Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa
File: iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa (raw, json)
Hash identifier: Z8wdj8YwYLHUE+a7MN9LIrIIJXFbjksSL+XB6JWirr8=
Subject key identifier: 89:35:E3:4A:B0:3A:16:AF:C9:43:20:56:2C:F6:34:90:2F:E4:C7:69
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018E9DC74223BA2DA4475320B057A28806F5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa
Signing time: Tue 02 Apr 2024 07:47:45 +0000
ROA not before: Tue 02 Apr 2024 07:47:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210164
IP address blocks: 109.176.24.0/24 maxlen: 24
213.218.236.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Apr 2024 07:08:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:9d:c7:42:23:ba:2d:a4:47:53:20:b0:57:a2:88:06:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 2 07:47:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8935e34ab03a16afc94320562cf634902fe4c769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:66:c0:3e:c2:09:72:da:f8:29:09:40:a1:1b:
d1:b7:d3:a9:07:55:7a:57:d5:1b:2d:f5:85:c4:48:
a8:55:34:e4:3e:d8:7a:87:32:b1:d3:f6:e5:8b:d8:
10:8a:04:9c:43:62:95:2e:30:a4:b8:2e:52:0a:70:
32:ae:c8:28:ec:1c:5c:50:87:d6:1a:58:6a:8c:16:
d5:a3:d8:07:0b:da:7b:fd:55:62:3e:b5:bd:f3:b3:
50:7f:99:b2:69:b8:6d:e4:31:c2:0e:42:fe:6c:ee:
bd:6e:4c:6c:77:b8:a0:16:81:fe:f7:c7:5f:a7:0f:
e6:76:5b:12:a3:ff:8d:d9:5b:b4:06:60:36:28:cf:
8b:ae:df:0e:76:54:f7:01:5e:bc:cd:59:35:3f:be:
e2:65:42:fb:d8:83:df:72:1e:b5:48:b6:1b:8b:51:
06:29:42:ec:ae:b1:9a:87:7a:6c:d5:a5:5e:39:01:
ff:30:c3:1f:40:92:9d:5b:93:48:e6:35:84:0d:f7:
00:cc:a0:a4:dc:43:31:ca:47:de:0c:db:e0:88:4b:
13:39:25:4c:a8:23:e5:1a:ef:b5:65:81:ff:a7:a3:
a6:0b:64:e0:14:f2:e7:79:3c:39:9c:cf:3d:5b:46:
72:fa:cb:e1:a9:66:23:bb:5d:b4:fd:b0:9c:d3:3f:
8e:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:35:E3:4A:B0:3A:16:AF:C9:43:20:56:2C:F6:34:90:2F:E4:C7:69
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/iTXjSrA6Fq_JQyBWLPY0kC_kx2k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.24.0/24
213.218.236.0/24
Signature Algorithm: sha256WithRSAEncryption
17:6e:02:54:d2:7e:01:2b:02:ec:29:02:94:ca:68:72:f5:50:
53:67:fb:30:d9:e7:ec:e2:fb:d4:b7:cf:fd:7d:b7:e0:63:70:
df:73:90:8b:1c:e1:d5:e1:e7:96:bc:21:12:f6:33:16:e2:d6:
17:cb:f7:63:9c:47:b6:62:d3:de:dc:47:12:a3:f5:3f:19:62:
f8:82:69:c5:32:7f:19:35:68:c2:3f:1c:e5:c3:94:85:ee:a8:
51:90:ec:cc:65:fe:43:c5:fd:11:69:0e:95:42:d0:29:16:18:
97:0d:a4:d9:a0:78:cb:4d:72:c2:5d:10:a3:a2:ae:27:ab:0e:
d3:a7:f0:91:d4:27:25:53:0c:b9:c3:91:02:cd:be:bb:26:d6:
be:38:98:8c:d5:c4:01:6c:1e:70:f0:72:48:d4:7b:bf:4a:6f:
18:e5:ab:3e:85:43:31:ed:02:e0:0d:5a:4d:5f:33:61:bb:86:
32:b1:57:8c:92:de:02:f1:6e:69:f9:b7:23:74:63:07:32:cd:
8b:fa:d4:06:d9:1c:80:f1:ee:c0:db:59:91:db:71:bb:7d:b3:
99:87:08:2d:f9:ae:71:73:a2:ff:ff:78:e8:7a:ec:a5:e5:fa:
f2:ff:f0:3f:b5:3b:45:db:e7:78:ee:11:a4:9a:b2:8c:a4:16:
65:b9:bd:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY6dx0Ijui2kR1MgsFeiiAb1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDAyMDc0NzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTM1ZTM0YWIwM2ExNmFmYzk0MzIwNTYyY2Y2MzQ5MDJmZTRjNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh2bAPsIJctr4KQlAoRvRt9OpB1V6
V9UbLfWFxEioVTTkPth6hzKx0/bli9gQigScQ2KVLjCkuC5SCnAyrsgo7BxcUIfW
GlhqjBbVo9gHC9p7/VViPrW987NQf5myabht5DHCDkL+bO69bkxsd7igFoH+98df
pw/mdlsSo/+N2Vu0BmA2KM+Lrt8OdlT3AV68zVk1P77iZUL72IPfch61SLYbi1EG
KULsrrGah3ps1aVeOQH/MMMfQJKdW5NI5jWEDfcAzKCk3EMxykfeDNvgiEsTOSVM
qCPlGu+1ZYH/p6OmC2TgFPLneTw5nM89W0Zy+svhqWYju120/bCc0z+O1QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIk140qwOhavyUMgViz2NJAv5MdpMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaVRYalNyQTZGcV9KUXlCV0xQWTBrQ19reDJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbAYAwQA
1drsMA0GCSqGSIb3DQEBCwUAA4IBAQAXbgJU0n4BKwLsKQKUymhy9VBTZ/sw2efs
4vvUt8/9fbfgY3Dfc5CLHOHV4eeWvCES9jMW4tYXy/djnEe2YtPe3EcSo/U/GWL4
gmnFMn8ZNWjCPxzlw5SF7qhRkOzMZf5Dxf0RaQ6VQtApFhiXDaTZoHjLTXLCXRCj
oq4nqw7Tp/CR1CclUwy5w5ECzb67Jta+OJiM1cQBbB5w8HJI1Hu/Sm8Y5as+hUMx
7QLgDVpNXzNhu4YysVeMkt4C8W5p+bcjdGMHMs2L+tQG2RyA8e7A21mR23G7fbOZ
hwgt+a5xc6L//3joeuyl5fry//A/tTtF2+d47hGkmrKMpBZlub2z
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:30 2025 by rpki-client