Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9GAtQYssRDGVgjNRyKCZ5zRM9IQ.roa
File: 9GAtQYssRDGVgjNRyKCZ5zRM9IQ.roa (raw, json)
Hash identifier: m5NE4gUBVRZ4vSY7MntCY2opldU2Z9N8W3PLGo1lEvI=
Subject key identifier: F4:60:2D:41:8B:2C:44:31:95:82:33:51:C8:A0:99:E7:34:4C:F4:84
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC34947A7DCAAE9F68066514B1910B23C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9GAtQYssRDGVgjNRyKCZ5zRM9IQ.roa
Signing time: Mon 01 Jan 2024 04:30:08 +0000
ROA not before: Mon 01 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 109.176.255.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Sep 2024 13:43:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:47:a7:dc:aa:e9:f6:80:66:51:4b:19:10:b2:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f4602d418b2c443195823351c8a099e7344cf484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:6a:c7:72:24:8c:df:9f:5f:d2:a2:c2:fe:b2:
75:1b:39:d3:62:45:dc:19:ae:a2:2c:89:28:dc:42:
61:17:88:25:22:2e:1c:ac:2e:43:8e:f8:23:75:85:
88:a8:e7:6b:24:66:2d:6c:de:3a:78:ec:b6:f5:7c:
39:1d:ef:43:1c:38:9d:3e:6c:05:4a:0d:74:fc:94:
00:86:bd:8f:d5:08:86:62:27:14:cd:ec:0f:dd:21:
e1:71:08:fb:fa:2e:40:0f:12:49:6b:3a:0b:2b:e3:
d4:c5:73:b8:be:a3:a9:78:b6:24:f0:a9:ab:a9:08:
00:ad:db:bb:2c:a4:59:f3:ec:3e:18:37:75:c0:b0:
c8:42:dd:d1:a0:68:82:87:31:d6:b8:ea:ea:7b:64:
69:00:f1:d0:de:79:c8:17:29:a5:44:ca:dd:e2:e5:
f4:91:80:05:ad:11:63:c8:7d:62:65:59:fd:67:9d:
d1:7c:26:23:3e:34:11:3c:2d:5d:da:48:ba:9a:39:
49:fc:9f:9d:6a:a0:c4:a3:bf:7d:43:8c:d0:03:cb:
40:60:49:a5:b9:4e:1b:ae:ac:90:ca:2f:70:9f:e2:
a1:fd:17:25:f2:cd:1b:79:ab:f3:6f:15:f7:6e:d3:
c5:bf:0c:af:4b:3f:3a:95:50:28:bb:93:10:03:b8:
ce:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:60:2D:41:8B:2C:44:31:95:82:33:51:C8:A0:99:E7:34:4C:F4:84
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/9GAtQYssRDGVgjNRyKCZ5zRM9IQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.255.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:12:42:fe:88:24:0d:db:e2:36:c3:44:92:04:fd:11:22:ff:
ae:43:97:10:82:5b:f7:98:3a:56:55:a5:91:76:6e:0c:cb:e6:
e0:55:7a:65:b3:01:61:33:01:ad:59:ec:35:d8:c4:5f:50:8c:
0c:fd:cc:f8:8f:c6:26:b2:b3:d8:64:e7:25:01:c7:66:ba:ef:
4b:d0:af:88:17:83:b6:b7:44:ba:13:98:4d:0b:0b:f0:28:b0:
c1:81:3a:4e:9e:a8:ef:31:83:60:7a:5f:f0:6e:04:03:32:6b:
af:87:24:99:8d:75:2d:5e:a7:3c:82:1c:b6:dd:59:0d:ae:2f:
34:71:b2:58:75:ea:cd:8c:bf:42:ab:71:1c:a3:7f:a6:2b:51:
07:f6:c3:7c:07:58:ad:c7:47:c0:bd:8c:3c:11:3a:2c:4a:5a:
62:25:e9:f5:1f:4f:b0:77:dd:15:cf:d8:00:e6:41:a3:06:4b:
3b:2c:4d:c0:f4:a2:1b:d1:ce:80:f6:3b:f9:57:8a:fb:17:ce:
8f:80:46:6c:0d:87:5a:07:27:2b:1c:9c:88:ad:aa:3d:20:40:
0b:13:f8:4c:f7:dc:6f:15:5e:ac:75:28:54:65:fc:0e:57:9c:
3b:2f:ca:6c:2f:45:59:1a:c5:71:76:0f:fb:5e:ab:bb:4f:23:
d6:83:63:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUen3Krp9oBmUUsZELI8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDYwMmQ0MThiMmM0NDMxOTU4MjMzNTFjOGEwOTllNzM0NGNmNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWrHciSM359f0qLC/rJ1GznTYkXc
Ga6iLIko3EJhF4glIi4crC5DjvgjdYWIqOdrJGYtbN46eOy29Xw5He9DHDidPmwF
Sg10/JQAhr2P1QiGYicUzewP3SHhcQj7+i5ADxJJazoLK+PUxXO4vqOpeLYk8Kmr
qQgArdu7LKRZ8+w+GDd1wLDIQt3RoGiChzHWuOrqe2RpAPHQ3nnIFymlRMrd4uX0
kYAFrRFjyH1iZVn9Z53RfCYjPjQRPC1d2ki6mjlJ/J+daqDEo799Q4zQA8tAYEml
uU4brqyQyi9wn+Kh/Rcl8s0beavzbxX3btPFvwyvSz86lVAou5MQA7jOqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPRgLUGLLEQxlYIzUcigmec0TPSEMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvOUdBdFFZc3NSREdWZ2pOUnlLQ1o1elJNOUlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD/MA0G
CSqGSIb3DQEBCwUAA4IBAQB9EkL+iCQN2+I2w0SSBP0RIv+uQ5cQglv3mDpWVaWR
dm4My+bgVXplswFhMwGtWew12MRfUIwM/cz4j8YmsrPYZOclAcdmuu9L0K+IF4O2
t0S6E5hNCwvwKLDBgTpOnqjvMYNgel/wbgQDMmuvhySZjXUtXqc8ghy23VkNri80
cbJYderNjL9Cq3Eco3+mK1EH9sN8B1itx0fAvYw8ETosSlpiJen1H0+wd90Vz9gA
5kGjBks7LE3A9KIb0c6A9jv5V4r7F86PgEZsDYdaBycrHJyIrao9IEALE/hM99xv
FV6sdShUZfwOV5w7L8psL0VZGsVxdg/7Xqu7TyPWg2M7
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:32:52 2025 by rpki-client