Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8rxtHJKnoI7umNavNLrBt0L5GUg.roa
File: 8rxtHJKnoI7umNavNLrBt0L5GUg.roa (raw, json)
Hash identifier: H3XNjcO12cYtgghV3kNeppSCUIPxOdgPxkxeexrUjsE=
Subject key identifier: F2:BC:6D:1C:92:A7:A0:8E:EE:98:D6:AF:34:BA:C1:B7:42:F9:19:48
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01938CEEA758330E3C987C72BB507F738916
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8rxtHJKnoI7umNavNLrBt0L5GUg.roa
Signing time: Tue 03 Dec 2024 14:31:10 +0000
ROA not before: Tue 03 Dec 2024 14:31:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214466
IP address blocks: 109.176.253.0/24 maxlen: 24
213.218.251.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:8c:ee:a7:58:33:0e:3c:98:7c:72:bb:50:7f:73:89:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 3 14:31:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f2bc6d1c92a7a08eee98d6af34bac1b742f91948
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:21:0a:32:bb:fd:85:e3:70:5a:73:31:aa:03:
5a:ef:82:d6:17:dc:74:ae:bc:c2:be:cb:1a:a2:da:
05:f5:1e:07:f4:88:84:f9:11:ae:6f:01:07:5e:82:
91:75:9d:48:6d:14:53:4a:03:43:dc:fd:4a:41:f3:
a5:d0:21:b0:58:6d:ce:39:dc:8a:9c:18:55:2b:ee:
af:2c:66:9d:a4:44:fe:3f:02:94:f6:3d:7b:99:ba:
9f:f6:8a:b5:a6:0c:21:81:26:f9:ee:96:33:4e:b0:
e2:04:ad:65:ba:cd:8b:55:d0:f2:09:0c:f7:d9:51:
a8:91:c3:a7:a1:02:41:17:71:93:5a:31:f0:e3:25:
6b:21:1f:e1:b0:01:be:53:9b:30:b1:4e:88:3a:5c:
0e:a4:0c:1b:a2:67:9c:2b:2f:ac:4a:50:e7:0e:44:
36:7f:13:99:80:7d:5c:8f:41:5e:49:16:d2:43:a1:
53:f3:95:d1:1a:79:b3:74:08:a9:87:49:a8:0a:f2:
65:57:3b:fe:2e:bf:08:27:9a:2b:30:48:42:04:67:
e1:ff:27:52:a6:7c:ff:cd:78:54:67:28:51:c2:f4:
df:56:bb:42:7a:8e:3f:f0:9c:c9:a2:01:d8:11:ba:
14:fb:7f:6b:08:ce:f9:cf:10:9b:19:c4:a6:b8:ce:
11:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:BC:6D:1C:92:A7:A0:8E:EE:98:D6:AF:34:BA:C1:B7:42:F9:19:48
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/8rxtHJKnoI7umNavNLrBt0L5GUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.253.0/24
213.218.251.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:60:5a:33:b7:6d:47:10:52:fa:a9:69:63:4c:1b:19:0d:07:
a2:89:93:6a:7b:45:b2:bb:60:88:20:45:14:d5:25:7d:c0:1f:
83:21:c9:8a:ae:40:61:4e:96:1d:f8:95:c7:c3:61:69:49:0f:
77:8e:cb:ac:03:0e:30:1d:75:91:01:f4:86:9b:ef:50:4f:90:
09:82:32:10:ed:ad:ac:41:a4:5d:48:2c:9f:63:b7:a7:72:b8:
69:39:17:79:c7:07:dd:1d:a6:57:64:ac:e8:59:d1:40:0a:e1:
3e:65:e0:d3:4c:80:c1:51:ec:9a:9b:93:28:02:bf:c9:64:20:
9b:d9:de:77:49:ee:2e:00:d5:ec:60:f0:cb:2f:47:86:c7:7c:
72:89:d5:60:58:6f:e0:6b:e2:f1:f9:f6:bf:4a:79:2b:06:92:
80:8b:7d:85:52:d2:89:f4:b4:1b:4c:1f:b0:40:25:f3:65:1f:
1a:b3:20:d2:d6:9b:4b:b1:6b:d0:14:3e:f0:28:a6:da:ef:fd:
a1:0b:bf:be:cb:3b:0a:47:5a:d7:bf:70:71:88:77:b0:09:c8:
0a:15:65:81:50:a1:00:55:80:bb:49:9b:20:bc:7c:2d:96:18:
65:61:81:6e:63:2e:83:14:e0:b3:83:fa:14:d0:5a:da:df:6a:
d6:6f:bf:33
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZOM7qdYMw48mHxyu1B/c4kWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjAzMTQzMTEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmJjNmQxYzkyYTdhMDhlZWU5OGQ2YWYzNGJhYzFiNzQyZjkxOTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtCEKMrv9heNwWnMxqgNa74LWF9x0
rrzCvssaotoF9R4H9IiE+RGubwEHXoKRdZ1IbRRTSgND3P1KQfOl0CGwWG3OOdyK
nBhVK+6vLGadpET+PwKU9j17mbqf9oq1pgwhgSb57pYzTrDiBK1lus2LVdDyCQz3
2VGokcOnoQJBF3GTWjHw4yVrIR/hsAG+U5swsU6IOlwOpAwbomecKy+sSlDnDkQ2
fxOZgH1cj0FeSRbSQ6FT85XRGnmzdAiph0moCvJlVzv+Lr8IJ5orMEhCBGfh/ydS
pnz/zXhUZyhRwvTfVrtCeo4/8JzJogHYEboU+39rCM75zxCbGcSmuM4R4QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPK8bRySp6CO7pjWrzS6wbdC+RlIMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOHJ4dEhKS25vSTd1bU5hdk5MckJ0MEw1R1VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbD9AwQA
1dr7MA0GCSqGSIb3DQEBCwUAA4IBAQCbYFozt21HEFL6qWljTBsZDQeiiZNqe0Wy
u2CIIEUU1SV9wB+DIcmKrkBhTpYd+JXHw2FpSQ93jsusAw4wHXWRAfSGm+9QT5AJ
gjIQ7a2sQaRdSCyfY7encrhpORd5xwfdHaZXZKzoWdFACuE+ZeDTTIDBUeyam5Mo
Ar/JZCCb2d53Se4uANXsYPDLL0eGx3xyidVgWG/ga+Lx+fa/SnkrBpKAi32FUtKJ
9LQbTB+wQCXzZR8asyDS1ptLsWvQFD7wKKba7/2hC7++yzsKR1rXv3BxiHewCcgK
FWWBUKEAVYC7SZsgvHwtlhhlYYFuYy6DFOCzg/oU0Fra32rWb78z
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:17 2025 by rpki-client