Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2ObTZahX7dYm4ogqb5vnljurKGI.roa
File: 2ObTZahX7dYm4ogqb5vnljurKGI.roa (raw, json)
Hash identifier: DlimJI2KCzOlm+pMXU1i1op9642zED/noLr63/qIjz4=
Subject key identifier: D8:E6:D3:65:A8:57:ED:D6:26:E2:88:2A:6F:9B:E7:96:3B:AB:28:62
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01942143EE0FA1C569DA83266D95795C5978
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2ObTZahX7dYm4ogqb5vnljurKGI.roa
Signing time: Wed 01 Jan 2025 09:48:07 +0000
ROA not before: Wed 01 Jan 2025 09:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60117
IP address blocks: 109.176.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 Jan 2025 16:34:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:ee:0f:a1:c5:69:da:83:26:6d:95:79:5c:59:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8e6d365a857edd626e2882a6f9be7963bab2862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:69:cc:6f:9c:1a:c3:9c:c4:3d:36:db:27:cc:
6b:21:97:dc:c4:78:de:b6:b1:1a:29:18:69:1e:5a:
11:5c:6f:9b:45:93:ca:4a:28:63:8f:73:29:5c:ba:
46:47:a3:0a:34:e7:d7:19:f8:95:12:b8:04:8d:6e:
9a:9d:f1:32:42:4e:80:91:de:50:20:65:27:7e:4d:
27:0f:53:5e:b9:ea:c0:d2:3e:83:b9:97:a6:39:86:
86:85:55:21:25:7e:0e:20:85:f0:a3:2d:96:0f:d2:
10:9b:c8:ec:c3:e2:e9:f8:b5:5b:15:06:9b:8c:2e:
d5:cb:00:3e:57:72:43:cd:7d:a6:30:70:44:80:85:
fd:93:a7:76:7f:a5:92:3d:61:88:c3:1b:d1:0b:e2:
d7:e2:69:08:c9:b9:34:42:20:2e:d7:c1:8f:a2:f1:
9a:30:86:39:ce:c6:38:0b:4d:21:9a:79:58:dc:51:
dc:02:d8:4b:8d:3c:a7:51:75:73:d4:ae:76:65:c1:
82:94:53:01:24:9a:a1:83:a1:6a:f3:5d:02:68:4a:
49:e0:f7:a3:ac:58:cd:91:02:d0:ee:24:b4:31:2f:
60:72:8e:11:23:11:d9:c1:99:ab:0a:0f:32:42:6a:
7a:ee:3a:8f:1a:ca:1d:42:e0:4b:23:a2:f2:ce:5a:
bc:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:E6:D3:65:A8:57:ED:D6:26:E2:88:2A:6F:9B:E7:96:3B:AB:28:62
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2ObTZahX7dYm4ogqb5vnljurKGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.193.0/24
Signature Algorithm: sha256WithRSAEncryption
56:9b:db:81:93:76:1c:5e:4b:bf:83:74:c6:53:ff:1d:83:8e:
7b:68:15:01:6f:11:63:6e:3b:71:c5:7d:c4:a0:d8:fb:72:de:
32:87:e2:7c:22:24:32:74:38:83:05:50:5f:4b:3d:64:a8:6c:
02:c9:42:f8:3c:ae:a1:c2:14:ce:bf:e3:bd:74:36:6c:81:55:
9b:20:a6:97:0f:ce:88:5d:58:02:4a:15:82:13:02:48:6d:7e:
6a:49:7f:ac:4a:3c:c4:ed:e7:ef:37:7c:c5:4d:0d:72:96:57:
7e:3b:10:7b:81:df:37:73:43:46:96:0d:5f:d1:a6:72:c2:4c:
d0:47:58:3b:5d:99:6d:4d:57:cf:78:94:51:14:4d:03:b9:55:
e2:56:06:74:b8:16:b4:be:18:bb:11:f2:c2:8e:2c:73:38:42:
46:89:b8:95:ac:1f:ec:34:dd:f8:af:e9:29:19:5f:a5:00:ba:
87:4f:fc:44:7b:ef:8e:4f:98:c9:e3:14:e4:14:7b:6a:3b:0c:
d1:45:cf:e5:61:17:cc:2e:8f:2a:92:bf:4d:04:1f:58:e4:93:
9a:97:0c:9c:9d:fd:a7:86:d0:70:80:10:14:fd:0e:41:32:17:
65:85:5e:be:ff:b9:7d:35:3b:d5:38:80:50:26:c1:da:da:14:
d3:d8:e0:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhQ+4PocVp2oMmbZV5XFl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGU2ZDM2NWE4NTdlZGQ2MjZlMjg4MmE2ZjliZTc5NjNiYWIyODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwmnMb5waw5zEPTbbJ8xrIZfcxHje
trEaKRhpHloRXG+bRZPKSihjj3MpXLpGR6MKNOfXGfiVErgEjW6anfEyQk6Akd5Q
IGUnfk0nD1NeuerA0j6DuZemOYaGhVUhJX4OIIXwoy2WD9IQm8jsw+Lp+LVbFQab
jC7VywA+V3JDzX2mMHBEgIX9k6d2f6WSPWGIwxvRC+LX4mkIybk0QiAu18GPovGa
MIY5zsY4C00hmnlY3FHcAthLjTynUXVz1K52ZcGClFMBJJqhg6Fq810CaEpJ4Pej
rFjNkQLQ7iS0MS9gco4RIxHZwZmrCg8yQmp67jqPGsodQuBLI6Lyzlq8ywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNjm02WoV+3WJuKIKm+b55Y7qyhiMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMk9iVFphaFg3ZFltNG9ncWI1dm5sanVyS0dJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDBMA0G
CSqGSIb3DQEBCwUAA4IBAQBWm9uBk3YcXku/g3TGU/8dg457aBUBbxFjbjtxxX3E
oNj7ct4yh+J8IiQydDiDBVBfSz1kqGwCyUL4PK6hwhTOv+O9dDZsgVWbIKaXD86I
XVgCShWCEwJIbX5qSX+sSjzE7efvN3zFTQ1ylld+OxB7gd83c0NGlg1f0aZywkzQ
R1g7XZltTVfPeJRRFE0DuVXiVgZ0uBa0vhi7EfLCjixzOEJGibiVrB/sNN34r+kp
GV+lALqHT/xEe++OT5jJ4xTkFHtqOwzRRc/lYRfMLo8qkr9NBB9Y5JOalwycnf2n
htBwgBAU/Q5BMhdlhV6+/7l9NTvVOIBQJsHa2hTT2OAg
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:55:01 2025 by rpki-client