Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/F9lO3LchkGWQV6Tsa7bCroZJHpk.roa
File: F9lO3LchkGWQV6Tsa7bCroZJHpk.roa (raw, json)
Hash identifier: hTnxyZfdGDFCzGDr7cSUvRjWL5rojDXvqZ1nup7jH3A=
Subject key identifier: 17:D9:4E:DC:B7:21:90:65:90:57:A4:EC:6B:B6:C2:AE:86:49:1E:99
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 0190744860DCEADCB82464761C6C69782DD2
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/F9lO3LchkGWQV6Tsa7bCroZJHpk.roa
Signing time: Tue 02 Jul 2024 16:30:18 +0000
ROA not before: Tue 02 Jul 2024 16:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208308
IP address blocks: 192.109.205.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 19 Sep 2024 15:26:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:74:48:60:dc:ea:dc:b8:24:64:76:1c:6c:69:78:2d:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jul 2 16:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17d94edcb72190659057a4ec6bb6c2ae86491e99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e6:1d:3c:70:e2:16:4b:18:22:3b:53:45:a6:
2a:0a:52:33:2e:8d:1e:bb:95:99:16:a9:84:63:24:
9d:98:09:10:61:59:1d:2c:84:b5:45:0d:5c:b8:34:
4f:6b:7e:be:bd:b9:36:97:e4:c7:6e:80:ff:ea:db:
fa:20:62:e1:3e:73:e6:75:7a:c4:1f:db:75:18:a6:
8f:8c:3d:97:a5:6d:9b:e3:e7:16:04:f6:53:8b:1d:
60:43:3d:7e:de:20:0d:6f:37:ff:4d:b1:78:27:15:
ae:f5:dc:97:fb:82:ec:42:5f:a1:c9:5c:41:b7:0b:
ef:98:61:eb:9c:05:e8:82:99:b4:55:ef:f0:66:19:
a8:72:60:20:d9:02:1d:df:6c:65:5e:0c:a6:01:be:
e9:38:86:71:ec:86:a6:ce:94:6e:07:5d:51:20:d7:
f5:a1:6b:f1:e7:21:3c:f4:51:e2:99:35:db:93:86:
13:b7:83:9d:a5:0a:87:83:91:68:65:ff:19:86:e6:
c3:0a:5a:3c:d6:02:d7:18:cf:cf:dd:5c:61:a8:f2:
8d:08:f9:a5:1f:67:f3:98:97:9a:aa:ff:bf:b1:ac:
f1:97:7a:94:63:f8:20:f3:92:01:84:0a:27:7f:84:
33:a3:ec:0a:a4:5f:8a:d1:28:dc:21:71:40:b2:11:
ce:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:D9:4E:DC:B7:21:90:65:90:57:A4:EC:6B:B6:C2:AE:86:49:1E:99
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/F9lO3LchkGWQV6Tsa7bCroZJHpk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.205.0/24
Signature Algorithm: sha256WithRSAEncryption
95:c2:6e:35:2a:b8:3a:40:3b:99:f3:0d:48:06:62:17:48:c0:
7c:99:2c:eb:fb:85:8c:0c:96:a4:12:22:bb:80:9b:6e:68:0e:
7c:cd:57:cf:26:be:d2:00:c2:e4:c7:1b:90:02:36:ab:5d:5c:
89:f2:a9:c5:3e:6e:7b:81:0f:4f:94:de:20:3d:4c:72:e8:6a:
2b:24:87:2a:69:f2:22:d8:81:50:50:de:8c:2e:20:9d:be:df:
1b:73:fc:a4:4c:01:57:6c:e3:d8:5d:58:30:a4:35:68:b3:94:
cc:83:2f:2c:cd:0d:f9:8c:3f:f6:84:28:90:a0:dd:3a:f4:da:
4c:d7:94:9f:54:4f:8f:e0:c5:54:63:5d:a5:a2:51:fb:ec:b7:
47:0e:98:91:5e:2b:79:6a:74:f1:1d:0d:d5:19:90:9d:95:e8:
75:4f:15:14:ed:e7:f3:27:c3:c1:71:ae:54:54:4c:a5:7b:97:
1a:71:6c:d3:f4:94:51:3c:6c:2c:6c:a6:a7:b8:56:f1:a2:da:
bc:6a:ff:92:42:9b:0c:a6:57:e2:3e:4e:87:04:3f:a6:35:1a:
81:34:2e:18:49:06:f6:29:c6:c8:0d:51:40:26:66:3f:4d:85:
eb:1c:f3:3b:c9:e5:6d:83:46:5e:41:5c:13:37:10:e4:f8:6d:
e4:94:1c:cb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZB0SGDc6ty4JGR2HGxpeC3SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwNzAyMTYzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2Q5NGVkY2I3MjE5MDY1OTA1N2E0ZWM2YmI2YzJhZTg2NDkxZTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+YdPHDiFksYIjtTRaYqClIzLo0e
u5WZFqmEYySdmAkQYVkdLIS1RQ1cuDRPa36+vbk2l+THboD/6tv6IGLhPnPmdXrE
H9t1GKaPjD2XpW2b4+cWBPZTix1gQz1+3iANbzf/TbF4JxWu9dyX+4LsQl+hyVxB
twvvmGHrnAXogpm0Ve/wZhmocmAg2QId32xlXgymAb7pOIZx7IamzpRuB11RINf1
oWvx5yE89FHimTXbk4YTt4OdpQqHg5FoZf8ZhubDClo81gLXGM/P3VxhqPKNCPml
H2fzmJeaqv+/sazxl3qUY/gg85IBhAonf4Qzo+wKpF+K0SjcIXFAshHOpwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBfZTty3IZBlkFek7Gu2wq6GSR6ZMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvRjlsTzNMY2hrR1dRVjZUc2E3YkNyb1pKSHBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwG3NMA0G
CSqGSIb3DQEBCwUAA4IBAQCVwm41Krg6QDuZ8w1IBmIXSMB8mSzr+4WMDJakEiK7
gJtuaA58zVfPJr7SAMLkxxuQAjarXVyJ8qnFPm57gQ9PlN4gPUxy6GorJIcqafIi
2IFQUN6MLiCdvt8bc/ykTAFXbOPYXVgwpDVos5TMgy8szQ35jD/2hCiQoN069NpM
15SfVE+P4MVUY12lolH77LdHDpiRXit5anTxHQ3VGZCdleh1TxUU7efzJ8PBca5U
VEyle5cacWzT9JRRPGwsbKanuFbxotq8av+SQpsMplfiPk6HBD+mNRqBNC4YSQb2
KcbIDVFAJmY/TYXrHPM7yeVtg0ZeQVwTNxDk+G3klBzL
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:01 2025 by rpki-client