Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/Ko7RN_Qv1Wo6-QEsE0yqZfGM-hU.roa
File: Ko7RN_Qv1Wo6-QEsE0yqZfGM-hU.roa (raw, json)
Hash identifier: L8UG7HhTju1TrM7lbSDjgx9EJ5EYA7PWD0VqiJjqD2w=
Subject key identifier: 2A:8E:D1:37:F4:2F:D5:6A:3A:F9:01:2C:13:4C:AA:65:F1:8C:FA:15
Certificate issuer: /CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Certificate serial: 018CC64A09C8C5AE7AF26872CD42716498DB
Authority key identifier: F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/Ko7RN_Qv1Wo6-QEsE0yqZfGM-hU.roa
Signing time: Mon 01 Jan 2024 18:29:50 +0000
ROA not before: Mon 01 Jan 2024 18:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208485
IP address blocks: 176.103.225.0/24 maxlen: 24
176.103.224.0/24 maxlen: 24
176.103.226.0/24 maxlen: 24
176.103.227.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 21 Jun 2024 07:52:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:09:c8:c5:ae:7a:f2:68:72:cd:42:71:64:98:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b9ea4d9d83a728dd41029e86af8a130d389ed4
Validity
Not Before: Jan 1 18:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2a8ed137f42fd56a3af9012c134caa65f18cfa15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:de:1a:b9:b0:e8:4c:49:19:65:d6:e4:d2:d9:
77:24:96:4a:2e:e8:8d:ab:a1:86:51:ff:42:62:22:
49:9e:13:1d:1a:5e:74:74:85:18:cf:7b:38:be:19:
b5:26:62:63:94:7c:50:d8:ed:05:9e:c0:d1:3e:47:
60:a3:d4:2d:c9:38:5f:40:e6:b0:98:54:6b:ba:6c:
7f:35:58:8a:46:36:9e:5f:70:68:8d:c1:82:5f:bc:
e9:67:7f:ca:91:b8:1a:de:e1:cd:79:6c:c2:2e:cb:
33:75:40:0b:7e:c0:77:0e:98:73:12:82:38:4f:de:
64:9d:be:72:c6:0d:a0:18:a5:0a:cd:56:20:c6:58:
3f:04:e6:32:13:c5:3b:b1:31:73:5d:1f:bb:6c:1d:
20:f5:e0:69:c7:14:98:f5:ea:20:97:69:16:ec:4a:
3d:98:e8:a2:f1:97:20:3b:ed:ae:47:c7:e6:87:3c:
ca:89:17:9c:af:58:0d:53:d3:1b:15:8c:d5:91:38:
ac:30:02:23:4a:62:19:44:5a:60:20:d7:4e:82:e1:
56:3b:f2:e2:1f:f8:f9:2b:b5:df:76:88:1e:a8:53:
be:a7:68:4f:27:a0:65:cf:a1:94:74:a1:e4:07:6b:
8f:5c:81:9f:db:ad:ca:47:23:e4:de:a8:b0:c2:e7:
d8:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:8E:D1:37:F4:2F:D5:6A:3A:F9:01:2C:13:4C:AA:65:F1:8C:FA:15
X509v3 Authority Key Identifier:
keyid:F4:B9:EA:4D:9D:83:A7:28:DD:41:02:9E:86:AF:8A:13:0D:38:9E:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LnqTZ2DpyjdQQKehq-KEw04ntQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/Ko7RN_Qv1Wo6-QEsE0yqZfGM-hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/14f305-013b-453e-ac53-081cb2b17ab5/1/9LnqTZ2DpyjdQQKehq-KEw04ntQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.103.224.0/22
Signature Algorithm: sha256WithRSAEncryption
74:ea:75:01:dd:8e:71:c4:19:65:42:36:dd:23:3c:e4:c1:fb:
d7:32:09:68:8b:37:33:cc:f0:1e:ba:6c:a7:74:9f:bd:c4:b9:
4d:2a:be:9a:8a:f7:69:e9:56:75:99:5c:ec:8b:c9:4f:f5:20:
fe:6e:f4:04:a0:05:cf:e9:15:17:1e:71:b2:c1:94:51:1b:7c:
39:be:47:b8:fd:dc:1a:b8:99:64:f1:c9:ac:5b:07:96:f7:da:
3b:7a:1e:dd:48:a9:75:74:a0:01:89:50:e8:e8:13:b3:df:4f:
3e:42:d5:e7:32:40:fb:1f:a6:bd:61:15:b4:14:a1:43:04:9d:
68:aa:4a:2f:1f:fb:24:3d:85:67:a1:90:05:ff:e6:05:b2:c0:
3e:bd:07:c5:56:74:0e:ca:af:5e:d0:39:62:79:d9:c2:e9:8a:
22:84:2b:a8:ca:a3:37:c1:c1:f3:06:95:79:50:84:6f:63:26:
a8:90:36:57:70:55:2b:41:43:82:f2:c7:3e:fd:87:43:45:5d:
c9:00:69:8a:96:00:6c:4e:a4:9a:0e:21:71:16:19:23:3b:84:
c0:5d:4a:50:88:79:a9:e5:41:cd:ae:15:db:00:e7:e0:45:18:
22:26:87:49:2b:0f:5f:d8:b9:b7:e4:c3:d3:34:81:5a:eb:83:
a3:72:75:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSgnIxa568mhyzUJxZJjbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0YjllYTRkOWQ4M2E3MjhkZDQxMDI5ZTg2YWY4YTEzMGQz
ODllZDQwHhcNMjQwMTAxMTgyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYThlZDEzN2Y0MmZkNTZhM2FmOTAxMmMxMzRjYWE2NWYxOGNmYTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA294aubDoTEkZZdbk0tl3JJZKLuiN
q6GGUf9CYiJJnhMdGl50dIUYz3s4vhm1JmJjlHxQ2O0FnsDRPkdgo9QtyThfQOaw
mFRrumx/NViKRjaeX3BojcGCX7zpZ3/Kkbga3uHNeWzCLsszdUALfsB3DphzEoI4
T95knb5yxg2gGKUKzVYgxlg/BOYyE8U7sTFzXR+7bB0g9eBpxxSY9eogl2kW7Eo9
mOii8ZcgO+2uR8fmhzzKiRecr1gNU9MbFYzVkTisMAIjSmIZRFpgINdOguFWO/Li
H/j5K7XfdogeqFO+p2hPJ6Blz6GUdKHkB2uPXIGf263KRyPk3qiwwufYNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCqO0Tf0L9VqOvkBLBNMqmXxjPoVMB8GA1UdIwQY
MBaAFPS56k2dg6co3UECnoavihMNOJ7UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMt
MDgxY2IyYjE3YWI1LzEvS283Uk5fUXYxV282LVFFc0UweXFaZkdNLWhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNGYzMDUtMDEzYi00NTNlLWFjNTMtMDgxY2IyYjE3YWI1
LzEvOUxucVRaMkRweWpkUVFLZWhxLUtFdzA0bnRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCsGfgMA0G
CSqGSIb3DQEBCwUAA4IBAQB06nUB3Y5xxBllQjbdIzzkwfvXMgloizczzPAeumyn
dJ+9xLlNKr6aivdp6VZ1mVzsi8lP9SD+bvQEoAXP6RUXHnGywZRRG3w5vke4/dwa
uJlk8cmsWweW99o7eh7dSKl1dKABiVDo6BOz308+QtXnMkD7H6a9YRW0FKFDBJ1o
qkovH/skPYVnoZAF/+YFssA+vQfFVnQOyq9e0DliednC6YoihCuoyqM3wcHzBpV5
UIRvYyaokDZXcFUrQUOC8sc+/YdDRV3JAGmKlgBsTqSaDiFxFhkjO4TAXUpQiHmp
5UHNrhXbAOfgRRgiJodJKw9f2Lm35MPTNIFa64OjcnUm
-----END CERTIFICATE-----
Generated at Fri Jun 21 11:19:26 2024 by rpki-client on console-ams.rpki-client.org