Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa
File: HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa (raw, json)
Hash identifier: kBoBTe7q7XhoFZMEvHP7UI7ONUiWcvtx7UEOV+QVJoU=
Subject key identifier: 1D:C9:A0:24:39:9D:78:87:EF:94:37:85:19:5F:C9:93:CA:B0:55:2A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F816E5D4BE639A73778D0ECA0361660D9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa
Signing time: Thu 16 May 2024 12:44:04 +0000
ROA not before: Thu 16 May 2024 12:44:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48753
IP address blocks: 109.176.21.0/24 maxlen: 24
109.176.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 29 May 2024 08:16:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:81:6e:5d:4b:e6:39:a7:37:78:d0:ec:a0:36:16:60:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 16 12:44:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1dc9a024399d7887ef943785195fc993cab0552a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:89:12:b5:4d:cb:ee:66:9a:bc:85:d1:33:8f:
2c:40:3c:7d:b3:a6:92:62:c8:2d:94:2c:ae:79:5a:
f8:0c:49:ec:74:64:67:5c:b5:ba:e2:31:23:24:d7:
77:36:c8:e6:cf:fe:51:84:96:32:7d:bd:2e:4b:dd:
33:0d:69:1f:11:a7:42:35:ce:df:0c:c4:0c:9d:d9:
70:cb:ba:4d:19:31:5d:90:e5:f1:d3:7a:6a:e5:81:
26:c8:2b:85:91:29:69:7c:69:0a:06:f1:68:62:e2:
95:a5:d0:50:e1:19:e4:d9:3e:af:e5:bf:37:4a:f8:
05:c2:0f:b0:61:c5:d9:fb:71:ed:03:d8:38:75:2e:
e6:2e:9f:c2:7a:e6:1f:17:dc:c9:a3:af:5f:1a:1a:
72:6b:22:80:83:09:47:ae:1c:de:6c:3c:ef:8b:16:
24:15:1f:e9:10:f8:9c:3e:cd:de:47:0e:08:82:63:
39:6f:67:f3:1f:6c:e7:58:ee:56:57:3c:00:df:86:
c0:4a:e2:6b:60:ff:d6:a7:ab:e0:a5:54:5c:f5:94:
e2:e1:1b:df:f6:4b:6f:c3:0b:62:09:a0:47:46:04:
3f:7f:7c:70:9d:cc:c5:c7:7a:06:76:95:85:ed:1d:
ed:ac:d0:3e:41:e0:b2:c9:b9:95:ba:70:d7:03:87:
e2:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:C9:A0:24:39:9D:78:87:EF:94:37:85:19:5F:C9:93:CA:B0:55:2A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/HcmgJDmdeIfvlDeFGV_Jk8qwVSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.21.0/24
109.176.201.0/24
Signature Algorithm: sha256WithRSAEncryption
17:07:f6:d3:91:c1:32:d4:71:d3:15:e5:db:c1:77:04:8d:0d:
b8:d7:74:af:9a:b2:63:db:2e:f0:53:17:bd:53:b9:40:7e:ba:
8c:db:63:91:d1:0c:35:28:a3:13:1a:9e:32:06:c2:4b:e5:88:
48:ea:5d:dc:94:85:0e:87:cb:cf:83:2a:d1:12:88:87:b0:19:
c3:9b:92:06:81:cf:25:fe:95:d0:4c:a0:ca:ec:32:83:ca:7e:
96:e8:d5:a9:8e:de:84:15:5a:2c:4d:be:f1:5e:8f:a4:17:28:
81:ec:0c:6b:97:10:d3:b9:54:1a:94:7f:f0:02:f0:85:43:1f:
1a:8e:12:97:a5:64:12:bf:84:18:34:03:a2:01:15:82:a6:7a:
d6:0e:63:e8:4b:15:70:02:35:b4:89:d0:49:4a:f6:2f:76:4a:
2e:55:48:86:e9:24:b2:1f:f5:25:bd:a0:60:aa:b3:f6:31:52:
f3:50:13:c3:f4:98:6a:f6:d7:3c:be:97:1e:07:5b:9b:60:59:
58:47:f2:58:36:35:2d:c0:f4:70:28:ab:6d:f2:86:6c:d0:17:
23:17:86:d7:79:91:b0:43:4f:4d:ac:c7:f3:10:58:03:d5:49:
c8:c1:e5:6c:bb:93:e9:46:c3:5f:3f:24:28:aa:4a:65:04:5d:
23:c3:7c:0a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+Bbl1L5jmnN3jQ7KA2FmDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE2MTI0NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGM5YTAyNDM5OWQ3ODg3ZWY5NDM3ODUxOTVmYzk5M2NhYjA1NTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4kStU3L7maavIXRM48sQDx9s6aS
YsgtlCyueVr4DEnsdGRnXLW64jEjJNd3Nsjmz/5RhJYyfb0uS90zDWkfEadCNc7f
DMQMndlwy7pNGTFdkOXx03pq5YEmyCuFkSlpfGkKBvFoYuKVpdBQ4Rnk2T6v5b83
SvgFwg+wYcXZ+3HtA9g4dS7mLp/CeuYfF9zJo69fGhpyayKAgwlHrhzebDzvixYk
FR/pEPicPs3eRw4IgmM5b2fzH2znWO5WVzwA34bASuJrYP/Wp6vgpVRc9ZTi4Rvf
9ktvwwtiCaBHRgQ/f3xwnczFx3oGdpWF7R3trNA+QeCyybmVunDXA4fifQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFB3JoCQ5nXiH75Q3hRlfyZPKsFUqMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvSGNtZ0pEbWRlSWZ2bERlRkdWX0prOHF3VlNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbAVAwQA
bbDJMA0GCSqGSIb3DQEBCwUAA4IBAQAXB/bTkcEy1HHTFeXbwXcEjQ2413SvmrJj
2y7wUxe9U7lAfrqM22OR0Qw1KKMTGp4yBsJL5YhI6l3clIUOh8vPgyrREoiHsBnD
m5IGgc8l/pXQTKDK7DKDyn6W6NWpjt6EFVosTb7xXo+kFyiB7AxrlxDTuVQalH/w
AvCFQx8ajhKXpWQSv4QYNAOiARWCpnrWDmPoSxVwAjW0idBJSvYvdkouVUiG6SSy
H/UlvaBgqrP2MVLzUBPD9Jhq9tc8vpceB1ubYFlYR/JYNjUtwPRwKKtt8oZs0Bcj
F4bXeZGwQ09NrMfzEFgD1UnIweVsu5PpRsNfPyQoqkplBF0jw3wK
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:10:16 2025 by rpki-client