Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/k_Kum2SEmQz-IEXQJc-gtr-ETDY.roa
File: k_Kum2SEmQz-IEXQJc-gtr-ETDY.roa (raw, json)
Hash identifier: z4JtaBXt5cpkNs43visggyPsM83LVKtTP3YwlhHCbxc=
Subject key identifier: 93:F2:AE:9B:64:84:99:0C:FE:20:45:D0:25:CF:A0:B6:BF:84:4C:36
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F208967A34E050D05B9C371263F781199
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/k_Kum2SEmQz-IEXQJc-gtr-ETDY.roa
Signing time: Sat 27 Apr 2024 17:10:26 +0000
ROA not before: Sat 27 Apr 2024 17:10:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141968
IP address blocks: 109.176.17.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 07:57:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:20:89:67:a3:4e:05:0d:05:b9:c3:71:26:3f:78:11:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Apr 27 17:10:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=93f2ae9b6484990cfe2045d025cfa0b6bf844c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ac:f0:4a:c3:ca:43:78:d5:65:5a:30:82:39:
61:ea:1f:25:75:81:26:cd:f3:52:20:30:38:3c:8f:
35:f4:63:e5:a1:f4:2c:1a:7d:fb:e6:0d:93:11:7e:
2a:66:d8:35:64:dd:91:88:16:7d:fb:82:2a:ab:e7:
72:3e:d0:c0:97:23:43:64:1e:bc:7d:49:14:6b:d6:
9a:da:d6:a9:5f:10:23:43:de:64:aa:9f:18:26:e9:
14:49:6c:c8:4a:d7:de:8a:02:d5:c6:5b:76:97:66:
a1:9c:08:2b:42:d3:ac:21:e4:17:52:ab:f2:5a:0f:
b3:16:7d:9c:a6:46:56:df:3b:84:00:0a:79:9c:e5:
c6:e6:65:8f:81:fe:b5:56:36:ab:11:56:81:47:30:
34:0f:7d:58:8a:31:05:d5:fd:a7:1a:f5:c1:0f:b5:
16:b8:c6:c5:c8:84:d9:26:73:ba:0b:71:57:22:60:
f7:ab:df:17:1b:72:66:86:75:7f:d5:64:e0:a1:4a:
99:98:c4:0d:03:10:29:d2:5b:fc:02:65:44:5d:95:
63:9d:d0:a0:5f:6d:65:72:d4:17:6f:96:1e:03:39:
72:11:7d:80:55:3f:17:d7:b5:0b:df:4d:a0:b1:fe:
68:ef:c4:05:e7:14:62:79:5c:42:3a:c3:ca:9c:79:
9b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F2:AE:9B:64:84:99:0C:FE:20:45:D0:25:CF:A0:B6:BF:84:4C:36
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/k_Kum2SEmQz-IEXQJc-gtr-ETDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.17.0/24
Signature Algorithm: sha256WithRSAEncryption
94:74:9b:1f:57:ac:0c:b2:94:93:13:57:35:08:f6:31:3b:97:
7e:f6:77:59:8c:05:cc:84:6b:be:a1:7d:4c:99:6b:6a:dc:69:
69:c5:2f:ee:7d:8d:e8:0c:c4:c0:c9:9b:a1:a1:00:ea:70:91:
46:aa:fc:f6:2b:01:19:a7:f4:31:bf:76:7e:be:2f:93:82:01:
6e:db:a0:40:85:d9:a9:27:76:94:9e:6e:2a:75:ef:8f:2c:52:
10:2a:96:26:d9:c3:b4:52:7d:b7:ba:93:23:a8:89:55:20:bb:
c5:39:0a:1b:a7:1f:61:d9:1d:43:4e:20:24:fc:68:96:7c:07:
6e:32:29:29:dd:6d:de:a4:97:07:95:5d:ca:20:40:9d:f9:86:
c1:d3:13:aa:4a:87:ee:b2:3c:57:c9:96:8a:3d:db:7c:c5:2d:
62:dc:00:57:6b:1b:8c:31:7a:45:b9:4f:82:cf:e6:2e:61:e2:
18:8b:70:0b:21:ac:55:24:17:8f:7d:68:a9:82:4e:ab:e8:e7:
5b:d7:fe:4a:8e:8b:78:51:1d:b9:c3:2e:63:35:31:94:0a:cd:
09:1c:8a:74:22:92:4b:24:d6:5e:53:d0:c7:93:1d:a2:8e:75:
2b:31:31:d8:6c:fc:aa:5d:50:23:46:40:f2:b3:8e:37:e8:55:
3c:fb:62:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8giWejTgUNBbnDcSY/eBGZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNDI3MTcxMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2YyYWU5YjY0ODQ5OTBjZmUyMDQ1ZDAyNWNmYTBiNmJmODQ0YzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6zwSsPKQ3jVZVowgjlh6h8ldYEm
zfNSIDA4PI819GPlofQsGn375g2TEX4qZtg1ZN2RiBZ9+4Iqq+dyPtDAlyNDZB68
fUkUa9aa2tapXxAjQ95kqp8YJukUSWzIStfeigLVxlt2l2ahnAgrQtOsIeQXUqvy
Wg+zFn2cpkZW3zuEAAp5nOXG5mWPgf61VjarEVaBRzA0D31YijEF1f2nGvXBD7UW
uMbFyITZJnO6C3FXImD3q98XG3JmhnV/1WTgoUqZmMQNAxAp0lv8AmVEXZVjndCg
X21lctQXb5YeAzlyEX2AVT8X17UL302gsf5o78QF5xRieVxCOsPKnHmbhQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJPyrptkhJkM/iBF0CXPoLa/hEw2MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEva19LdW0yU0VtUXotSUVYUUpjLWd0ci1FVERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbARMA0G
CSqGSIb3DQEBCwUAA4IBAQCUdJsfV6wMspSTE1c1CPYxO5d+9ndZjAXMhGu+oX1M
mWtq3GlpxS/ufY3oDMTAyZuhoQDqcJFGqvz2KwEZp/Qxv3Z+vi+TggFu26BAhdmp
J3aUnm4qde+PLFIQKpYm2cO0Un23upMjqIlVILvFOQobpx9h2R1DTiAk/GiWfAdu
Mikp3W3epJcHlV3KIECd+YbB0xOqSofusjxXyZaKPdt8xS1i3ABXaxuMMXpFuU+C
z+YuYeIYi3ALIaxVJBePfWipgk6r6Odb1/5Kjot4UR25wy5jNTGUCs0JHIp0IpJL
JNZeU9DHkx2ijnUrMTHYbPyqXVAjRkDys4436FU8+2IT
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:08:21 2025 by rpki-client