Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ipiq4kssLMWRRYiXt4lPXWwx7Mo.roa
File: ipiq4kssLMWRRYiXt4lPXWwx7Mo.roa (raw, json)
Hash identifier: X9EuKXIrCtAxCetcALZRFumZuheSW78h13q2tTcTktw=
Subject key identifier: 8A:98:AA:E2:4B:2C:2C:C5:91:45:88:97:B7:89:4F:5D:6C:31:EC:CA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019258B599DD8CDFECCF5FCE81E59D0FA259
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ipiq4kssLMWRRYiXt4lPXWwx7Mo.roa
Signing time: Fri 04 Oct 2024 18:05:49 +0000
ROA not before: Fri 04 Oct 2024 18:05:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215362
IP address blocks: 109.176.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 10 Oct 2024 08:03:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:58:b5:99:dd:8c:df:ec:cf:5f:ce:81:e5:9d:0f:a2:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 4 18:05:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a98aae24b2c2cc591458897b7894f5d6c31ecca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:05:20:1c:64:81:37:cf:a2:68:7a:85:de:f9:
21:ef:4a:e8:94:b7:ab:36:74:81:6b:b4:bb:dc:82:
fc:b0:dc:6f:df:2f:fa:f2:65:f0:f4:eb:fa:99:c1:
b9:1a:96:2a:e2:47:75:00:d0:6a:6f:ca:6c:5a:8d:
f5:c9:af:2d:e9:6b:ae:c6:1a:f7:f1:88:1f:ba:f0:
94:73:66:2d:a4:06:11:42:53:fb:27:b7:30:56:39:
51:43:22:16:e8:f0:bd:74:55:1e:bf:5e:c9:37:71:
ae:fb:02:05:c2:38:04:e2:57:3c:8b:ea:09:a0:1e:
19:57:3b:77:17:2c:c6:bf:c8:86:51:bc:d4:2b:0b:
ab:4a:09:eb:a1:15:0b:9d:2b:b0:02:0c:97:37:00:
9a:7c:c7:f9:81:04:be:e5:16:11:7b:dc:3d:13:be:
4a:36:e0:e8:a6:25:ba:3d:86:5e:ac:f4:09:f5:91:
1d:8f:75:10:e5:b1:93:9c:c1:b5:b0:a0:71:b7:5d:
0f:d8:66:bd:8e:dd:ae:29:29:b6:59:6d:60:7c:97:
2d:c9:77:d6:00:2a:a0:9c:a2:d6:6c:e6:3f:1e:6b:
ff:2c:22:24:34:fd:4f:49:34:8f:d0:f0:8a:32:28:
84:b3:a0:2b:3f:ae:ff:0a:8d:9c:ff:b0:f3:4c:43:
c9:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:98:AA:E2:4B:2C:2C:C5:91:45:88:97:B7:89:4F:5D:6C:31:EC:CA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ipiq4kssLMWRRYiXt4lPXWwx7Mo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.193.0/24
Signature Algorithm: sha256WithRSAEncryption
72:9d:10:39:f5:fe:d5:14:8a:2b:73:48:82:f2:5e:29:77:83:
09:2c:7c:bf:a2:90:72:87:e1:af:71:45:53:ec:38:81:bb:e8:
08:f9:8b:2e:de:19:3c:7b:ad:d7:ba:76:85:db:0e:00:1d:7f:
99:86:11:00:58:20:36:d7:43:b2:3d:e8:85:4a:ee:a0:92:b4:
63:7b:e8:20:5a:4f:6e:74:74:59:25:e8:1e:d6:0a:3d:d0:2b:
81:dc:10:a2:67:0d:93:eb:71:6e:8a:c3:3c:e4:38:4e:b1:8b:
0c:bd:cf:fb:bc:7b:71:15:14:fd:be:02:f0:8f:be:32:1f:45:
5b:54:83:95:4d:4d:7b:8f:a9:fa:45:ce:e3:44:2c:10:2a:bc:
f1:b4:c1:bd:1f:de:d7:1a:f5:ce:40:aa:72:ba:4d:c4:20:ec:
38:7b:7c:ea:d5:14:3a:94:6a:6c:f9:fc:bf:01:75:ff:2d:47:
02:85:d5:d4:62:db:20:9c:65:43:51:84:46:81:c2:b3:15:71:
e4:47:d2:1e:f6:72:50:b3:26:70:3e:96:bd:32:a8:aa:52:fc:
4a:ce:25:77:e8:d6:c8:57:ae:b7:6c:bf:2b:6b:35:a6:75:85:
79:c7:a8:fc:10:5e:60:27:02:28:0e:46:6b:f4:b2:e1:55:f6:
e5:5b:45:14
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZJYtZndjN/sz1/OgeWdD6JZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMDA0MTgwNTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTk4YWFlMjRiMmMyY2M1OTE0NTg4OTdiNzg5NGY1ZDZjMzFlY2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwUgHGSBN8+iaHqF3vkh70rolLer
NnSBa7S73IL8sNxv3y/68mXw9Ov6mcG5GpYq4kd1ANBqb8psWo31ya8t6Wuuxhr3
8YgfuvCUc2YtpAYRQlP7J7cwVjlRQyIW6PC9dFUev17JN3Gu+wIFwjgE4lc8i+oJ
oB4ZVzt3FyzGv8iGUbzUKwurSgnroRULnSuwAgyXNwCafMf5gQS+5RYRe9w9E75K
NuDopiW6PYZerPQJ9ZEdj3UQ5bGTnMG1sKBxt10P2Ga9jt2uKSm2WW1gfJctyXfW
ACqgnKLWbOY/Hmv/LCIkNP1PSTSP0PCKMiiEs6ArP67/Co2c/7DzTEPJfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIqYquJLLCzFkUWIl7eJT11sMezKMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvaXBpcTRrc3NMTVdSUllpWHQ0bFBYV3d4N01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDBMA0G
CSqGSIb3DQEBCwUAA4IBAQBynRA59f7VFIorc0iC8l4pd4MJLHy/opByh+GvcUVT
7DiBu+gI+Ysu3hk8e63XunaF2w4AHX+ZhhEAWCA210OyPeiFSu6gkrRje+ggWk9u
dHRZJege1go90CuB3BCiZw2T63FuisM85DhOsYsMvc/7vHtxFRT9vgLwj74yH0Vb
VIOVTU17j6n6Rc7jRCwQKrzxtMG9H97XGvXOQKpyuk3EIOw4e3zq1RQ6lGps+fy/
AXX/LUcChdXUYtsgnGVDUYRGgcKzFXHkR9Ie9nJQsyZwPpa9MqiqUvxKziV36NbI
V663bL8razWmdYV5x6j8EF5gJwIoDkZr9LLhVfblW0UU
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:15:05 2025 by rpki-client