Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa
File: Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa (raw, json)
Hash identifier: 2JRLfYyQII5ziQW/4Vy1y1/Y/v7jGCNR/FEcGT1FfWw=
Subject key identifier: 03:0B:BD:70:79:14:35:1F:D6:F6:38:FA:39:63:37:31:1B:1F:96:E4
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D54B2590517B4B3A6A17A8347AC06B943
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa
Signing time: Mon 29 Jan 2024 10:09:50 +0000
ROA not before: Mon 29 Jan 2024 10:09:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215668
IP address blocks: 109.176.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 11 May 2024 21:06:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:54:b2:59:05:17:b4:b3:a6:a1:7a:83:47:ac:06:b9:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 29 10:09:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=030bbd707914351fd6f638fa396337311b1f96e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c8:e8:2c:34:6e:65:91:61:de:68:d3:ec:44:
ff:c3:b4:00:27:69:74:fd:c9:dc:e4:8b:b3:ad:d4:
23:d5:d8:6c:b1:bd:93:8d:62:17:21:6e:bd:c4:94:
88:e1:c1:9a:40:e7:7d:24:52:9f:81:ee:1c:ef:c6:
ee:de:b5:9d:b2:ce:49:8a:e0:bf:75:86:f1:fe:fe:
54:4d:fa:2a:cb:2d:35:f7:db:74:57:4d:f7:c2:07:
ea:96:07:6e:d1:ba:67:01:4f:6a:94:08:52:4a:a8:
5c:02:92:b7:d0:5d:4d:79:db:8e:bf:be:3e:e3:35:
cd:5f:b3:e1:e9:da:0f:4d:9a:a4:ce:9d:8b:24:27:
0c:48:49:e9:2a:fb:47:b6:7d:48:92:47:9f:c4:8d:
bd:13:2e:9f:2f:78:ef:62:e5:19:0b:f9:92:17:d1:
84:e4:d9:02:13:13:18:e3:06:69:dc:d2:45:79:93:
06:1c:af:40:29:ad:da:b4:27:3d:f9:b5:bf:07:80:
20:f3:47:66:0b:4b:32:74:05:d3:9e:5d:c3:a8:62:
0b:d4:7c:79:2c:d1:92:4c:10:14:8e:ee:d6:13:c1:
22:62:c1:85:86:4a:c1:79:c0:f5:bd:64:68:f3:f6:
1e:f3:e9:25:ad:1f:06:97:56:60:a0:0c:c6:4b:2b:
57:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:0B:BD:70:79:14:35:1F:D6:F6:38:FA:39:63:37:31:1B:1F:96:E4
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/Awu9cHkUNR_W9jj6OWM3MRsfluQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:59:bf:fa:65:1d:ef:ab:2f:61:9b:17:99:4f:18:57:ac:be:
d3:31:a8:a7:d4:c4:2b:8d:de:20:b8:82:2d:86:74:99:95:92:
f0:b3:60:6b:1a:a2:15:9a:7d:26:6c:f0:75:53:9e:58:f6:0c:
4c:6e:65:e8:7a:b9:93:dc:71:58:fa:df:bf:66:5a:d9:6e:cf:
ba:b8:4d:f4:fe:fc:e0:fc:d3:b2:a7:af:99:96:27:91:b6:83:
f8:15:76:e1:79:ca:47:a5:c5:ea:9f:39:79:ff:fc:64:a9:c5:
68:05:c9:a9:96:42:2c:73:4e:4d:50:ab:37:50:9d:a6:de:c9:
78:25:93:b9:b6:ba:57:b5:96:ac:49:6e:ac:d1:fa:72:95:67:
18:9e:bd:8b:c5:c2:60:7f:81:82:d8:0e:1e:c6:f3:54:34:0d:
bd:bd:68:2e:73:64:c3:86:2f:b1:31:cd:cd:ad:00:b8:52:40:
ed:9a:e2:a6:a9:eb:c1:92:62:31:3b:89:be:a1:55:8b:59:2e:
e2:0f:aa:84:7f:b7:60:6d:e5:0b:aa:4d:1c:4e:1f:73:5b:6b:
c0:ab:86:5f:34:a4:2e:83:13:8c:d7:4b:f8:80:26:ae:98:bc:
8d:fc:3c:05:cf:cd:c1:aa:06:ef:6b:33:ef:2c:8b:99:eb:7b:
88:03:4f:e7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1UslkFF7SzpqF6g0esBrlDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTI5MTAwOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzBiYmQ3MDc5MTQzNTFmZDZmNjM4ZmEzOTYzMzczMTFiMWY5NmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncjoLDRuZZFh3mjT7ET/w7QAJ2l0
/cnc5IuzrdQj1dhssb2TjWIXIW69xJSI4cGaQOd9JFKfge4c78bu3rWdss5JiuC/
dYbx/v5UTfoqyy0199t0V033wgfqlgdu0bpnAU9qlAhSSqhcApK30F1NeduOv74+
4zXNX7Ph6doPTZqkzp2LJCcMSEnpKvtHtn1IkkefxI29Ey6fL3jvYuUZC/mSF9GE
5NkCExMY4wZp3NJFeZMGHK9AKa3atCc9+bW/B4Ag80dmC0sydAXTnl3DqGIL1Hx5
LNGSTBAUju7WE8EiYsGFhkrBecD1vWRo8/Ye8+klrR8Gl1ZgoAzGSytXJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAMLvXB5FDUf1vY4+jljNzEbH5bkMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQXd1OWNIa1VOUl9XOWpqNk9XTTNNUnNmbHVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQCMWb/6ZR3vqy9hmxeZTxhXrL7TMain1MQrjd4guIIt
hnSZlZLws2BrGqIVmn0mbPB1U55Y9gxMbmXoermT3HFY+t+/ZlrZbs+6uE30/vzg
/NOyp6+ZlieRtoP4FXbhecpHpcXqnzl5//xkqcVoBcmplkIsc05NUKs3UJ2m3sl4
JZO5trpXtZasSW6s0fpylWcYnr2LxcJgf4GC2A4exvNUNA29vWguc2TDhi+xMc3N
rQC4UkDtmuKmqevBkmIxO4m+oVWLWS7iD6qEf7dgbeULqk0cTh9zW2vAq4ZfNKQu
gxOM10v4gCaumLyN/DwFz83BqgbvazPvLIuZ63uIA0/n
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:12:36 2025 by rpki-client