Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7XTmAhaK5lSr98ujOe1zrH3xYY8.roa
File: 7XTmAhaK5lSr98ujOe1zrH3xYY8.roa (raw, json)
Hash identifier: Q8/1CyN7GgVckGP6MZGMb6m83bUHvD6H5pa9Mb4c8kk=
Subject key identifier: ED:74:E6:02:16:8A:E6:54:AB:F7:CB:A3:39:ED:73:AC:7D:F1:61:8F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01967B8F9A773DC0C35FF44A7C1729BBAACC
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7XTmAhaK5lSr98ujOe1zrH3xYY8.roa
Signing time: Mon 28 Apr 2025 08:42:10 +0000
ROA not before: Mon 28 Apr 2025 08:42:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202364
IP address blocks: 89.213.192.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 15:53:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:8f:9a:77:3d:c0:c3:5f:f4:4a:7c:17:29:bb:aa:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 28 08:42:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed74e602168ae654abf7cba339ed73ac7df1618f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:a2:49:00:ea:7f:68:c0:ec:04:f7:7f:f6:e5:
db:8a:49:9e:30:d0:e6:5f:89:b5:47:e9:12:87:3a:
9f:1b:22:a6:ff:f2:5a:b4:de:5d:b0:2c:83:30:a0:
b1:0b:cf:eb:54:51:96:dd:ac:53:3e:6e:8f:99:2a:
2e:49:b7:6e:89:e2:5a:1a:e2:5b:43:11:01:86:c6:
48:02:04:3b:f9:9a:fb:9f:2e:59:5b:5b:8a:cb:56:
dc:64:da:1d:3a:bf:4f:d6:eb:4f:fc:ad:57:8e:03:
fa:60:96:2c:80:70:70:b9:d0:6a:c5:2c:59:cf:77:
f6:2f:7e:c3:f5:ad:e2:64:40:dd:d2:32:28:f8:46:
de:fc:03:03:39:11:0c:df:ad:a3:14:77:e9:ff:45:
2f:02:42:24:6a:4f:b6:7e:0d:ae:51:a8:bd:8e:f4:
4e:a1:54:2e:f1:4d:7b:53:d3:7e:91:1e:3a:89:27:
a9:fb:37:0b:3f:78:92:0b:0b:3b:fe:52:04:aa:cf:
cb:eb:0f:a0:9d:95:b8:e8:0b:ad:04:72:ac:a2:5b:
da:77:da:ca:8b:f0:03:57:48:4f:83:ab:85:00:97:
99:48:f6:c4:a1:39:06:6b:2d:46:d5:ec:68:b6:ee:
49:5c:e2:3c:81:d1:a8:84:a3:af:96:9e:b9:29:89:
60:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:74:E6:02:16:8A:E6:54:AB:F7:CB:A3:39:ED:73:AC:7D:F1:61:8F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7XTmAhaK5lSr98ujOe1zrH3xYY8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.192.0/24
89.213.224.0/24
Signature Algorithm: sha256WithRSAEncryption
09:ee:3c:2b:56:bd:d0:a7:30:98:27:9a:16:c3:ad:58:ec:12:
9a:5c:8d:6b:06:59:23:7d:23:3b:db:0b:6e:02:d1:13:4e:b1:
ab:9e:11:48:8b:51:8c:7a:08:8f:ff:21:24:91:ba:1f:e2:12:
d5:e9:92:4d:20:5e:23:b1:10:02:f5:51:c0:b4:34:15:4a:49:
03:6f:d6:57:d2:bd:9a:cd:c0:61:fe:9b:3b:07:dd:51:11:20:
8c:cd:89:5c:07:a9:8a:a3:91:ac:b2:1f:c8:36:c5:f1:71:2c:
20:3c:c7:67:0c:ec:aa:43:1d:5f:ef:25:56:3b:d1:57:f6:f1:
a2:2e:30:cc:a4:17:f0:8e:ec:06:33:2c:4e:ab:f9:e5:cd:80:
22:c2:9b:ba:db:15:43:af:92:0e:36:ba:3f:ff:d9:05:51:38:
a2:ba:9f:7f:d4:35:5f:11:25:2e:11:30:82:37:dc:41:58:c3:
0a:9f:2c:06:e6:53:ca:ee:36:e5:98:24:e2:38:66:df:bf:ee:
47:d8:86:b3:58:65:a5:ee:65:2f:e8:dd:cb:9a:a1:fb:65:8f:
e2:da:bc:5d:46:d7:36:1f:7b:36:25:2b:cf:03:19:78:8f:45:
44:d3:0a:2a:79:66:f0:eb:dc:04:65:b1:3e:56:73:af:16:cb:
af:0e:b2:cc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZZ7j5p3PcDDX/RKfBcpu6rMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDI4MDg0MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDc0ZTYwMjE2OGFlNjU0YWJmN2NiYTMzOWVkNzNhYzdkZjE2MThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyaJJAOp/aMDsBPd/9uXbikmeMNDm
X4m1R+kShzqfGyKm//JatN5dsCyDMKCxC8/rVFGW3axTPm6PmSouSbduieJaGuJb
QxEBhsZIAgQ7+Zr7ny5ZW1uKy1bcZNodOr9P1utP/K1XjgP6YJYsgHBwudBqxSxZ
z3f2L37D9a3iZEDd0jIo+Ebe/AMDOREM362jFHfp/0UvAkIkak+2fg2uUai9jvRO
oVQu8U17U9N+kR46iSep+zcLP3iSCws7/lIEqs/L6w+gnZW46AutBHKsolvad9rK
i/ADV0hPg6uFAJeZSPbEoTkGay1G1exotu5JXOI8gdGohKOvlp65KYlgdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFO105gIWiuZUq/fLozntc6x98WGPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN1hUbUFoYUs1bFNyOTh1ak9lMXpySDN4WVk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWdXAAwQA
WdXgMA0GCSqGSIb3DQEBCwUAA4IBAQAJ7jwrVr3QpzCYJ5oWw61Y7BKaXI1rBlkj
fSM72wtuAtETTrGrnhFIi1GMegiP/yEkkbof4hLV6ZJNIF4jsRAC9VHAtDQVSkkD
b9ZX0r2azcBh/ps7B91RESCMzYlcB6mKo5Gssh/INsXxcSwgPMdnDOyqQx1f7yVW
O9FX9vGiLjDMpBfwjuwGMyxOq/nlzYAiwpu62xVDr5IONro//9kFUTiiup9/1DVf
ESUuETCCN9xBWMMKnywG5lPK7jblmCTiOGbfv+5H2IazWGWl7mUv6N3LmqH7ZY/i
2rxdRtc2H3s2JSvPAxl4j0VE0woqeWbw69wEZbE+VnOvFsuvDrLM
-----END CERTIFICATE-----
Generated at Sat May 17 02:28:12 2025 by rpki-client