Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FSYqySDcwKhv5D4xzQkBQnHBLT8.roa
File: FSYqySDcwKhv5D4xzQkBQnHBLT8.roa (raw, json)
Hash identifier: TRpUVktQwCo5QWbFXtX4+YJhaqEa3eJfjCE079hUaIE=
Subject key identifier: 15:26:2A:C9:20:DC:C0:A8:6F:E4:3E:31:CD:09:01:42:71:C1:2D:3F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F2A01AB19CC778293464A872E2131DFCD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FSYqySDcwKhv5D4xzQkBQnHBLT8.roa
Signing time: Mon 29 Apr 2024 13:18:23 +0000
ROA not before: Mon 29 Apr 2024 13:18:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61272
IP address blocks: 109.176.18.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 May 2024 07:12:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2a:01:ab:19:cc:77:82:93:46:4a:87:2e:21:31:df:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 29 13:18:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=15262ac920dcc0a86fe43e31cd09014271c12d3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d9:2e:97:95:f3:d3:77:0c:35:fe:e9:1b:57:
22:8a:ea:b9:8d:93:9d:e5:1d:0d:00:1f:b5:3d:8b:
7d:bc:db:4f:42:b2:d7:a9:9e:5e:a5:64:7c:db:a8:
f8:34:f1:63:cf:b8:20:22:9b:ba:6c:d9:be:d4:8b:
f1:42:4a:f1:81:29:47:dc:ee:07:d4:ce:28:fc:74:
8e:ad:43:04:70:85:c0:bd:a5:68:4e:00:53:fc:02:
d7:08:fe:ef:07:eb:7c:17:b1:41:da:b0:0f:cd:ef:
2c:68:9c:23:d8:74:b0:3a:fa:35:68:3e:3e:93:b0:
64:80:72:8c:67:bf:63:62:87:1b:f3:9f:7d:ad:c7:
c9:a9:17:aa:3d:76:9d:d8:62:c3:d6:b5:f3:57:34:
02:b4:af:6f:e7:ae:91:cd:0c:9b:5b:0c:c5:39:aa:
36:83:8a:26:a3:20:f2:0a:be:b2:8a:16:81:cf:4e:
90:eb:88:d7:11:87:ce:01:1c:e6:bd:9a:98:93:b8:
84:2c:25:29:f6:7f:92:e0:68:12:b5:0d:58:10:2f:
09:e6:a4:52:47:c4:ce:28:8e:a5:c2:3b:1e:cd:5e:
01:15:52:6f:c8:e4:52:09:37:4d:50:e5:5a:b1:04:
a2:cf:02:57:76:2d:4d:3b:f9:15:20:62:37:fb:0d:
fc:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:26:2A:C9:20:DC:C0:A8:6F:E4:3E:31:CD:09:01:42:71:C1:2D:3F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/FSYqySDcwKhv5D4xzQkBQnHBLT8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.18.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:95:75:a8:fe:9a:a6:c2:9f:7f:33:44:6e:63:d1:38:75:81:
f4:95:86:8f:f1:ff:ec:d4:cb:c2:03:13:c0:45:a0:fe:a8:b4:
f1:ea:78:9a:6a:14:75:08:43:30:20:b8:25:fe:af:35:c3:b7:
a3:e9:c6:9b:b2:9a:f2:aa:7c:9b:01:cf:84:2c:68:cc:24:3c:
e5:97:e9:4e:85:4f:47:95:18:c5:9a:cf:17:3e:d2:25:b6:99:
a5:8e:84:eb:b2:9f:8e:2f:e9:32:88:21:1f:e3:94:94:94:ad:
c6:ca:8f:99:3f:8d:73:9b:51:d3:37:4d:0b:68:22:b9:87:a0:
04:ad:59:81:6b:1f:e2:09:2a:43:dc:9c:76:44:dc:9d:a0:ac:
92:39:75:94:25:41:9c:04:df:17:18:c0:5e:c3:43:74:f9:76:
ad:48:79:19:dd:68:0f:af:3a:7a:80:93:02:8b:c2:f9:28:7d:
9f:61:75:2d:c0:55:0f:54:dd:41:fc:6d:ac:be:f3:82:46:b5:
2f:cc:b2:0c:00:9e:19:4d:fe:f4:3d:24:82:61:8a:d7:c2:e2:
06:9d:0a:02:01:ed:28:43:28:a5:02:46:eb:e4:69:70:bd:1a:
bf:10:69:45:f6:f7:c6:45:43:61:01:71:0a:ba:36:7c:71:a4:
96:89:e8:d4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8qAasZzHeCk0ZKhy4hMd/NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI5MTMxODIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNTI2MmFjOTIwZGNjMGE4NmZlNDNlMzFjZDA5MDE0MjcxYzEyZDNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdkul5Xz03cMNf7pG1ciiuq5jZOd
5R0NAB+1PYt9vNtPQrLXqZ5epWR826j4NPFjz7ggIpu6bNm+1IvxQkrxgSlH3O4H
1M4o/HSOrUMEcIXAvaVoTgBT/ALXCP7vB+t8F7FB2rAPze8saJwj2HSwOvo1aD4+
k7BkgHKMZ79jYocb8599rcfJqReqPXad2GLD1rXzVzQCtK9v566RzQybWwzFOao2
g4omoyDyCr6yihaBz06Q64jXEYfOARzmvZqYk7iELCUp9n+S4GgStQ1YEC8J5qRS
R8TOKI6lwjsezV4BFVJvyORSCTdNUOVasQSizwJXdi1NO/kVIGI3+w38aQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBUmKskg3MCob+Q+Mc0JAUJxwS0/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRlNZcXlTRGN3S2h2NUQ0eHpRa0JRbkhCTFQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbASMA0G
CSqGSIb3DQEBCwUAA4IBAQCtlXWo/pqmwp9/M0RuY9E4dYH0lYaP8f/s1MvCAxPA
RaD+qLTx6niaahR1CEMwILgl/q81w7ej6cabspryqnybAc+ELGjMJDzll+lOhU9H
lRjFms8XPtIltpmljoTrsp+OL+kyiCEf45SUlK3Gyo+ZP41zm1HTN00LaCK5h6AE
rVmBax/iCSpD3Jx2RNydoKySOXWUJUGcBN8XGMBew0N0+XatSHkZ3WgPrzp6gJMC
i8L5KH2fYXUtwFUPVN1B/G2svvOCRrUvzLIMAJ4ZTf70PSSCYYrXwuIGnQoCAe0o
QyilAkbr5GlwvRq/EGlF9vfGRUNhAXEKujZ8caSWiejU
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:27:20 2025 by rpki-client