Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/6b7c3d-84cc-4c70-bc6f-9e544d246fd7/1/mOo3dbT3SFkgqIujPwAQLiHcSCk.roa
File: mOo3dbT3SFkgqIujPwAQLiHcSCk.roa (raw, json)
Hash identifier: 0q+JFsHUIWPT5Zj5haDEmLTxnkt+JIzN4RlQMTCZ3js=
Subject key identifier: 98:EA:37:75:B4:F7:48:59:20:A8:8B:A3:3F:00:10:2E:21:DC:48:29
Certificate issuer: /CN=f920755bf67ba7d7b4d3d001027604ea29b23ed1
Certificate serial: 0193CA5F98ABBE9CE1609A0AB45850CD5016
Authority key identifier: F9:20:75:5B:F6:7B:A7:D7:B4:D3:D0:01:02:76:04:EA:29:B2:3E:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-SB1W_Z7p9e009ABAnYE6imyPtE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/6b7c3d-84cc-4c70-bc6f-9e544d246fd7/1/mOo3dbT3SFkgqIujPwAQLiHcSCk.roa
Signing time: Sun 15 Dec 2024 12:51:22 +0000
ROA not before: Sun 15 Dec 2024 12:51:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204179
IP address blocks: 109.74.24.0/23 maxlen: 23
2a0d:41c0::/32 maxlen: 32
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:48:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:ca:5f:98:ab:be:9c:e1:60:9a:0a:b4:58:50:cd:50:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f920755bf67ba7d7b4d3d001027604ea29b23ed1
Validity
Not Before: Dec 15 12:51:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=98ea3775b4f7485920a88ba33f00102e21dc4829
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:72:ac:37:da:1c:9e:2a:b9:0d:7d:1b:3e:ee:
ec:e4:c8:22:c7:28:87:92:62:18:de:00:30:fd:a1:
52:80:37:40:63:8d:69:e8:43:f3:4d:fb:c3:11:1b:
45:17:71:6c:ae:9d:68:e0:2e:d9:a7:14:b9:ef:76:
a1:46:dd:5e:3c:09:4f:8f:0e:33:fc:67:18:b4:42:
14:ba:54:02:c8:27:d2:64:0b:89:0f:4a:79:01:b8:
65:64:62:99:a5:70:b3:e6:ed:b1:6b:e4:34:c9:a0:
56:7a:84:ce:d1:90:6a:52:a7:14:44:ba:7f:af:71:
2f:8a:1a:38:a2:d0:10:f2:6d:d9:15:65:7b:6e:07:
34:9f:c2:14:e9:6a:08:9b:e5:e5:8c:6e:01:5f:69:
dc:7d:e8:5c:34:fc:2d:7c:41:8d:92:6f:48:b7:57:
ec:b4:13:0f:aa:75:7e:ff:78:02:36:7d:9b:e4:81:
c3:e7:8a:db:cd:29:73:3a:dd:30:71:89:8a:0a:cf:
57:e4:19:4d:8c:eb:29:5d:c0:81:26:e6:39:b4:39:
dc:8a:76:b8:83:65:c0:da:64:7f:db:82:0a:38:eb:
23:55:17:cb:b9:59:82:4d:03:a0:5b:d5:e4:50:71:
6b:88:40:27:dd:58:03:8b:6c:ee:58:8f:1b:21:a7:
02:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:EA:37:75:B4:F7:48:59:20:A8:8B:A3:3F:00:10:2E:21:DC:48:29
X509v3 Authority Key Identifier:
keyid:F9:20:75:5B:F6:7B:A7:D7:B4:D3:D0:01:02:76:04:EA:29:B2:3E:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-SB1W_Z7p9e009ABAnYE6imyPtE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6b7c3d-84cc-4c70-bc6f-9e544d246fd7/1/mOo3dbT3SFkgqIujPwAQLiHcSCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/6b7c3d-84cc-4c70-bc6f-9e544d246fd7/1/1-SB1W_Z7p9e009ABAnYE6imyPtE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.74.24.0/23
IPv6:
2a0d:41c0::/32
Signature Algorithm: sha256WithRSAEncryption
c0:b8:56:97:84:1e:20:bb:9a:6c:f5:19:c4:9e:be:51:9e:1e:
62:3e:94:04:c6:3e:bc:d5:f4:70:bb:e5:5c:95:c4:f2:58:de:
ff:ff:f2:e2:51:7f:2f:b7:38:c6:af:c3:c6:ef:55:2f:9c:cf:
06:3e:e1:56:1a:db:b4:35:08:c7:4e:36:9c:09:ef:1c:77:db:
02:75:0b:23:a7:58:e6:b7:f9:10:5c:b7:ee:a1:bc:f8:b0:ad:
3b:c0:19:02:b2:83:83:48:b0:7b:91:a0:87:bb:11:89:1a:41:
74:73:c3:9f:b6:ed:d5:d1:83:36:2f:15:77:a1:cc:cd:3b:ae:
ec:ae:f1:d6:21:e5:00:21:e6:9c:05:bd:b5:10:dd:62:24:c8:
c4:06:21:71:08:38:15:6c:fd:c3:41:ee:2c:8d:36:dd:11:a5:
25:1b:41:64:22:68:a8:62:59:0c:ef:1c:3a:71:eb:25:e8:6e:
73:15:87:be:31:8a:9f:f7:a2:26:b9:a4:a8:20:83:64:41:d9:
a7:6b:f3:15:78:42:1a:14:e7:b0:d1:92:ea:3b:da:30:c0:07:
2b:83:a5:33:93:e0:5f:b9:9e:7f:ad:35:18:c6:29:e8:04:6a:
df:36:5f:7c:eb:45:8a:77:0d:01:84:4d:71:6a:75:c5:ed:6a:
6f:98:12:c8
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZPKX5irvpzhYJoKtFhQzVAWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MjA3NTViZjY3YmE3ZDdiNGQzZDAwMTAyNzYwNGVhMjli
MjNlZDEwHhcNMjQxMjE1MTI1MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OGVhMzc3NWI0Zjc0ODU5MjBhODhiYTMzZjAwMTAyZTIxZGM0ODI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHKsN9ocniq5DX0bPu7s5MgixyiH
kmIY3gAw/aFSgDdAY41p6EPzTfvDERtFF3Fsrp1o4C7ZpxS573ahRt1ePAlPjw4z
/GcYtEIUulQCyCfSZAuJD0p5AbhlZGKZpXCz5u2xa+Q0yaBWeoTO0ZBqUqcURLp/
r3Eviho4otAQ8m3ZFWV7bgc0n8IU6WoIm+XljG4BX2ncfehcNPwtfEGNkm9It1fs
tBMPqnV+/3gCNn2b5IHD54rbzSlzOt0wcYmKCs9X5BlNjOspXcCBJuY5tDncina4
g2XA2mR/24IKOOsjVRfLuVmCTQOgW9XkUHFriEAn3VgDi2zuWI8bIacCbwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFJjqN3W090hZIKiLoz8AEC4h3EgpMB8GA1UdIwQY
MBaAFPkgdVv2e6fXtNPQAQJ2BOopsj7RMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1TQjFXX1o3cDllMDA5QUJBbllFNmlteVB0RS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjQvNmI3YzNkLTg0Y2MtNGM3MC1iYzZm
LTllNTQ0ZDI0NmZkNy8xL21PbzNkYlQzU0ZrZ3FJdWpQd0FRTGlIY1NDay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjQvNmI3YzNkLTg0Y2MtNGM3MC1iYzZmLTllNTQ0ZDI0NmZk
Ny8xLzEtU0IxV19aN3A5ZTAwOUFCQW5ZRTZpbXlQdEUuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBAFtShgw
DQQCAAIwBwMFACoNQcAwDQYJKoZIhvcNAQELBQADggEBAMC4VpeEHiC7mmz1GcSe
vlGeHmI+lATGPrzV9HC75VyVxPJY3v//8uJRfy+3OMavw8bvVS+czwY+4VYa27Q1
CMdONpwJ7xx32wJ1CyOnWOa3+RBct+6hvPiwrTvAGQKyg4NIsHuRoIe7EYkaQXRz
w5+27dXRgzYvFXehzM07ruyu8dYh5QAh5pwFvbUQ3WIkyMQGIXEIOBVs/cNB7iyN
Nt0RpSUbQWQiaKhiWQzvHDpx6yXobnMVh74xip/3oia5pKggg2RB2adr8xV4QhoU
57DRkuo72jDAByuDpTOT4F+5nn+tNRjGKegEat82X3zrRYp3DQGETXFqdcXtam+Y
Esg=
-----END CERTIFICATE-----
Generated at Mon Apr 21 23:58:47 2025 by rpki-client