Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/igeDDc03hpeOwa3hfUyoqL4mQbE.roa
File: igeDDc03hpeOwa3hfUyoqL4mQbE.roa (raw, json)
Hash identifier: KIOZ0yJ0noG6vz4sdFYoAUmlyUv7MGRLRC1LChaX6Mw=
Subject key identifier: 8A:07:83:0D:CD:37:86:97:8E:C1:AD:E1:7D:4C:A8:A8:BE:26:41:B1
Certificate issuer: /CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Certificate serial: 018CC9BCDFE33ED646AC085E8A237F3CD4AC
Authority key identifier: E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/igeDDc03hpeOwa3hfUyoqL4mQbE.roa
Signing time: Tue 02 Jan 2024 10:34:07 +0000
ROA not before: Tue 02 Jan 2024 10:34:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15870
IP address blocks: 178.74.109.0/24 maxlen: 24
176.62.76.0/24 maxlen: 24
176.62.80.0/24 maxlen: 24
109.120.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:df:e3:3e:d6:46:ac:08:5e:8a:23:7f:3c:d4:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4b1306101cc9ec9fce985280c1db0f37c135a3a
Validity
Not Before: Jan 2 10:34:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a07830dcd3786978ec1ade17d4ca8a8be2641b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:d2:31:43:07:2b:17:ab:90:5a:05:13:03:d0:
9f:d7:a9:45:75:4f:88:7c:2f:ef:0d:cb:69:f9:51:
8a:b2:90:fa:5e:a8:65:b7:25:b0:0c:da:db:0a:76:
63:9e:62:80:ba:74:52:da:55:3c:54:b0:b2:24:88:
3c:69:05:fe:ae:9e:ff:3d:d2:5d:cb:1d:02:4f:00:
d9:9c:69:95:8f:54:36:b5:29:00:f8:11:17:3e:6e:
56:34:1c:51:0c:9c:4d:99:5c:cf:6c:d6:3e:7b:1d:
51:a9:2c:5c:8f:67:1d:8d:6e:02:b0:a6:ec:15:66:
d4:0e:78:e0:af:cd:2e:a1:7b:c5:bf:db:44:96:6d:
1d:74:09:ef:80:77:81:81:d5:a7:b0:d3:ee:16:48:
e0:c0:58:8c:04:e2:c0:7e:9f:59:70:9d:48:dd:d1:
24:0c:0e:0b:fd:af:45:52:fc:bc:32:7a:06:64:21:
aa:16:b5:cb:5a:b8:2a:6b:2e:c9:4f:68:f6:50:66:
d6:c2:2e:7d:83:dc:fd:39:ac:ce:05:5b:fa:af:ce:
56:cc:be:d2:45:d5:af:ab:f5:f6:16:a6:cd:93:5e:
7b:88:b4:1f:32:c6:0e:98:14:08:75:dc:11:23:b2:
a8:42:30:af:49:32:06:4e:85:50:d8:72:cb:83:c4:
10:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:07:83:0D:CD:37:86:97:8E:C1:AD:E1:7D:4C:A8:A8:BE:26:41:B1
X509v3 Authority Key Identifier:
keyid:E4:B1:30:61:01:CC:9E:C9:FC:E9:85:28:0C:1D:B0:F3:7C:13:5A:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5LEwYQHMnsn86YUoDB2w83wTWjo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/igeDDc03hpeOwa3hfUyoqL4mQbE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/4d089e-5d1c-4e34-9465-fa6348f695b5/1/5LEwYQHMnsn86YUoDB2w83wTWjo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.120.21.0/24
176.62.76.0/24
176.62.80.0/24
178.74.109.0/24
Signature Algorithm: sha256WithRSAEncryption
47:41:eb:85:c4:8d:54:33:3b:00:a0:9e:a7:00:6e:01:4a:f0:
29:a4:7b:f7:5f:a5:8b:13:9d:96:4d:92:b3:86:53:af:26:ad:
68:0a:18:8f:dd:a9:5e:8e:d3:ff:32:da:42:bd:ea:02:6a:59:
5e:d4:cf:bb:f9:42:a7:a0:73:77:de:e0:9d:5b:15:7b:15:1a:
fb:0d:7e:8d:b3:07:1b:34:71:99:f1:ec:54:78:05:4d:dc:97:
76:17:ea:13:5b:68:63:5d:7c:f9:88:dc:d0:f0:d9:53:b2:10:
96:3a:fa:2a:3e:58:b9:96:a5:cf:17:95:b5:d0:f6:b9:dd:d1:
7f:94:92:7e:58:ea:74:ca:b1:f5:18:91:51:76:ac:d3:bc:3b:
6a:61:8f:9a:21:24:18:23:7e:4b:e2:be:13:ec:60:1c:79:39:
f8:38:f0:9a:c5:55:11:b5:f4:d9:a1:b3:8b:02:31:ad:52:6f:
65:25:9e:8e:de:e9:a8:b0:84:03:9a:99:87:a6:a5:8e:2b:a8:
6d:97:32:3f:48:e3:fa:82:e6:6a:d6:f0:37:a7:b6:fd:7f:bb:
ee:18:a1:d5:df:59:0b:4a:94:be:66:94:73:8b:3d:9f:57:74:
b6:c5:ad:f0:8f:ff:f2:51:60:19:11:cd:be:d5:b5:77:65:66:
52:22:16:a3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvN/jPtZGrAheiiN/PNSsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YjEzMDYxMDFjYzllYzlmY2U5ODUyODBjMWRiMGYzN2Mx
MzVhM2EwHhcNMjQwMTAyMTAzNDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTA3ODMwZGNkMzc4Njk3OGVjMWFkZTE3ZDRjYThhOGJlMjY0MWIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgdIxQwcrF6uQWgUTA9Cf16lFdU+I
fC/vDctp+VGKspD6XqhltyWwDNrbCnZjnmKAunRS2lU8VLCyJIg8aQX+rp7/PdJd
yx0CTwDZnGmVj1Q2tSkA+BEXPm5WNBxRDJxNmVzPbNY+ex1RqSxcj2cdjW4CsKbs
FWbUDnjgr80uoXvFv9tElm0ddAnvgHeBgdWnsNPuFkjgwFiMBOLAfp9ZcJ1I3dEk
DA4L/a9FUvy8MnoGZCGqFrXLWrgqay7JT2j2UGbWwi59g9z9OazOBVv6r85WzL7S
RdWvq/X2FqbNk157iLQfMsYOmBQIddwRI7KoQjCvSTIGToVQ2HLLg8QQ4wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIoHgw3NN4aXjsGt4X1MqKi+JkGxMB8GA1UdIwQY
MBaAFOSxMGEBzJ7J/OmFKAwdsPN8E1o6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUxFd1lRSE1uc244NllVb0RCMnc4M3dUV2pvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS80ZDA4OWUtNWQxYy00ZTM0LTk0NjUt
ZmE2MzQ4ZjY5NWI1LzEvaWdlRERjMDNocGVPd2EzaGZVeW9xTDRtUWJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS80ZDA4OWUtNWQxYy00ZTM0LTk0NjUtZmE2MzQ4ZjY5NWI1
LzEvNUxFd1lRSE1uc244NllVb0RCMnc4M3dUV2pvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXgVAwQA
sD5MAwQAsD5QAwQAskptMA0GCSqGSIb3DQEBCwUAA4IBAQBHQeuFxI1UMzsAoJ6n
AG4BSvAppHv3X6WLE52WTZKzhlOvJq1oChiP3alejtP/MtpCveoCalle1M+7+UKn
oHN33uCdWxV7FRr7DX6NswcbNHGZ8exUeAVN3Jd2F+oTW2hjXXz5iNzQ8NlTshCW
OvoqPli5lqXPF5W10Pa53dF/lJJ+WOp0yrH1GJFRdqzTvDtqYY+aISQYI35L4r4T
7GAceTn4OPCaxVURtfTZobOLAjGtUm9lJZ6O3umosIQDmpmHpqWOK6htlzI/SOP6
guZq1vA3p7b9f7vuGKHV31kLSpS+ZpRziz2fV3S2xa3wj//yUWAZEc2+1bV3ZWZS
Ihaj
-----END CERTIFICATE-----
Generated at Mon Feb 17 07:46:16 2025 by rpki-client