Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ag-hMgL3tb83iRa-EJipbUX7X1Y.roa
File: Ag-hMgL3tb83iRa-EJipbUX7X1Y.roa (raw, json)
Hash identifier: Q4S/UjCZUCzLhfPhFX9kND+z3D7ELmHc1fq2RBXzmtA=
Subject key identifier: 02:0F:A1:32:02:F7:B5:BF:37:89:16:BE:10:98:A9:6D:45:FB:5F:56
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01913787AF1AF13CD2697C687239F5AEC79D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ag-hMgL3tb83iRa-EJipbUX7X1Y.roa
Signing time: Fri 09 Aug 2024 14:25:24 +0000
ROA not before: Fri 09 Aug 2024 14:25:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214466
IP address blocks: 109.176.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 18 Oct 2024 08:39:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:37:87:af:1a:f1:3c:d2:69:7c:68:72:39:f5:ae:c7:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 9 14:25:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=020fa13202f7b5bf378916be1098a96d45fb5f56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:fe:a7:16:ad:38:3a:8b:51:fa:47:5e:35:9a:
3c:a7:d3:96:61:c5:87:26:b7:45:ea:2a:51:e3:d5:
47:26:5b:ae:88:70:9d:a2:10:3c:71:8b:1b:c5:42:
2c:08:e0:6b:7c:33:89:73:6a:5c:bc:9d:56:d1:de:
26:c6:5a:b5:98:15:00:38:f6:d6:5e:85:45:2a:09:
22:83:2a:76:a5:da:63:fc:74:cd:b6:56:00:d5:6f:
7c:af:d6:13:b0:ca:19:cf:0e:fc:fe:4f:f6:ce:66:
59:94:8c:18:b3:93:f7:c6:6b:a6:a2:54:64:7b:c3:
f6:3d:02:9d:0d:98:76:6d:67:c4:2b:71:29:d2:2b:
3e:50:b4:2a:fb:c2:45:c3:91:0d:7f:d4:b0:bc:0b:
cd:2b:2a:30:bb:fe:92:95:9c:4f:cc:b3:0d:b6:1a:
b5:c9:b9:43:a9:c9:a7:32:63:ac:d8:71:91:25:f2:
ff:43:28:0a:4a:3d:c3:29:77:2d:90:f7:26:ba:82:
67:bb:51:95:f2:90:c6:76:9e:f5:e9:a1:cf:4f:17:
fe:23:c9:16:ad:4c:30:7a:cb:3a:91:a4:ab:a3:f9:
9e:d5:05:41:f2:af:06:fd:d8:e6:59:de:55:7c:34:
3a:61:3c:b2:38:e3:4b:29:34:a6:5d:85:e8:49:ee:
62:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:0F:A1:32:02:F7:B5:BF:37:89:16:BE:10:98:A9:6D:45:FB:5F:56
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Ag-hMgL3tb83iRa-EJipbUX7X1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
47:e2:f6:13:c5:32:a3:2d:42:d3:9f:af:c7:f9:f0:6b:96:e3:
34:ac:09:f1:d0:b2:1e:04:d4:8f:b2:1e:7a:ac:4f:f1:8c:10:
ac:c1:d4:ad:9c:d0:9e:d6:2a:12:77:36:4b:06:f2:1e:43:b3:
7b:2a:8c:ec:c5:07:f5:df:df:6d:fe:80:fc:92:58:b3:03:fc:
22:ec:03:96:14:f4:66:ca:00:35:30:a1:65:9a:58:0b:a3:ba:
a9:5c:1d:85:0e:36:18:e4:5f:f7:f8:98:48:d7:79:02:30:9d:
3f:39:3d:47:ee:ff:42:ae:34:a8:e1:59:f1:8f:4e:8e:30:52:
68:1e:b0:03:95:c8:3e:bc:1d:ec:1c:aa:8a:f8:00:59:d2:2f:
42:ad:5e:5c:ff:7e:7f:31:92:4e:87:d8:d6:08:32:0b:eb:2b:
df:a3:54:10:bc:e1:8c:dc:f6:45:17:c0:4d:13:67:99:d5:10:
8e:48:34:a0:e7:dc:20:e0:b7:7d:18:23:b9:ad:f6:3f:84:e1:
60:63:1b:16:c3:30:58:22:11:74:8b:4d:2e:79:22:9c:5c:38:
64:ba:19:fe:65:ee:15:99:80:5a:8a:8d:f4:2d:cc:83:d4:b4:
20:da:db:21:f1:fb:f9:fe:ff:12:b7:da:52:98:3d:a5:70:85:
34:21:ee:00
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZE3h68a8TzSaXxocjn1rsedMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwODA5MTQyNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjBmYTEzMjAyZjdiNWJmMzc4OTE2YmUxMDk4YTk2ZDQ1ZmI1ZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqf6nFq04OotR+kdeNZo8p9OWYcWH
JrdF6ipR49VHJluuiHCdohA8cYsbxUIsCOBrfDOJc2pcvJ1W0d4mxlq1mBUAOPbW
XoVFKgkigyp2pdpj/HTNtlYA1W98r9YTsMoZzw78/k/2zmZZlIwYs5P3xmumolRk
e8P2PQKdDZh2bWfEK3Ep0is+ULQq+8JFw5ENf9SwvAvNKyowu/6SlZxPzLMNthq1
yblDqcmnMmOs2HGRJfL/QygKSj3DKXctkPcmuoJnu1GV8pDGdp716aHPTxf+I8kW
rUwwess6kaSro/me1QVB8q8G/djmWd5VfDQ6YTyyOONLKTSmXYXoSe5ipwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAIPoTIC97W/N4kWvhCYqW1F+19WMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQWctaE1nTDN0YjgzaVJhLUVKaXBiVVg3WDFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQBH4vYTxTKjLULTn6/H+fBrluM0rAnx0LIeBNSPsh56
rE/xjBCswdStnNCe1ioSdzZLBvIeQ7N7KozsxQf1399t/oD8klizA/wi7AOWFPRm
ygA1MKFlmlgLo7qpXB2FDjYY5F/3+JhI13kCMJ0/OT1H7v9CrjSo4Vnxj06OMFJo
HrADlcg+vB3sHKqK+ABZ0i9CrV5c/35/MZJOh9jWCDIL6yvfo1QQvOGM3PZFF8BN
E2eZ1RCOSDSg59wg4Ld9GCO5rfY/hOFgYxsWwzBYIhF0i00ueSKcXDhkuhn+Ze4V
mYBaio30LcyD1LQg2tsh8fv5/v8St9pSmD2lcIU0Ie4A
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:35 2025 by rpki-client