Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/F-ljS7sfy-Oc_l2nVRcKPepsTbo.roa
File: F-ljS7sfy-Oc_l2nVRcKPepsTbo.roa (raw, json)
Hash identifier: MsLfM7RWwZ/18TGjsFlVvZiSGECFPae5EVZFOwR1gTU=
Subject key identifier: 17:E9:63:4B:BB:1F:CB:E3:9C:FE:5D:A7:55:17:0A:3D:EA:6C:4D:BA
Certificate issuer: /CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Certificate serial: 019103B1B99ACF34F50E88005851FF441D04
Authority key identifier: AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/F-ljS7sfy-Oc_l2nVRcKPepsTbo.roa
Signing time: Tue 30 Jul 2024 12:51:04 +0000
ROA not before: Tue 30 Jul 2024 12:51:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207876
IP address blocks: 192.109.210.0/24 maxlen: 24
192.109.217.0/24 maxlen: 24
192.109.219.0/24 maxlen: 24
192.109.220.0/24 maxlen: 24
2a0a:7480::/29 maxlen: 29
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:48:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:03:b1:b9:9a:cf:34:f5:0e:88:00:58:51:ff:44:1d:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad8dd17a768e3b6fbfa7a7009a7007ebe65b45c8
Validity
Not Before: Jul 30 12:51:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17e9634bbb1fcbe39cfe5da755170a3dea6c4dba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:96:c4:dd:71:4b:da:01:8c:cb:01:49:70:7e:
5d:ab:49:18:12:66:75:21:6c:39:25:11:f7:26:7c:
a2:00:16:bc:3f:07:4d:f1:17:bb:06:58:7f:1d:ce:
22:30:ff:d7:af:09:5e:92:e4:e6:fa:cf:1b:c2:80:
3f:65:d3:0b:c7:c3:f0:2b:cd:d0:75:e7:5e:0d:40:
07:e6:3a:01:5e:1a:4c:93:24:9c:4c:b5:34:0d:ee:
70:9d:38:a7:11:d8:7f:bf:af:77:6a:f2:2f:8d:de:
22:a3:94:c1:1d:f1:12:bc:ad:87:85:e7:a7:3f:d6:
0b:56:07:f8:fc:39:42:e0:bd:47:f6:de:f0:be:3e:
73:d0:9c:c9:e5:e5:fa:8e:54:05:1d:b7:46:31:ad:
ba:8e:55:1b:95:91:1f:56:3d:a7:c5:76:19:41:d1:
da:37:be:b9:43:7e:09:9f:a3:dc:85:cb:7e:25:71:
88:c2:9b:50:54:85:59:87:98:fe:05:36:e7:14:c9:
0c:52:21:56:4a:c5:70:05:59:f3:10:74:39:e9:a2:
47:0c:70:6d:da:fb:70:f2:93:c8:43:73:d9:48:e6:
94:3f:24:da:b4:d6:a7:a7:57:d7:ca:7e:dd:d4:b0:
13:80:6d:e0:30:9d:81:c6:4c:da:1c:93:15:41:c6:
44:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:E9:63:4B:BB:1F:CB:E3:9C:FE:5D:A7:55:17:0A:3D:EA:6C:4D:BA
X509v3 Authority Key Identifier:
keyid:AD:8D:D1:7A:76:8E:3B:6F:BF:A7:A7:00:9A:70:07:EB:E6:5B:45:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rY3RenaOO2-_p6cAmnAH6-ZbRcg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/F-ljS7sfy-Oc_l2nVRcKPepsTbo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/98b35b-945e-40c5-bb95-9eadd351fc79/1/rY3RenaOO2-_p6cAmnAH6-ZbRcg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.210.0/24
192.109.217.0/24
192.109.219.0-192.109.220.255
IPv6:
2a0a:7480::/29
Signature Algorithm: sha256WithRSAEncryption
15:4d:bc:2e:de:d5:45:f7:23:f0:74:cc:2e:27:35:e3:bc:08:
5d:8f:c0:21:79:92:e3:30:0e:a0:e8:6e:09:f7:44:8a:ec:57:
38:ff:66:69:b1:27:6f:3b:62:64:a4:93:1f:01:c3:e8:20:3d:
d6:74:71:3c:77:e1:7d:af:1c:c1:53:b5:f3:9d:5d:d4:70:b5:
38:b2:d6:47:83:09:ac:d0:6f:39:a5:bc:b1:47:86:56:6b:10:
09:04:f3:ea:8f:77:ea:34:ff:02:69:5b:7d:7e:f7:5a:5d:ce:
98:71:8c:cb:44:b5:82:4f:86:39:26:51:13:3e:d2:54:85:77:
d7:7d:c8:bc:d3:80:c1:35:c2:34:87:70:9d:59:9f:b2:a0:ad:
7c:70:c4:c6:5c:1e:24:0f:6f:32:33:b9:8e:c5:b0:77:2c:94:
bc:93:9b:72:be:d9:8f:4b:d2:a2:53:ec:f1:f4:cc:93:26:32:
05:26:09:20:27:04:28:b2:69:77:c8:af:5e:d5:e7:1d:03:0a:
e7:14:ff:45:eb:c4:bb:e2:26:0f:b6:73:e7:fc:c2:12:6e:34:
89:9d:fa:5e:70:98:2c:75:36:db:0b:e5:72:93:f6:79:cc:2c:
7c:77:42:a7:f5:3c:25:e2:e4:f8:5b:8b:80:bf:59:66:35:d8:
44:c6:98:a6
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZEDsbmazzT1DogAWFH/RB0EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOGRkMTdhNzY4ZTNiNmZiZmE3YTcwMDlhNzAwN2ViZTY1
YjQ1YzgwHhcNMjQwNzMwMTI1MTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2U5NjM0YmJiMWZjYmUzOWNmZTVkYTc1NTE3MGEzZGVhNmM0ZGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpbE3XFL2gGMywFJcH5dq0kYEmZ1
IWw5JRH3JnyiABa8PwdN8Re7Blh/Hc4iMP/XrwlekuTm+s8bwoA/ZdMLx8PwK83Q
dedeDUAH5joBXhpMkyScTLU0De5wnTinEdh/v693avIvjd4io5TBHfESvK2Hheen
P9YLVgf4/DlC4L1H9t7wvj5z0JzJ5eX6jlQFHbdGMa26jlUblZEfVj2nxXYZQdHa
N765Q34Jn6Pchct+JXGIwptQVIVZh5j+BTbnFMkMUiFWSsVwBVnzEHQ56aJHDHBt
2vtw8pPIQ3PZSOaUPyTatNanp1fXyn7d1LATgG3gMJ2BxkzaHJMVQcZEywIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBfpY0u7H8vjnP5dp1UXCj3qbE26MB8GA1UdIwQY
MBaAFK2N0Xp2jjtvv6enAJpwB+vmW0XIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclkzUmVuYU9PMi1fcDZjQW1uQUg2LVpiUmNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy85OGIzNWItOTQ1ZS00MGM1LWJiOTUt
OWVhZGQzNTFmYzc5LzEvRi1salM3c2Z5LU9jX2wyblZSY0tQZXBzVGJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy85OGIzNWItOTQ1ZS00MGM1LWJiOTUtOWVhZGQzNTFmYzc5
LzEvclkzUmVuYU9PMi1fcDZjQW1uQUg2LVpiUmNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQAwG3SAwQA
wG3ZMAwDBADAbdsDBADAbdwwDQQCAAIwBwMFAyoKdIAwDQYJKoZIhvcNAQELBQAD
ggEBABVNvC7e1UX3I/B0zC4nNeO8CF2PwCF5kuMwDqDobgn3RIrsVzj/ZmmxJ287
YmSkkx8Bw+ggPdZ0cTx34X2vHMFTtfOdXdRwtTiy1keDCazQbzmlvLFHhlZrEAkE
8+qPd+o0/wJpW31+91pdzphxjMtEtYJPhjkmURM+0lSFd9d9yLzTgME1wjSHcJ1Z
n7KgrXxwxMZcHiQPbzIzuY7FsHcslLyTm3K+2Y9L0qJT7PH0zJMmMgUmCSAnBCiy
aXfIr17V5x0DCucU/0XrxLviJg+2c+f8whJuNImd+l5wmCx1NtsL5XKT9nnMLHx3
Qqf1PCXi5Phbi4C/WWY12ETGmKY=
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:36:15 2025 by rpki-client