Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0JKLPUddKTa4-iq0Bp01KhZ2nTs.roa
File: 0JKLPUddKTa4-iq0Bp01KhZ2nTs.roa (raw, json)
Hash identifier: jhDd/oFz/dGT+5+AcfZERxACTmNxhv8+Fib83e52gYw=
Subject key identifier: D0:92:8B:3D:47:5D:29:36:B8:FA:2A:B4:06:9D:35:2A:16:76:9D:3B
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019396157B69007426D8F877909D747BF706
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0JKLPUddKTa4-iq0Bp01KhZ2nTs.roa
Signing time: Thu 05 Dec 2024 09:10:10 +0000
ROA not before: Thu 05 Dec 2024 09:10:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 135391
IP address blocks: 81.168.126.0/24 maxlen: 24
109.176.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:96:15:7b:69:00:74:26:d8:f8:77:90:9d:74:7b:f7:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 5 09:10:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d0928b3d475d2936b8fa2ab4069d352a16769d3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:f1:97:07:dd:ae:c9:a0:46:9e:98:65:a9:cc:
33:f8:e1:e4:fb:9d:bc:93:92:fe:50:7b:cc:f8:42:
0b:e3:49:35:ff:ee:99:c2:6f:4c:72:e1:a0:05:b7:
73:45:30:eb:c0:f8:11:97:31:0f:4c:9f:45:b9:cd:
ea:57:0a:ac:4c:6e:73:33:a8:86:4b:52:eb:6b:93:
19:ed:9e:ba:11:0c:7f:fe:4a:56:75:74:1f:e1:46:
e0:af:37:b9:26:32:68:3a:20:fe:b5:57:0b:79:0e:
ca:fe:4c:3a:2c:f0:73:dc:f0:30:d6:8d:85:07:9f:
c1:4b:31:a9:e3:a9:ce:1e:e2:d7:ff:29:10:4c:84:
bf:9d:0a:3f:b4:3c:be:e9:fd:94:23:d1:11:76:0d:
2a:eb:52:00:c2:01:dd:f4:5a:67:ec:5f:34:fd:0f:
82:0a:58:c2:aa:b1:43:94:a5:5d:6d:19:45:ee:dd:
a5:47:4e:ae:3c:fc:8b:3b:ab:1a:02:8c:93:ee:6c:
04:85:ab:f1:31:11:59:23:1f:07:32:03:4c:b0:74:
03:74:ff:0c:6e:85:a5:29:9f:04:08:37:bc:49:9c:
0c:b0:1c:89:e2:f3:82:70:22:c4:95:62:09:67:42:
27:24:bd:c6:08:d1:b9:c5:b4:7c:bf:61:35:f9:9a:
57:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:92:8B:3D:47:5D:29:36:B8:FA:2A:B4:06:9D:35:2A:16:76:9D:3B
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/0JKLPUddKTa4-iq0Bp01KhZ2nTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.126.0/24
109.176.248.0/24
Signature Algorithm: sha256WithRSAEncryption
73:da:f6:2c:e2:31:fb:3e:78:93:b0:7e:71:a8:01:48:86:fc:
d1:86:2a:32:60:7c:ce:c3:f7:97:f5:7f:3d:c8:3d:bc:4d:f3:
27:80:2f:10:fa:05:cf:c3:0f:a7:68:ef:8b:76:50:f1:a1:37:
22:01:77:0c:66:89:a8:30:84:ff:02:70:19:14:51:84:f5:0c:
45:da:e2:36:f5:ab:35:3a:6b:b3:15:03:77:a5:d1:05:24:d2:
0e:10:1e:e1:7f:c2:b3:2c:28:7e:18:c0:79:b8:8d:c1:36:a5:
c3:c7:3c:55:d0:53:00:06:04:b5:f4:9c:e9:5f:5f:36:1d:73:
0b:03:f4:09:7e:0d:ad:a1:64:42:67:0e:6c:07:f5:ed:f3:73:
6c:5a:0c:50:c8:a5:94:9b:a9:a1:07:e8:61:cd:ae:53:0e:b5:
4c:ff:1f:26:93:f9:f4:d1:df:e4:b5:dd:a4:39:1d:7e:cb:a0:
d1:f1:78:17:92:be:8a:b1:f7:de:1d:fa:b2:9d:a1:29:85:ea:
14:10:fe:15:b5:86:de:49:4e:5f:9b:cb:a0:1d:00:86:d3:17:
8d:79:80:fc:9f:03:65:59:bb:c5:08:83:17:00:fb:5c:35:80:
04:fa:03:38:df:ed:9a:3e:aa:92:2f:fc:7f:f0:34:e8:f5:ed:
e3:7d:ea:59
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOWFXtpAHQm2Ph3kJ10e/cGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA1MDkxMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDkyOGIzZDQ3NWQyOTM2YjhmYTJhYjQwNjlkMzUyYTE2NzY5ZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvGXB92uyaBGnphlqcwz+OHk+528
k5L+UHvM+EIL40k1/+6Zwm9McuGgBbdzRTDrwPgRlzEPTJ9Fuc3qVwqsTG5zM6iG
S1Lra5MZ7Z66EQx//kpWdXQf4Ubgrze5JjJoOiD+tVcLeQ7K/kw6LPBz3PAw1o2F
B5/BSzGp46nOHuLX/ykQTIS/nQo/tDy+6f2UI9ERdg0q61IAwgHd9Fpn7F80/Q+C
CljCqrFDlKVdbRlF7t2lR06uPPyLO6saAoyT7mwEhavxMRFZIx8HMgNMsHQDdP8M
boWlKZ8ECDe8SZwMsByJ4vOCcCLElWIJZ0InJL3GCNG5xbR8v2E1+ZpXewIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNCSiz1HXSk2uPoqtAadNSoWdp07MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMEpLTFBVZGRLVGE0LWlxMEJwMDFLaFoyblRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUah+AwQA
bbD4MA0GCSqGSIb3DQEBCwUAA4IBAQBz2vYs4jH7PniTsH5xqAFIhvzRhioyYHzO
w/eX9X89yD28TfMngC8Q+gXPww+naO+LdlDxoTciAXcMZomoMIT/AnAZFFGE9QxF
2uI29as1OmuzFQN3pdEFJNIOEB7hf8KzLCh+GMB5uI3BNqXDxzxV0FMABgS19Jzp
X182HXMLA/QJfg2toWRCZw5sB/Xt83NsWgxQyKWUm6mhB+hhza5TDrVM/x8mk/n0
0d/ktd2kOR1+y6DR8XgXkr6KsffeHfqynaEpheoUEP4VtYbeSU5fm8ugHQCG0xeN
eYD8nwNlWbvFCIMXAPtcNYAE+gM43+2aPqqSL/x/8DTo9e3jfepZ
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:26 2025 by rpki-client