Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/L7oZ91KLXNxUHlSygxYumgZMoaA.roa
File: L7oZ91KLXNxUHlSygxYumgZMoaA.roa (raw, json)
Hash identifier: 90Fv96hOOa3/z4h7oRy59HFaysEALflXb8xgsyittO0=
Subject key identifier: 2F:BA:19:F7:52:8B:5C:DC:54:1E:54:B2:83:16:2E:9A:06:4C:A1:A0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01928A0F502C66789E4277B12327E89DA1C8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/L7oZ91KLXNxUHlSygxYumgZMoaA.roa
Signing time: Mon 14 Oct 2024 08:05:12 +0000
ROA not before: Mon 14 Oct 2024 08:05:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 109.176.23.0/24 maxlen: 24
194.105.90.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 14 Nov 2024 08:36:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:0f:50:2c:66:78:9e:42:77:b1:23:27:e8:9d:a1:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 14 08:05:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2fba19f7528b5cdc541e54b283162e9a064ca1a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c4:79:ad:5c:23:c2:e2:31:d0:ac:64:dc:48:
11:4b:84:a0:9d:18:b8:ed:85:c2:27:2f:e1:ad:1f:
d4:c3:6e:af:ff:71:07:ce:1e:b6:bd:b8:d0:59:b5:
16:57:57:ea:59:8c:0d:21:90:fe:66:18:6d:f3:d9:
f6:55:07:61:e6:0c:51:2b:48:f2:8c:45:7e:d7:40:
f1:15:5c:ee:08:1d:33:58:4b:d0:11:0a:0f:26:3b:
0d:14:0d:47:59:b6:a1:1e:4b:08:f7:46:18:d0:63:
d0:b2:23:49:24:96:49:03:13:dc:af:91:93:d8:f9:
76:66:e7:da:06:ea:2b:a9:39:1f:dd:5a:e9:76:db:
3b:f0:e4:b7:2e:12:64:d3:67:6b:69:d4:cf:fb:77:
fd:1a:c3:47:c0:6e:8d:e7:4a:7a:ec:ce:2f:88:d4:
ec:1b:62:0a:68:c4:83:73:1a:b2:5b:24:07:74:39:
65:ca:72:81:08:4d:50:8b:46:e9:94:78:ad:ff:3c:
45:52:75:19:9a:b2:f4:85:82:e3:ca:eb:27:8c:07:
76:17:a3:45:b9:79:23:05:de:e2:5c:a4:65:c2:64:
01:a9:27:e9:71:f5:ba:cf:3e:ee:43:14:2a:b9:d4:
7f:4e:c8:e7:4b:ea:f9:06:e9:d9:f6:b7:c0:9e:81:
e1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:BA:19:F7:52:8B:5C:DC:54:1E:54:B2:83:16:2E:9A:06:4C:A1:A0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/L7oZ91KLXNxUHlSygxYumgZMoaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.23.0/24
194.105.90.0/24
213.130.138.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:82:2b:55:2a:78:dc:f7:9d:ac:69:f0:38:42:a2:20:aa:8c:
22:db:67:ea:24:74:c4:7d:61:5e:b8:96:55:58:ee:bb:04:77:
d6:1d:2d:58:8a:96:25:0d:58:2e:93:7d:e5:e1:70:62:57:4f:
65:ee:c2:ce:d7:f7:39:3c:dd:86:00:2d:1a:1b:27:89:bc:5e:
10:29:a3:f3:cf:ac:21:cc:c4:e0:d3:8d:12:80:08:c9:38:0c:
89:5b:17:ca:09:6b:1f:40:d8:68:b3:a1:0f:56:97:a3:66:70:
a2:fc:ba:0f:93:79:f4:f7:30:06:d1:4f:6d:97:58:3f:7a:63:
ca:97:b3:9a:71:e5:95:8b:eb:e6:a8:3a:26:b9:c5:0c:38:17:
98:94:f8:37:d2:72:ce:6c:09:4c:74:ec:a1:11:ae:21:3a:14:
a6:f9:3a:cb:d0:51:29:0e:59:47:c2:fd:bc:5e:43:c2:85:e8:
9b:a3:65:fd:c6:d0:f4:9b:f1:8f:bd:7c:fe:4d:47:0f:0f:4b:
2a:fa:1d:5b:b3:33:ba:34:6e:8c:1d:d7:b8:9b:c4:25:e2:0e:
33:00:ce:c6:a5:3e:4a:8c:54:c1:6a:3a:40:b5:d1:8f:8f:e8:
4b:24:b3:27:f3:c7:c6:b9:80:8d:4b:a3:82:fe:0b:28:24:85:
f9:44:ac:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKKD1AsZnieQnexIyfonaHIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDE0MDgwNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmJhMTlmNzUyOGI1Y2RjNTQxZTU0YjI4MzE2MmU5YTA2NGNhMWEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMR5rVwjwuIx0Kxk3EgRS4SgnRi4
7YXCJy/hrR/Uw26v/3EHzh62vbjQWbUWV1fqWYwNIZD+Zhht89n2VQdh5gxRK0jy
jEV+10DxFVzuCB0zWEvQEQoPJjsNFA1HWbahHksI90YY0GPQsiNJJJZJAxPcr5GT
2Pl2ZufaBuorqTkf3Vrpdts78OS3LhJk02dradTP+3f9GsNHwG6N50p67M4viNTs
G2IKaMSDcxqyWyQHdDllynKBCE1Qi0bplHit/zxFUnUZmrL0hYLjyusnjAd2F6NF
uXkjBd7iXKRlwmQBqSfpcfW6zz7uQxQqudR/TsjnS+r5BunZ9rfAnoHh1QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFC+6GfdSi1zcVB5UsoMWLpoGTKGgMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTDdvWjkxS0xYTnhVSGxTeWd4WXVtZ1pNb2FBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbbAXAwQA
wmlaAwQA1YKKMA0GCSqGSIb3DQEBCwUAA4IBAQCtgitVKnjc952safA4QqIgqowi
22fqJHTEfWFeuJZVWO67BHfWHS1YipYlDVguk33l4XBiV09l7sLO1/c5PN2GAC0a
GyeJvF4QKaPzz6whzMTg040SgAjJOAyJWxfKCWsfQNhos6EPVpejZnCi/LoPk3n0
9zAG0U9tl1g/emPKl7OaceWVi+vmqDomucUMOBeYlPg30nLObAlMdOyhEa4hOhSm
+TrL0FEpDllHwv28XkPCheibo2X9xtD0m/GPvXz+TUcPD0sq+h1bszO6NG6MHde4
m8Ql4g4zAM7GpT5KjFTBajpAtdGPj+hLJLMn88fGuYCNS6OC/gsoJIX5RKzm
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:47 2025 by rpki-client