Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9m8LDZb4UX7HHJNCSM11ApHusYo.roa
File: 9m8LDZb4UX7HHJNCSM11ApHusYo.roa (raw, json)
Hash identifier: VYccZpxh+8bFrBChdGrZCOKbbfMRWsy6daz9T22+Oos=
Subject key identifier: F6:6F:0B:0D:96:F8:51:7E:C7:1C:93:42:48:CD:75:02:91:EE:B1:8A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018EC6FADC997937FBF664D94E351175C038
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9m8LDZb4UX7HHJNCSM11ApHusYo.roa
Signing time: Wed 10 Apr 2024 07:48:32 +0000
ROA not before: Wed 10 Apr 2024 07:48:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 109.176.204.0/22 maxlen: 22
213.130.132.0/22 maxlen: 22
213.210.52.0/22 maxlen: 22
213.218.244.0/22 maxlen: 22
217.145.72.0/21 maxlen: 22
Validation: Failed, certificate revoked on Thu 02 May 2024 08:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c6:fa:dc:99:79:37:fb:f6:64:d9:4e:35:11:75:c0:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 10 07:48:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f66f0b0d96f8517ec71c934248cd750291eeb18a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c3:9c:ec:86:0e:a6:77:d9:ad:c7:a6:0d:7b:
34:7f:36:2b:12:da:ef:bb:75:9f:83:80:bd:44:da:
d1:6d:3a:ac:a5:0b:8a:2c:f7:7a:85:a0:a6:8b:55:
35:12:5d:34:11:bd:5b:77:54:0d:31:20:9e:ad:2c:
c1:9e:13:49:eb:f2:25:f7:ef:ed:6c:b0:73:4e:ea:
92:3b:89:fe:66:f9:dc:e9:ad:d6:d5:c5:90:b1:f0:
62:8e:c9:9a:bc:46:e4:9c:e7:2b:ab:a5:4d:d8:5d:
77:a1:e5:89:e5:8d:7a:aa:bc:3d:af:d2:10:ff:fc:
b7:5c:06:b0:2b:ed:8a:a5:8c:5c:42:51:cf:a7:ec:
79:b4:2e:45:ba:f9:fb:50:e9:b8:17:0b:ed:b3:64:
54:1d:86:73:fd:43:38:39:58:30:8f:e5:8c:2e:81:
7c:39:56:8f:03:bc:ae:34:c9:0a:fb:11:6f:b4:58:
85:3c:a6:ba:83:ae:54:24:52:30:d7:d5:6d:e0:24:
a6:04:0b:cb:c0:08:97:61:c5:f3:4d:52:61:2a:06:
93:92:ad:65:87:55:3a:0c:ce:ce:40:b3:50:68:fa:
88:ad:36:3b:13:76:d5:7f:18:19:c9:cf:db:53:3c:
ff:00:97:4e:24:0e:72:3f:7a:94:62:ce:c5:10:7f:
9d:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:6F:0B:0D:96:F8:51:7E:C7:1C:93:42:48:CD:75:02:91:EE:B1:8A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9m8LDZb4UX7HHJNCSM11ApHusYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.204.0/22
213.130.132.0/22
213.210.52.0/22
213.218.244.0/22
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
9c:80:69:78:fe:a9:5d:86:97:b6:fd:e5:5b:73:ff:c6:7e:a7:
f1:27:b5:27:e6:7d:ac:fe:61:12:97:83:02:6e:0f:53:ef:b2:
e9:59:36:b0:24:d9:30:ba:79:38:8a:4d:3f:a5:26:a7:a8:4d:
4c:79:94:28:13:eb:5d:5a:d3:97:c4:50:aa:ff:7e:77:69:9f:
ad:2b:31:f8:d2:ac:66:61:3e:02:42:6f:0d:7e:5d:98:ea:63:
7c:28:14:18:2c:f3:ec:5a:52:eb:ca:ad:4a:9d:1d:34:5f:3f:
da:52:3f:18:8b:77:c6:43:50:19:a6:63:f7:f7:28:8f:de:80:
f3:1e:51:37:6f:5a:0e:26:e1:06:44:d2:31:67:40:5d:5c:fc:
14:85:45:77:9e:af:83:32:6a:e1:b8:85:db:cf:0b:c2:4d:68:
fc:8d:12:4d:01:00:35:4f:8a:fe:89:f7:08:e6:22:f7:78:e3:
de:f5:6e:1a:1a:32:0e:3b:d7:f2:52:69:74:94:47:19:00:71:
01:0c:33:5a:f0:3e:de:3c:12:93:58:55:b9:d2:2a:52:7a:50:
a4:56:f0:96:dc:32:82:ff:56:6a:b4:b6:ba:b0:f9:16:87:59:
f4:79:ca:34:fd:7b:24:8c:52:12:e0:2b:95:ea:1c:50:9c:9b:
d6:54:da:3c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7G+tyZeTf79mTZTjURdcA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDEwMDc0ODMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjZmMGIwZDk2Zjg1MTdlYzcxYzkzNDI0OGNkNzUwMjkxZWViMThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvMOc7IYOpnfZrcemDXs0fzYrEtrv
u3Wfg4C9RNrRbTqspQuKLPd6haCmi1U1El00Eb1bd1QNMSCerSzBnhNJ6/Il9+/t
bLBzTuqSO4n+Zvnc6a3W1cWQsfBijsmavEbknOcrq6VN2F13oeWJ5Y16qrw9r9IQ
//y3XAawK+2KpYxcQlHPp+x5tC5Fuvn7UOm4Fwvts2RUHYZz/UM4OVgwj+WMLoF8
OVaPA7yuNMkK+xFvtFiFPKa6g65UJFIw19Vt4CSmBAvLwAiXYcXzTVJhKgaTkq1l
h1U6DM7OQLNQaPqIrTY7E3bVfxgZyc/bUzz/AJdOJA5yP3qUYs7FEH+dfQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPZvCw2W+FF+xxyTQkjNdQKR7rGKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOW04TERaYjRVWDdISEpOQ1NNMTFBcEh1c1lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCbbDMAwQC
1YKEAwQC1dI0AwQC1dr0AwQD2ZFIMA0GCSqGSIb3DQEBCwUAA4IBAQCcgGl4/qld
hpe2/eVbc//GfqfxJ7Un5n2s/mESl4MCbg9T77LpWTawJNkwunk4ik0/pSanqE1M
eZQoE+tdWtOXxFCq/353aZ+tKzH40qxmYT4CQm8Nfl2Y6mN8KBQYLPPsWlLryq1K
nR00Xz/aUj8Yi3fGQ1AZpmP39yiP3oDzHlE3b1oOJuEGRNIxZ0BdXPwUhUV3nq+D
MmrhuIXbzwvCTWj8jRJNAQA1T4r+ifcI5iL3eOPe9W4aGjIOO9fyUml0lEcZAHEB
DDNa8D7ePBKTWFW50ipSelCkVvCW3DKC/1ZqtLa6sPkWh1n0eco0/XskjFIS4CuV
6hxQnJvWVNo8
-----END CERTIFICATE-----
Generated at Thu May 2 11:40:20 2024 by rpki-client on console-ams.rpki-client.org