Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h2aRLj3O4bjErYXVLdlB-OO_QV0.roa
File: h2aRLj3O4bjErYXVLdlB-OO_QV0.roa (raw, json)
Hash identifier: aP3xENE7+8SE5tQt7l/fY7hNYknNX8/qawY/M9EyYt0=
Subject key identifier: 87:66:91:2E:3D:CE:E1:B8:C4:AD:85:D5:2D:D9:41:F8:E3:BF:41:5D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01906B0B92D3D93776D693800418D0389D66
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h2aRLj3O4bjErYXVLdlB-OO_QV0.roa
Signing time: Sun 30 Jun 2024 21:27:18 +0000
ROA not before: Sun 30 Jun 2024 21:27:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48753
IP address blocks: 109.176.16.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 29 Aug 2024 12:19:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:6b:0b:92:d3:d9:37:76:d6:93:80:04:18:d0:38:9d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jun 30 21:27:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8766912e3dcee1b8c4ad85d52dd941f8e3bf415d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:20:43:05:13:72:06:ce:53:79:0b:86:57:13:
43:42:c7:46:2d:b5:89:8b:f2:10:fa:fa:5d:0e:73:
1f:a9:29:d3:89:d6:be:3d:28:03:ec:4c:6b:2f:d3:
eb:c2:45:2a:c4:ca:92:4f:6a:2d:5a:25:4a:5a:1a:
eb:db:ab:46:35:7f:f2:0a:c8:3d:c3:3c:ad:60:72:
7b:8b:3c:6f:0a:03:ba:fe:3f:b8:36:74:57:6d:13:
87:71:18:f7:1d:20:83:30:e9:55:fd:13:ee:50:92:
d4:69:c4:24:d1:2a:55:f1:b5:fe:a1:54:e1:59:4c:
d1:9f:17:fd:3b:6a:3e:87:f2:bb:b3:68:17:08:31:
b0:39:a8:02:3e:31:af:e6:45:21:e0:da:0a:26:0c:
86:6e:f3:42:4a:70:31:71:72:ac:d7:de:2d:d9:e3:
e0:8c:5a:6e:41:1f:49:ed:22:cc:ea:ed:a2:99:2a:
e9:fd:11:c8:5c:30:3f:54:e2:1f:01:5f:d5:a8:70:
fe:d2:15:91:b3:5d:f2:52:83:8d:15:fe:51:f7:c9:
79:9b:fc:4c:7f:72:ba:56:3e:39:1d:24:e7:75:44:
a8:c7:64:2b:42:96:0a:78:1b:c0:ac:5a:33:73:bb:
bd:6f:cd:2c:38:97:f5:8b:4a:bb:4a:98:1f:d9:1d:
21:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:66:91:2E:3D:CE:E1:B8:C4:AD:85:D5:2D:D9:41:F8:E3:BF:41:5D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/h2aRLj3O4bjErYXVLdlB-OO_QV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.16.0/24
Signature Algorithm: sha256WithRSAEncryption
35:79:d5:44:ea:16:11:1c:53:a2:ac:96:b6:30:ab:3c:31:98:
91:4e:f7:d9:a8:9e:09:32:b0:d2:ff:cc:d5:89:50:fc:35:f3:
69:21:ff:de:d1:42:05:78:13:4d:cd:0f:a6:2a:5e:37:cc:e4:
b0:c7:ea:1f:81:ef:88:89:0c:42:79:b0:74:9d:f7:79:f8:77:
f5:9f:16:06:69:6d:78:60:00:59:0d:3e:44:dd:be:cf:f8:c4:
fb:53:83:56:c2:cf:f3:0c:8b:9f:d5:40:20:1b:0f:5f:7e:e6:
bc:56:50:a9:7c:29:f6:c6:34:6e:69:16:dd:b0:a5:ca:fd:da:
d7:65:5d:5a:fa:da:21:da:ac:82:3a:a4:43:87:af:88:c3:6a:
c8:41:be:df:ca:8a:77:da:c6:d5:13:88:b4:7c:7b:ab:db:37:
43:8b:84:95:37:fc:42:f1:2e:44:22:53:a1:ad:a0:73:72:e3:
04:de:b9:75:82:eb:bb:3a:4f:c2:52:51:a4:b4:01:da:91:81:
ee:95:ac:2e:da:7e:d4:60:15:36:4b:d1:36:0f:3a:5e:cc:82:
e7:66:25:21:77:aa:40:05:8a:c7:14:61:96:b8:99:e8:9f:f4:
d4:c8:76:61:f9:e5:d9:07:d4:b7:84:28:0e:0a:14:fe:27:02:
e8:75:ac:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBrC5LT2Td21pOABBjQOJ1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNjMwMjEyNzE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzY2OTEyZTNkY2VlMWI4YzRhZDg1ZDUyZGQ5NDFmOGUzYmY0MTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCBDBRNyBs5TeQuGVxNDQsdGLbWJ
i/IQ+vpdDnMfqSnTida+PSgD7ExrL9PrwkUqxMqST2otWiVKWhrr26tGNX/yCsg9
wzytYHJ7izxvCgO6/j+4NnRXbROHcRj3HSCDMOlV/RPuUJLUacQk0SpV8bX+oVTh
WUzRnxf9O2o+h/K7s2gXCDGwOagCPjGv5kUh4NoKJgyGbvNCSnAxcXKs194t2ePg
jFpuQR9J7SLM6u2imSrp/RHIXDA/VOIfAV/VqHD+0hWRs13yUoONFf5R98l5m/xM
f3K6Vj45HSTndUSox2QrQpYKeBvArFozc7u9b80sOJf1i0q7Spgf2R0hzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIdmkS49zuG4xK2F1S3ZQfjjv0FdMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaDJhUkxqM080YmpFcllYVkxkbEItT09fUVYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbAQMA0G
CSqGSIb3DQEBCwUAA4IBAQA1edVE6hYRHFOirJa2MKs8MZiRTvfZqJ4JMrDS/8zV
iVD8NfNpIf/e0UIFeBNNzQ+mKl43zOSwx+ofge+IiQxCebB0nfd5+Hf1nxYGaW14
YABZDT5E3b7P+MT7U4NWws/zDIuf1UAgGw9ffua8VlCpfCn2xjRuaRbdsKXK/drX
ZV1a+toh2qyCOqRDh6+Iw2rIQb7fyop32sbVE4i0fHur2zdDi4SVN/xC8S5EIlOh
raBzcuME3rl1guu7Ok/CUlGktAHakYHulawu2n7UYBU2S9E2DzpezILnZiUhd6pA
BYrHFGGWuJnon/TUyHZh+eXZB9S3hCgOChT+JwLodaz+
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:18:10 2025 by rpki-client