Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CXsO4fmiIL8OE5E6Jv2qTslZHWA.roa
File: CXsO4fmiIL8OE5E6Jv2qTslZHWA.roa (raw, json)
Hash identifier: n+uDwSJRLfg6ijbxCi+5kgBdRy90g4eNYkQRW18+xXw=
Subject key identifier: 09:7B:0E:E1:F9:A2:20:BF:0E:13:91:3A:26:FD:AA:4E:C9:59:1D:60
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01938BC8C37F3D04B372A40C76123B495C9C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CXsO4fmiIL8OE5E6Jv2qTslZHWA.roa
Signing time: Tue 03 Dec 2024 09:10:10 +0000
ROA not before: Tue 03 Dec 2024 09:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215269
IP address blocks: 89.213.45.0/24 maxlen: 24
89.213.49.0/24 maxlen: 24
89.213.51.0/24 maxlen: 24
109.176.254.0/23 maxlen: 24
Validation: Failed, certificate revoked on Sun 08 Dec 2024 13:11:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8b:c8:c3:7f:3d:04:b3:72:a4:0c:76:12:3b:49:5c:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 3 09:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=097b0ee1f9a220bf0e13913a26fdaa4ec9591d60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:52:06:6e:42:a4:83:82:fc:c5:2a:c1:3a:85:
7a:8e:a8:73:54:63:6f:16:16:53:35:fc:92:ce:8e:
d8:48:f0:01:c6:99:5a:67:e5:e3:91:3c:89:f0:7f:
87:9e:d8:b8:e2:76:6c:ba:41:d8:d4:ff:20:10:1d:
94:00:fe:2a:a1:5a:03:7f:fa:15:d4:4f:2e:9f:da:
16:4c:a7:4a:2e:04:10:db:a0:ec:88:44:f0:5c:a0:
d3:43:f1:a8:6b:5b:cd:48:4a:95:a9:c2:d3:11:a5:
e8:6b:9b:dc:0c:35:2e:1a:30:f6:17:8e:c7:16:69:
84:bc:27:0a:97:c7:ab:91:6e:dc:b4:36:b8:7e:87:
c7:39:43:46:31:36:22:12:80:0f:1e:ed:93:8b:17:
4e:d7:df:6e:59:60:5c:f4:d1:08:44:c2:15:61:14:
69:a4:49:94:02:62:69:02:91:4b:a1:f3:98:74:cd:
a3:0a:bc:0a:34:30:b3:0a:8b:0a:c5:28:1d:6b:21:
57:c8:9a:37:4f:0a:ef:b4:31:d6:49:20:15:1f:c2:
f5:62:40:df:d3:92:b4:78:ea:3b:71:7a:39:69:6a:
0c:ef:d0:67:b5:d9:81:b3:4d:8c:fd:ad:e9:70:f6:
75:f8:1c:01:c8:81:75:6b:77:d9:7a:0f:d7:c4:5e:
52:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:7B:0E:E1:F9:A2:20:BF:0E:13:91:3A:26:FD:AA:4E:C9:59:1D:60
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CXsO4fmiIL8OE5E6Jv2qTslZHWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.45.0/24
89.213.49.0/24
89.213.51.0/24
109.176.254.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:e1:52:75:21:9b:dc:f3:97:ba:1d:41:c8:7f:03:75:7f:eb:
0e:f4:7d:44:d7:8e:d8:9c:46:8f:64:a4:5a:05:06:c7:dc:3f:
fe:37:79:4b:72:2c:4f:e6:72:ec:ed:5b:f3:15:74:f0:74:b5:
a8:c0:a5:1d:b9:c7:cd:10:f2:8e:4b:3b:31:fc:d0:f2:ad:37:
71:19:bc:48:43:57:a4:fc:56:03:b3:dd:59:0d:92:a9:5c:39:
6a:af:fe:47:8a:73:c9:14:c5:ce:04:33:ca:96:2a:c9:43:8f:
a8:e8:88:cc:73:a8:b7:35:65:a0:23:19:22:50:12:f3:56:73:
13:2b:44:49:85:4f:d2:50:d0:e0:b9:37:5c:03:4b:3b:25:da:
2f:56:dc:ce:cb:a6:2d:7d:6f:80:9d:15:14:da:29:30:49:9d:
f8:85:bc:f5:27:ec:8a:b3:a0:72:a9:6b:51:b8:be:0c:af:5a:
1e:6b:4d:d5:8c:ec:47:cd:23:cc:ce:0e:96:0d:42:de:26:d0:
e3:ac:ad:1b:9d:e7:b6:1c:a7:24:e4:40:b4:fc:a8:19:4e:2e:
b0:77:67:16:56:bb:e2:03:75:12:46:d4:cd:ab:18:7e:01:7e:
54:d4:1b:aa:d2:47:58:f0:1f:0a:4c:66:b8:50:9d:8b:74:70:
59:a3:39:26
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZOLyMN/PQSzcqQMdhI7SVycMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjAzMDkxMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOTdiMGVlMWY5YTIyMGJmMGUxMzkxM2EyNmZkYWE0ZWM5NTkxZDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyVIGbkKkg4L8xSrBOoV6jqhzVGNv
FhZTNfySzo7YSPABxplaZ+XjkTyJ8H+Hnti44nZsukHY1P8gEB2UAP4qoVoDf/oV
1E8un9oWTKdKLgQQ26DsiETwXKDTQ/Goa1vNSEqVqcLTEaXoa5vcDDUuGjD2F47H
FmmEvCcKl8erkW7ctDa4fofHOUNGMTYiEoAPHu2TixdO199uWWBc9NEIRMIVYRRp
pEmUAmJpApFLofOYdM2jCrwKNDCzCosKxSgdayFXyJo3TwrvtDHWSSAVH8L1YkDf
05K0eOo7cXo5aWoM79BntdmBs02M/a3pcPZ1+BwByIF1a3fZeg/XxF5S3QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAl7DuH5oiC/DhOROib9qk7JWR1gMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ1hzTzRmbWlJTDhPRTVFNkp2MnFUc2xaSFdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWdUtAwQA
WdUxAwQAWdUzAwQBbbD+MA0GCSqGSIb3DQEBCwUAA4IBAQBu4VJ1IZvc85e6HUHI
fwN1f+sO9H1E147YnEaPZKRaBQbH3D/+N3lLcixP5nLs7VvzFXTwdLWowKUducfN
EPKOSzsx/NDyrTdxGbxIQ1ek/FYDs91ZDZKpXDlqr/5HinPJFMXOBDPKlirJQ4+o
6IjMc6i3NWWgIxkiUBLzVnMTK0RJhU/SUNDguTdcA0s7JdovVtzOy6YtfW+AnRUU
2ikwSZ34hbz1J+yKs6ByqWtRuL4Mr1oea03VjOxHzSPMzg6WDULeJtDjrK0bnee2
HKck5EC0/KgZTi6wd2cWVrviA3USRtTNqxh+AX5U1Buq0kdY8B8KTGa4UJ2LdHBZ
ozkm
-----END CERTIFICATE-----
Generated at Sat May 17 02:12:43 2025 by rpki-client