Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsHT8i1JLWTs1lAPqx1e4KGH3ZE.roa
File: CsHT8i1JLWTs1lAPqx1e4KGH3ZE.roa (raw, json)
Hash identifier: nze5En/C4IpToXXp8X1P2LFcFt1B3DNAgFdWU0q3P20=
Subject key identifier: 0A:C1:D3:F2:2D:49:2D:64:EC:D6:50:0F:AB:1D:5E:E0:A1:87:DD:91
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F2FAB06A998E0128D2E86083BCF5CE13B
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsHT8i1JLWTs1lAPqx1e4KGH3ZE.roa
Signing time: Tue 30 Apr 2024 15:41:28 +0000
ROA not before: Tue 30 Apr 2024 15:41:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48753
IP address blocks: 109.176.21.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 16 May 2024 12:44:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2f:ab:06:a9:98:e0:12:8d:2e:86:08:3b:cf:5c:e1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 30 15:41:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ac1d3f22d492d64ecd6500fab1d5ee0a187dd91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:26:e1:8e:d6:c9:f7:1d:90:6e:8f:07:3b:dc:
f3:1f:44:3d:26:c7:95:d7:17:4b:79:52:cd:2d:7f:
fb:dc:fd:f2:df:7b:11:b8:ad:7d:20:4e:78:89:90:
c0:39:d2:bc:04:c3:85:57:99:20:e5:48:73:8c:12:
cb:ab:26:88:ed:71:75:44:49:d5:ac:01:08:b7:31:
0a:80:0e:3d:75:30:9b:c7:af:ab:fe:6e:25:c4:c5:
b4:74:a2:35:e5:ca:0b:23:52:dd:65:8b:a2:a8:07:
bf:38:ef:e9:c6:9d:12:6a:54:9e:93:e0:7f:01:37:
08:81:f8:5b:94:67:ed:1a:b4:e8:9b:8b:b0:45:db:
0b:b0:4c:ec:79:65:7f:f8:07:c4:fd:b9:e2:82:90:
43:ab:a4:1e:e9:99:2f:d9:a6:44:97:e9:8c:75:4c:
b8:38:bd:51:56:e7:9c:61:4d:59:71:de:6c:4c:ea:
15:f0:f8:c6:a6:6f:78:57:31:bb:18:c7:14:20:50:
56:04:1a:05:a9:2e:5d:b9:bb:89:5c:99:c7:29:da:
b8:28:47:f9:93:48:92:59:bd:74:f1:53:b1:10:0c:
ec:57:8a:d2:d5:91:3a:c2:92:b7:9a:74:27:e5:e9:
25:a7:fe:e2:e3:8d:2a:df:18:f7:78:0c:42:9a:0c:
99:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:C1:D3:F2:2D:49:2D:64:EC:D6:50:0F:AB:1D:5E:E0:A1:87:DD:91
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/CsHT8i1JLWTs1lAPqx1e4KGH3ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.21.0/24
Signature Algorithm: sha256WithRSAEncryption
68:45:02:43:a7:75:16:30:d1:5d:1e:55:9a:20:b1:f3:36:8d:
b5:8d:5a:0e:a4:f2:55:8b:7e:e2:c7:6f:8e:0b:0e:d3:b3:6d:
0a:3f:a0:22:11:03:30:51:c8:6b:e3:df:2b:5a:46:14:fb:c9:
35:60:8c:92:91:49:b7:e2:64:29:f2:b1:0d:f1:f4:23:de:af:
6c:4a:b7:35:b7:2a:c2:ab:7d:3a:2d:89:be:e8:92:da:4b:fc:
21:c4:fc:6f:ec:eb:e1:d3:60:e7:e2:77:43:e8:13:f4:47:d0:
3d:dd:2d:c6:8b:e0:81:cc:b9:97:c7:1a:c7:03:4d:70:c0:26:
ca:05:3e:64:13:c7:39:7b:62:3b:2f:4f:51:c6:bc:25:2c:6a:
ef:a4:88:cb:01:59:98:89:5f:c8:05:7d:64:b1:2a:71:34:37:
c7:19:ad:cb:25:0e:6d:49:d6:35:3e:c0:6f:05:d5:a6:62:25:
dc:53:30:2e:64:02:3a:f2:5d:5b:82:8b:86:03:be:06:f9:56:
24:8a:c9:95:3f:d7:6b:3c:67:1b:b2:8c:00:09:c5:ae:f5:1b:
84:bd:4d:94:fe:18:a2:cc:c8:6e:3a:2b:e4:ba:c5:5a:b4:45:
ff:79:e9:55:ef:18:33:72:6e:8a:b2:49:21:31:d3:36:df:74:
64:be:17:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8vqwapmOASjS6GCDvPXOE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDMwMTU0MTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWMxZDNmMjJkNDkyZDY0ZWNkNjUwMGZhYjFkNWVlMGExODdkZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyibhjtbJ9x2Qbo8HO9zzH0Q9JseV
1xdLeVLNLX/73P3y33sRuK19IE54iZDAOdK8BMOFV5kg5UhzjBLLqyaI7XF1REnV
rAEItzEKgA49dTCbx6+r/m4lxMW0dKI15coLI1LdZYuiqAe/OO/pxp0SalSek+B/
ATcIgfhblGftGrTom4uwRdsLsEzseWV/+AfE/bnigpBDq6Qe6Zkv2aZEl+mMdUy4
OL1RVuecYU1Zcd5sTOoV8PjGpm94VzG7GMcUIFBWBBoFqS5dubuJXJnHKdq4KEf5
k0iSWb108VOxEAzsV4rS1ZE6wpK3mnQn5eklp/7i440q3xj3eAxCmgyZ4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArB0/ItSS1k7NZQD6sdXuChh92RMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQ3NIVDhpMUpMV1RzMWxBUHF4MWU0S0dIM1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbAVMA0G
CSqGSIb3DQEBCwUAA4IBAQBoRQJDp3UWMNFdHlWaILHzNo21jVoOpPJVi37ix2+O
Cw7Ts20KP6AiEQMwUchr498rWkYU+8k1YIySkUm34mQp8rEN8fQj3q9sSrc1tyrC
q306LYm+6JLaS/whxPxv7Ovh02Dn4ndD6BP0R9A93S3Gi+CBzLmXxxrHA01wwCbK
BT5kE8c5e2I7L09RxrwlLGrvpIjLAVmYiV/IBX1ksSpxNDfHGa3LJQ5tSdY1PsBv
BdWmYiXcUzAuZAI68l1bgouGA74G+VYkismVP9drPGcbsowACcWu9RuEvU2U/hii
zMhuOivkusVatEX/eelV7xgzcm6KskkhMdM233Rkvhf5
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:38 2025 by rpki-client