Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/g_IQ2UQFvnuBft7-swlYQxTCpGk.roa
File: g_IQ2UQFvnuBft7-swlYQxTCpGk.roa (raw, json)
Hash identifier: qTF29pQIHwIxER000evAs0B/I5H5nAwYumgHmyzkXc4=
Subject key identifier: 83:F2:10:D9:44:05:BE:7B:81:7E:DE:FE:B3:09:58:43:14:C2:A4:69
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0193AAA1AF130731C1F06D6D251825943BF9
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/g_IQ2UQFvnuBft7-swlYQxTCpGk.roa
Signing time: Mon 09 Dec 2024 08:55:43 +0000
ROA not before: Mon 09 Dec 2024 08:55:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 150654
IP address blocks: 109.176.20.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 17 Dec 2024 09:48:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:aa:a1:af:13:07:31:c1:f0:6d:6d:25:18:25:94:3b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 9 08:55:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83f210d94405be7b817edefeb309584314c2a469
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:bc:09:1f:cb:2e:52:5b:48:39:3a:3a:02:d8:
ad:c2:37:5f:d0:01:e3:f1:12:56:08:f5:12:b4:5a:
9d:19:90:42:2a:5f:2b:51:4a:0d:88:90:c5:bf:09:
67:ad:dd:f1:bd:94:ee:6d:34:ce:ee:3d:6e:2d:ae:
db:ee:98:f6:77:1d:d4:0e:73:15:38:34:32:87:a4:
18:dd:f3:c9:d2:db:8c:17:7c:42:81:d0:7f:0c:d0:
d8:ba:9c:22:2d:00:25:66:fe:87:ec:cc:72:ae:c2:
4b:b2:10:fc:85:be:f5:0f:ca:e9:7b:d9:d0:8b:9a:
0c:ee:f5:0e:64:8b:67:83:ee:a1:6e:ce:3f:d7:ba:
c6:81:c1:ff:53:dd:5a:51:8d:38:f0:48:93:2b:6e:
65:5f:54:d2:4f:f8:5f:4c:38:19:55:76:57:58:b8:
4b:2f:1c:41:fc:e8:1c:1a:57:cf:c6:94:38:fb:f7:
e7:f4:73:16:78:11:f0:e8:78:6d:a1:df:c8:25:6d:
97:1b:04:f1:09:a0:98:89:ed:6d:15:cc:f2:0d:1b:
19:df:0b:90:05:d7:b2:a3:99:39:3f:1b:24:ad:49:
2c:1c:6f:46:56:75:60:42:f7:aa:2f:17:ea:b9:da:
4b:92:5c:85:12:ff:b4:a7:86:09:a2:29:67:22:a3:
f3:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F2:10:D9:44:05:BE:7B:81:7E:DE:FE:B3:09:58:43:14:C2:A4:69
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/g_IQ2UQFvnuBft7-swlYQxTCpGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.20.0/24
Signature Algorithm: sha256WithRSAEncryption
4d:32:94:08:51:76:b7:69:24:69:34:35:1b:b5:8e:6a:e4:4e:
dc:7a:fe:73:5b:d9:c0:32:ec:ff:78:a2:33:93:c7:6a:da:dc:
52:89:7c:95:76:8e:08:1f:ee:c4:52:04:65:bf:3b:ad:7d:8d:
d6:9f:b2:4a:5a:6e:25:d9:cd:03:40:d4:e9:72:82:08:f2:16:
37:72:49:43:c0:46:d8:e5:0c:c0:94:6b:65:09:f9:58:d5:1b:
a0:a6:e5:fd:d3:75:c1:4d:66:10:42:d0:5d:b0:a6:4a:59:83:
55:6e:7b:fb:cc:e2:57:e9:2d:77:8b:61:9f:f8:c8:01:ea:4c:
d4:3e:1c:10:39:4b:ae:02:7a:ff:d5:1a:44:ca:60:e9:bc:32:
82:96:2e:0d:ce:78:89:b4:a8:f2:b0:0d:74:b1:e9:ae:4d:db:
20:05:7a:be:3f:97:6a:ec:da:a1:c4:88:bc:d2:10:9c:35:92:
86:60:27:a2:80:80:01:cb:7c:dd:32:f8:92:da:47:2c:03:58:
55:87:0e:dd:7f:e2:10:4b:f6:cd:ad:be:07:fb:c8:49:d0:61:
8d:c2:37:f4:68:06:71:a9:18:c5:bc:77:4d:e2:24:83:ce:d4:
34:99:f9:7a:c2:fd:7d:b2:3c:e0:96:1f:1a:09:14:97:2b:d9:
6d:2e:57:46
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZOqoa8TBzHB8G1tJRgllDv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjA5MDg1NTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2YyMTBkOTQ0MDViZTdiODE3ZWRlZmViMzA5NTg0MzE0YzJhNDY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnbwJH8suUltIOTo6Atitwjdf0AHj
8RJWCPUStFqdGZBCKl8rUUoNiJDFvwlnrd3xvZTubTTO7j1uLa7b7pj2dx3UDnMV
ODQyh6QY3fPJ0tuMF3xCgdB/DNDYupwiLQAlZv6H7MxyrsJLshD8hb71D8rpe9nQ
i5oM7vUOZItng+6hbs4/17rGgcH/U91aUY048EiTK25lX1TST/hfTDgZVXZXWLhL
LxxB/OgcGlfPxpQ4+/fn9HMWeBHw6Hhtod/IJW2XGwTxCaCYie1tFczyDRsZ3wuQ
Bdeyo5k5PxskrUksHG9GVnVgQveqLxfqudpLklyFEv+0p4YJoilnIqPzRQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIPyENlEBb57gX7e/rMJWEMUwqRpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZ19JUTJVUUZ2bnVCZnQ3LXN3bFlReFRDcEdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbAUMA0G
CSqGSIb3DQEBCwUAA4IBAQBNMpQIUXa3aSRpNDUbtY5q5E7cev5zW9nAMuz/eKIz
k8dq2txSiXyVdo4IH+7EUgRlvzutfY3Wn7JKWm4l2c0DQNTpcoII8hY3cklDwEbY
5QzAlGtlCflY1RugpuX903XBTWYQQtBdsKZKWYNVbnv7zOJX6S13i2Gf+MgB6kzU
PhwQOUuuAnr/1RpEymDpvDKCli4NzniJtKjysA10semuTdsgBXq+P5dq7NqhxIi8
0hCcNZKGYCeigIABy3zdMviS2kcsA1hVhw7df+IQS/bNrb4H+8hJ0GGNwjf0aAZx
qRjFvHdN4iSDztQ0mfl6wv19sjzglh8aCRSXK9ltLldG
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:11:51 2025 by rpki-client