Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6ovCoZiwxor7XVNAwbHftyTtRcU.roa
File: 6ovCoZiwxor7XVNAwbHftyTtRcU.roa (raw, json)
Hash identifier: C39UHtFnowJePneWxrRbKVVsybMh8KbrrByJTVdAX3c=
Subject key identifier: EA:8B:C2:A1:98:B0:C6:8A:FB:5D:53:40:C1:B1:DF:B7:24:ED:45:C5
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FA45768096CAB5934303697BFF26A0651
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6ovCoZiwxor7XVNAwbHftyTtRcU.roa
Signing time: Thu 23 May 2024 07:25:42 +0000
ROA not before: Thu 23 May 2024 07:25:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211318
IP address blocks: 109.176.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 08:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a4:57:68:09:6c:ab:59:34:30:36:97:bf:f2:6a:06:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 23 07:25:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea8bc2a198b0c68afb5d5340c1b1dfb724ed45c5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:2c:e2:be:77:97:c9:7b:68:c9:61:db:df:b2:
46:dd:e6:4a:4e:89:f3:5f:ae:78:d1:fe:6d:e0:9e:
a5:64:cf:82:7e:7b:b4:d3:b9:5f:fc:cd:19:83:b7:
e2:ec:30:1c:bc:45:6b:1b:2c:47:ff:9a:04:b3:ee:
e2:9c:e2:ed:41:44:93:ed:65:1c:6b:1d:4b:ab:06:
d2:ff:42:c5:df:af:15:fe:28:85:c4:bb:3d:63:1f:
55:5f:df:c6:fb:d4:aa:50:7f:66:4a:88:0e:ad:2f:
c5:45:10:f6:a6:ad:23:e6:b1:de:ef:dc:4b:b9:8d:
92:89:47:83:82:bc:2a:ed:b6:b8:20:77:da:95:9c:
c0:a6:89:9c:33:8a:c7:cd:0c:cd:6f:33:95:e1:2b:
0f:37:f0:35:b8:8d:fb:bf:60:d7:b2:d2:4f:24:06:
96:87:af:aa:18:6d:cf:e7:0b:b6:98:0d:3e:ab:b3:
08:7c:f6:1c:28:84:62:08:3d:76:3c:46:a7:f1:5e:
3c:27:59:74:11:30:55:51:1e:a5:86:f5:5c:15:24:
cc:29:90:4a:88:a0:69:b8:5d:54:e4:1e:e2:2e:89:
64:8c:2a:8d:ed:35:2b:84:93:67:6b:f6:26:56:13:
4e:a1:ba:e6:d4:c9:09:2e:af:81:28:e5:68:d5:32:
64:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:8B:C2:A1:98:B0:C6:8A:FB:5D:53:40:C1:B1:DF:B7:24:ED:45:C5
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6ovCoZiwxor7XVNAwbHftyTtRcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
11:4d:32:e9:72:a2:c1:8b:12:6d:c3:89:20:fe:41:23:b1:b3:
2a:57:e9:e1:15:76:4f:9d:17:ad:24:86:a1:6a:69:15:71:19:
14:d3:ae:b9:7c:75:27:0e:35:de:e8:f3:22:8a:c4:54:60:19:
25:49:f5:44:ac:ba:cd:1a:38:ed:09:26:5c:2c:39:55:b8:e9:
81:19:9f:67:34:22:3c:63:dd:5e:df:ad:6e:4b:20:61:8a:2c:
13:e7:0b:fa:fd:ce:08:ba:18:08:a1:a6:c2:f9:df:f5:4e:85:
06:f1:57:94:f6:ec:d7:87:94:f9:aa:a8:e4:10:f0:2a:4b:fc:
74:ca:7c:57:90:47:ec:06:28:a7:58:a8:24:23:b0:36:2b:0c:
3d:9d:61:49:7b:cd:cb:88:31:4e:8b:52:6d:f3:9d:e7:b5:2f:
a1:a9:a6:a5:d1:1d:2b:64:b8:15:50:d5:41:8a:ad:c7:4d:b0:
7a:1a:9f:ab:0a:3f:a5:fe:c5:44:28:5c:92:37:02:f2:27:06:
57:e4:ee:89:82:3f:a1:7f:eb:cb:31:af:b3:18:5c:b5:1c:68:
0c:81:62:85:15:f6:f7:88:c8:e7:65:d7:2d:ab:b7:33:52:c6:
2d:56:24:fa:6e:0b:7f:48:94:22:c5:63:38:2c:4b:cc:08:7b:
b2:d4:9c:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+kV2gJbKtZNDA2l7/yagZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTIzMDcyNTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYThiYzJhMTk4YjBjNjhhZmI1ZDUzNDBjMWIxZGZiNzI0ZWQ0NWM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6CzivneXyXtoyWHb37JG3eZKTonz
X6540f5t4J6lZM+Cfnu007lf/M0Zg7fi7DAcvEVrGyxH/5oEs+7inOLtQUST7WUc
ax1LqwbS/0LF368V/iiFxLs9Yx9VX9/G+9SqUH9mSogOrS/FRRD2pq0j5rHe79xL
uY2SiUeDgrwq7ba4IHfalZzApomcM4rHzQzNbzOV4SsPN/A1uI37v2DXstJPJAaW
h6+qGG3P5wu2mA0+q7MIfPYcKIRiCD12PEan8V48J1l0ETBVUR6lhvVcFSTMKZBK
iKBpuF1U5B7iLolkjCqN7TUrhJNna/YmVhNOobrm1MkJLq+BKOVo1TJkKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOqLwqGYsMaK+11TQMGx37ck7UXFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNm92Q29aaXd4b3I3WFZOQXdiSGZ0eVR0UmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQARTTLpcqLBixJtw4kg/kEjsbMqV+nhFXZPnRetJIah
amkVcRkU0665fHUnDjXe6PMiisRUYBklSfVErLrNGjjtCSZcLDlVuOmBGZ9nNCI8
Y91e361uSyBhiiwT5wv6/c4IuhgIoabC+d/1ToUG8VeU9uzXh5T5qqjkEPAqS/x0
ynxXkEfsBiinWKgkI7A2Kww9nWFJe83LiDFOi1Jt853ntS+hqaal0R0rZLgVUNVB
iq3HTbB6Gp+rCj+l/sVEKFySNwLyJwZX5O6Jgj+hf+vLMa+zGFy1HGgMgWKFFfb3
iMjnZdctq7czUsYtViT6bgt/SJQixWM4LEvMCHuy1JwX
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:07:35 2025 by rpki-client