53:7b:0c:98:39:
35:47:8f:5b:f0:8f:ba:fe:de:3a:b6:e5:6f:3c:a3:
a1:97:1e:25:8d:bf:8b:11:4e:86:1a:e3:c1:1f:4c:
a0:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:68:86:33:20:5F:04:3E:CA:32:77:B7:CF:31:97:5A:3F:88:0B:13
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ymiGMyBfBD7KMne3zzGXWj-ICxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.146.0/24
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ec:6b:7c:e2:2f:e3:26:c3:10:5e:ec:26:59:bf:bf:57:85:
94:90:19:90:0f:12:50:8a:16:27:24:f4:37:73:00:39:23:ee:
e2:93:d1:21:f9:4e:58:46:93:f9:6d:6e:ce:b9:12:8c:28:d6:
40:a1:5a:63:bf:7e:8f:fc:85:89:57:b7:a4:1b:4f:fe:09:40:
f5:34:96:5b:da:3d:ce:61:84:35:4b:af:00:34:8e:57:c4:da:
dd:33:ff:4a:6c:23:74:c8:ab:33:ed:ad:34:eb:73:6f:41:08:
b3:d5:b7:c3:76:cf:61:77:71:f0:5a:e7:1c:43:dd:56:8e:35:
1c:dd:1e:85:f3:ec:d3:65:9e:d1:38:6e:77:02:88:01:ea:65:
c2:5b:fb:8b:56:c6:94:49:65:ca:88:ae:ab:79:5e:9c:25:31:
e1:59:1a:80:32:70:c0:2d:5b:c0:a6:fb:f1:95:75:07:5c:e0:
63:44:46:1e:bb:07:e4:36:fd:01:ee:7a:ec:06:24:7d:5d:19:
b4:14:f8:86:a1:91:44:79:a4:d4:d0:66:2b:bf:c6:6e:87:63:
4c:b2:3e:d2:4a:0a:e2:3a:30:19:a2:d4:79:ca:72:aa:ca:2b:
6d:62:d9:72:bb:cb:b8:82:67:4a:10:e9:b8:d4:cb:77:82:59:
7d:65:8f:ad
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+5PNaC1ifOqtp79Oef69+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI3MDg0ODQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTY4ODYzMzIwNWYwNDNlY2EzMjc3YjdjZjMxOTc1YTNmODgwYjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxRTkzpWIzDVA09G2iWgoSNpEuTF
2xvJqnTuoZvqo148XdV+ozqe44JD2sAD9Z2/3dgXxIpofFSw4Ir/v6V9lmNWi/J+
rtknmFFHyitD2GRaXDL7Ymcf0kE5PtTh8sIa3BjdNNYwXv4Hv5l/T9/BvZiUYa/c
mx3lnMLZW+AbqUYg4NRfNoj/jg/y/yfbseeVBsSxffwJaepvXYRnyuPIdJyi1ZZd
e9UH3dkzkQEZHVHEpyk4h/uuDF6nTpJjenB8RtBSCocd6jnd6c9V+h59wKXlQPP+
6aubp3y6U3sMmDk1R49b8I+6/t46tuVvPKOhlx4ljb+LEU6GGuPBH0ygVQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMpohjMgXwQ+yjJ3t88xl1o/iAsTMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveW1pR015QmZCRDdLTW5lM3p6R1hXai1JQ3hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdWSAwQA
bbD9MA0GCSqGSIb3DQEBCwUAA4IBAQAO7Gt84i/jJsMQXuwmWb+/V4WUkBmQDxJQ
ihYnJPQ3cwA5I+7ik9Eh+U5YRpP5bW7OuRKMKNZAoVpjv36P/IWJV7ekG0/+CUD1
NJZb2j3OYYQ1S68ANI5XxNrdM/9KbCN0yKsz7a0063NvQQiz1bfDds9hd3HwWucc
Q91WjjUc3R6F8+zTZZ7ROG53AogB6mXCW/uLVsaUSWXKiK6reV6cJTHhWRqAMnDA
LVvApvvxlXUHXOBjREYeuwfkNv0B7nrsBiR9XRm0FPiGoZFEeaTU0GYrv8Zuh2NM
sj7SSgriOjAZotR5ynKqyittYtlyu8u4gmdKEOm41Mt3gll9ZY+t
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:33:42 2025 by rpki-client