Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/68aVZuqpjmHeodPX6L3Ttc5oiM4.roa
File: 68aVZuqpjmHeodPX6L3Ttc5oiM4.roa (raw, json)
Hash identifier: a5NN3q//959G/FApSuuxUkb3K0a5dUm97HJGCy+MpAk=
Subject key identifier: EB:C6:95:66:EA:A9:8E:61:DE:A1:D3:D7:E8:BD:D3:B5:CE:68:88:CE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019624B899824726AFE9924A39C892DB299F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/68aVZuqpjmHeodPX6L3Ttc5oiM4.roa
Signing time: Fri 11 Apr 2025 11:59:59 +0000
ROA not before: Fri 11 Apr 2025 11:59:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212868
IP address blocks: 89.213.196.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Apr 2025 07:17:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:24:b8:99:82:47:26:af:e9:92:4a:39:c8:92:db:29:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 11 11:59:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebc69566eaa98e61dea1d3d7e8bdd3b5ce6888ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:66:52:59:10:32:c0:cd:00:9d:b2:cf:d1:2f:
d4:46:1f:85:75:dc:2b:94:04:85:94:f7:70:d6:23:
e0:74:b7:f2:1f:17:84:7b:3e:96:21:cc:2a:55:f8:
c9:c0:b3:0a:8c:25:2b:0c:3d:a0:9a:2b:af:3c:30:
a1:6b:04:40:74:3c:0b:47:00:26:af:ee:9e:79:15:
00:0d:1f:f2:8c:5f:a8:16:fa:6f:4c:36:62:fe:f1:
67:e6:4a:b9:12:c3:f9:e7:64:7c:85:da:06:98:87:
b2:96:c2:9c:57:78:d9:7e:88:22:d5:8b:89:2e:c0:
9d:a5:93:6a:20:e1:dc:32:f4:c8:9c:d0:f5:42:9a:
73:8a:66:b2:9c:de:c5:a1:f9:c0:5e:87:e3:77:90:
34:ac:35:73:69:5b:db:e9:df:c9:45:f5:da:33:f7:
73:8d:2c:0e:18:16:d2:4f:da:69:43:08:53:9a:81:
78:4d:67:55:d4:43:ca:29:ee:88:71:4b:f5:8d:ba:
0d:19:ff:ee:d3:fa:6c:66:cd:59:22:31:fd:7a:e2:
24:83:0f:c4:58:9f:c5:7f:03:2c:a4:82:ae:2f:81:
0e:45:55:a8:ab:61:b3:bc:a0:33:3e:ce:25:9a:e4:
b8:27:6f:51:96:64:ca:70:20:c5:36:e9:db:0f:35:
ac:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:C6:95:66:EA:A9:8E:61:DE:A1:D3:D7:E8:BD:D3:B5:CE:68:88:CE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/68aVZuqpjmHeodPX6L3Ttc5oiM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.196.0/24
Signature Algorithm: sha256WithRSAEncryption
83:9b:af:40:a3:79:2a:f7:84:2a:8b:d0:95:3d:17:d4:e7:05:
f3:c6:1a:fd:f4:6e:e1:c5:02:54:23:70:89:cc:0a:9a:60:f3:
18:09:83:f9:27:7c:84:7d:82:9c:96:a7:86:3b:16:76:39:b4:
e5:6d:c8:7e:26:bb:25:dd:38:bc:73:74:bd:5e:7a:0b:0a:b1:
f7:f8:d4:9b:26:5e:8e:ca:46:b3:17:87:34:8f:c1:d1:c4:f4:
3e:8a:93:da:ef:ec:31:a8:4a:d3:c3:ce:fc:17:2d:57:ee:e3:
63:cf:c3:11:46:cf:10:86:4b:94:28:6c:19:8f:22:c2:0a:6c:
8b:71:ec:3a:f2:01:22:5c:f7:71:14:98:ff:95:3f:74:be:37:
dc:79:cd:87:c8:07:e2:c5:6e:ed:54:44:43:d1:97:46:51:e1:
9c:b0:f4:7c:7e:12:c0:90:a3:0b:cb:fc:ae:4d:16:1b:ff:e6:
93:61:d2:21:f4:1a:fa:1a:b5:a6:79:95:a9:9e:0e:e5:65:30:
2f:08:38:71:43:23:3c:ac:7d:64:15:f4:bf:59:a5:2b:f4:80:
55:82:1d:65:36:7f:70:a8:c4:ac:c3:37:c5:aa:14:9b:78:99:
cc:da:a4:32:38:31:9a:14:77:dc:94:54:77:61:47:02:f8:06:
bf:c8:30:c3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYkuJmCRyav6ZJKOciS2ymfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNDExMTE1OTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmM2OTU2NmVhYTk4ZTYxZGVhMWQzZDdlOGJkZDNiNWNlNjg4OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWZSWRAywM0AnbLP0S/URh+Fddwr
lASFlPdw1iPgdLfyHxeEez6WIcwqVfjJwLMKjCUrDD2gmiuvPDChawRAdDwLRwAm
r+6eeRUADR/yjF+oFvpvTDZi/vFn5kq5EsP552R8hdoGmIeylsKcV3jZfogi1YuJ
LsCdpZNqIOHcMvTInND1QppzimaynN7FofnAXofjd5A0rDVzaVvb6d/JRfXaM/dz
jSwOGBbST9ppQwhTmoF4TWdV1EPKKe6IcUv1jboNGf/u0/psZs1ZIjH9euIkgw/E
WJ/FfwMspIKuL4EORVWoq2GzvKAzPs4lmuS4J29RlmTKcCDFNunbDzWsDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOvGlWbqqY5h3qHT1+i907XOaIjOMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNjhhVlp1cXBqbUhlb2RQWDZMM1R0YzVvaU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdXEMA0G
CSqGSIb3DQEBCwUAA4IBAQCDm69Ao3kq94Qqi9CVPRfU5wXzxhr99G7hxQJUI3CJ
zAqaYPMYCYP5J3yEfYKclqeGOxZ2ObTlbch+Jrsl3Ti8c3S9XnoLCrH3+NSbJl6O
ykazF4c0j8HRxPQ+ipPa7+wxqErTw878Fy1X7uNjz8MRRs8QhkuUKGwZjyLCCmyL
cew68gEiXPdxFJj/lT90vjfcec2HyAfixW7tVERD0ZdGUeGcsPR8fhLAkKMLy/yu
TRYb/+aTYdIh9Br6GrWmeZWpng7lZTAvCDhxQyM8rH1kFfS/WaUr9IBVgh1lNn9w
qMSswzfFqhSbeJnM2qQyODGaFHfclFR3YUcC+Aa/yDDD
-----END CERTIFICATE-----
Generated at Wed Apr 30 13:34:01 2025 by rpki-client