Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BnZzTOCwlwZYpxShTJgN3yt59bg.roa
File: BnZzTOCwlwZYpxShTJgN3yt59bg.roa (raw, json)
Hash identifier: Ul/efWBpwHKzuX+HhiRC6RIp6PLV47lTLSxuphVaSEI=
Subject key identifier: 06:76:73:4C:E0:B0:97:06:58:A7:14:A1:4C:98:0D:DF:2B:79:F5:B8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E9E91967AE9CF068E05B2E119DCAE7AB6
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BnZzTOCwlwZYpxShTJgN3yt59bg.roa
Signing time: Tue 02 Apr 2024 11:28:45 +0000
ROA not before: Tue 02 Apr 2024 11:28:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211415
IP address blocks: 109.176.29.0/24 maxlen: 24
109.176.31.0/24 maxlen: 24
213.218.242.0/24 maxlen: 24
217.145.65.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 02 Sep 2024 15:32:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9e:91:96:7a:e9:cf:06:8e:05:b2:e1:19:dc:ae:7a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 2 11:28:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0676734ce0b0970658a714a14c980ddf2b79f5b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:71:ce:7d:96:49:a5:d6:f5:9b:6b:ec:69:64:
8e:4e:d5:f7:fc:1c:4c:cb:03:34:fd:ee:bc:7a:34:
8f:0e:a5:ac:3b:72:4b:d6:cd:12:d1:c6:c0:8f:a3:
44:f0:f4:95:a0:24:6d:9c:dd:49:46:05:9b:fa:39:
a7:0a:c5:1d:fe:ad:f1:0c:0d:09:73:7c:a3:3e:8b:
a6:3f:10:fd:18:b1:b1:a9:25:ca:e3:0b:e4:94:f5:
65:9a:59:b4:5d:e2:90:f3:25:a1:82:a4:47:01:39:
e7:a3:d7:46:39:4d:56:03:49:0b:db:0c:53:10:f5:
74:c1:62:33:b0:4f:d0:0b:68:0d:15:35:0c:f1:69:
ec:95:eb:d7:0d:e7:4a:39:cc:d4:00:c5:29:9c:ec:
fb:2d:9a:60:4b:2d:46:75:31:d8:8b:0c:7f:10:02:
f7:b9:1a:5b:d8:52:22:0c:47:89:21:fc:4b:10:7e:
b9:e9:b7:76:2c:02:6a:dc:26:e9:98:4b:ea:51:bf:
a8:47:ef:fe:08:82:cf:83:16:14:92:2c:04:2a:b4:
3a:4f:a0:bf:89:49:38:95:4c:f5:c4:d5:f7:29:cf:
fe:d9:83:0a:0f:20:32:e2:84:7d:85:a0:4a:65:d9:
e5:83:c5:af:6c:53:7d:5d:7f:7e:59:d4:03:6d:b8:
11:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:76:73:4C:E0:B0:97:06:58:A7:14:A1:4C:98:0D:DF:2B:79:F5:B8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/BnZzTOCwlwZYpxShTJgN3yt59bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.29.0/24
109.176.31.0/24
213.218.242.0/24
217.145.65.0/24
Signature Algorithm: sha256WithRSAEncryption
34:1f:a9:7f:28:ba:ad:f4:05:e5:e8:8f:ad:fc:54:6e:a4:cb:
2a:f6:f7:14:da:89:b3:f7:af:b9:3c:c0:9d:48:a6:b5:18:7b:
69:e6:9e:a7:f4:7e:f0:90:01:a5:ae:2b:31:a8:14:8d:ba:41:
6c:46:fb:7e:3e:b9:45:b9:b4:44:ef:76:03:63:4d:1e:30:5c:
a8:0a:02:a2:0d:c5:5e:dc:64:92:7d:94:5b:96:75:21:59:12:
47:5d:db:7a:b9:d5:4a:13:53:f2:71:33:d2:ed:09:8f:5c:0f:
ab:01:49:5d:dd:ac:b9:a4:22:8d:3b:5a:5c:99:fc:ce:27:b0:
7a:d6:00:b7:58:18:c5:2b:65:97:30:4d:e5:85:2b:68:8b:a6:
9b:93:d5:5a:c4:10:e9:17:c2:77:83:ce:e4:ea:69:72:c6:db:
5d:cc:5f:95:02:dc:d8:2f:77:08:70:0d:4e:24:0d:44:b1:99:
6d:ad:c2:77:06:bd:41:b5:ea:56:bd:48:19:2b:99:be:27:4d:
d8:19:cc:85:c0:88:cb:3f:a5:59:af:a7:2f:88:0d:3e:e9:5f:
5d:c6:f0:5e:4a:27:62:01:fa:a6:29:52:36:ba:94:2a:07:a3:
80:c7:c3:09:fe:b7:22:5a:35:77:43:2d:a9:5a:a2:7a:ae:04:
10:c4:d5:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6ekZZ66c8GjgWy4Rncrnq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDAyMTEyODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc2NzM0Y2UwYjA5NzA2NThhNzE0YTE0Yzk4MGRkZjJiNzlmNWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13HOfZZJpdb1m2vsaWSOTtX3/BxM
ywM0/e68ejSPDqWsO3JL1s0S0cbAj6NE8PSVoCRtnN1JRgWb+jmnCsUd/q3xDA0J
c3yjPoumPxD9GLGxqSXK4wvklPVlmlm0XeKQ8yWhgqRHATnno9dGOU1WA0kL2wxT
EPV0wWIzsE/QC2gNFTUM8WnslevXDedKOczUAMUpnOz7LZpgSy1GdTHYiwx/EAL3
uRpb2FIiDEeJIfxLEH656bd2LAJq3CbpmEvqUb+oR+/+CILPgxYUkiwEKrQ6T6C/
iUk4lUz1xNX3Kc/+2YMKDyAy4oR9haBKZdnlg8WvbFN9XX9+WdQDbbgRhQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAZ2c0zgsJcGWKcUoUyYDd8refW4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQm5aelRPQ3dsd1pZcHhTaFRKZ04zeXQ1OWJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbbAdAwQA
bbAfAwQA1dryAwQA2ZFBMA0GCSqGSIb3DQEBCwUAA4IBAQA0H6l/KLqt9AXl6I+t
/FRupMsq9vcU2omz96+5PMCdSKa1GHtp5p6n9H7wkAGlrisxqBSNukFsRvt+PrlF
ubRE73YDY00eMFyoCgKiDcVe3GSSfZRblnUhWRJHXdt6udVKE1PycTPS7QmPXA+r
AUld3ay5pCKNO1pcmfzOJ7B61gC3WBjFK2WXME3lhStoi6abk9VaxBDpF8J3g87k
6mlyxttdzF+VAtzYL3cIcA1OJA1EsZltrcJ3Br1BtepWvUgZK5m+J03YGcyFwIjL
P6VZr6cviA0+6V9dxvBeSidiAfqmKVI2upQqB6OAx8MJ/rciWjV3Qy2pWqJ6rgQQ
xNWr
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:08 2025 by rpki-client