Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nZqY6x3c4hx1BIHrMA2CZqEzLic.roa
File: nZqY6x3c4hx1BIHrMA2CZqEzLic.roa (raw, json)
Hash identifier: NrX5af7ZgzwufX4ArLGCNDqtUG6tZZpg7oOsii+j0fE=
Subject key identifier: 9D:9A:98:EB:1D:DC:E2:1C:75:04:81:EB:30:0D:82:66:A1:33:2E:27
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3494FFB15D30780F4BEA4BA2BC24410
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nZqY6x3c4hx1BIHrMA2CZqEzLic.roa
Signing time: Mon 01 Jan 2024 04:30:10 +0000
ROA not before: Mon 01 Jan 2024 04:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31863
IP address blocks: 109.176.248.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 21 Jul 2024 12:44:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:4f:fb:15:d3:07:80:f4:be:a4:ba:2b:c2:44:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9d9a98eb1ddce21c750481eb300d8266a1332e27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:94:aa:d6:65:12:5c:fb:e7:5e:68:3f:05:06:
0c:f0:4f:29:3d:0b:ca:96:72:54:70:02:19:fc:e0:
c1:30:66:ed:a3:f6:08:d9:13:b5:1f:aa:a0:f0:ff:
41:08:f0:5f:0c:fc:31:18:a6:ad:45:6c:5a:e1:34:
c7:50:18:67:34:36:3e:64:83:85:8b:88:22:db:d2:
40:a6:85:f8:5e:77:46:43:f1:a0:07:e9:d5:71:ee:
4b:e8:c1:72:0e:d1:3a:7f:65:d1:2c:cd:60:1b:a7:
e2:fd:3b:fc:ac:b9:4d:1f:93:84:85:21:6d:d7:e0:
23:5d:f0:df:0e:c5:96:a6:61:cc:db:cf:7c:58:a0:
8b:04:af:62:98:34:d5:b7:ea:36:fb:77:63:5c:68:
da:68:46:a1:57:75:c6:0b:2f:6b:9d:67:c8:22:76:
70:6a:4e:4a:79:1f:29:26:e2:25:42:e0:ac:d5:d2:
4f:8d:fe:6b:26:45:65:78:b1:cd:e4:3c:cf:b0:8f:
69:ca:03:b8:b2:71:c0:3b:21:23:2b:63:57:2d:a5:
57:8b:fa:6a:c0:0e:e8:dd:7b:dc:c4:ee:09:ee:25:
1f:33:87:aa:f8:46:fe:1b:33:82:d1:e4:0e:2e:b0:
83:1c:0e:c3:d9:d6:f1:90:83:65:36:6b:83:41:7b:
c6:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:9A:98:EB:1D:DC:E2:1C:75:04:81:EB:30:0D:82:66:A1:33:2E:27
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/nZqY6x3c4hx1BIHrMA2CZqEzLic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.248.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:6c:60:f4:28:7b:b0:66:3e:26:93:97:27:8e:65:c3:ef:2f:
55:52:cd:e1:f7:e0:3a:2e:5d:e0:aa:92:8e:01:e7:55:63:45:
16:5a:1d:64:f5:83:98:fc:cf:3d:3d:dc:87:8a:f7:54:fe:76:
6e:0b:92:06:54:b7:7a:36:87:a9:42:c2:55:e2:75:54:ec:9e:
d7:19:57:48:83:d7:ef:13:28:f9:fd:0c:80:dd:61:eb:53:d8:
0b:fa:61:71:48:d2:eb:27:12:6c:d9:da:4a:3a:05:de:b8:d3:
e3:06:ae:27:2b:c6:1d:a7:83:88:cd:d4:f1:76:6e:e2:67:78:
6b:97:f2:03:12:26:30:b8:3b:0d:fe:ce:4d:4b:6e:a7:7b:3c:
5d:c1:e3:14:6b:d4:56:ad:cb:28:77:44:1a:db:f5:2c:51:75:
14:a4:fa:a9:fa:1a:dc:76:d7:61:a8:30:07:38:81:1e:bc:9a:
e7:95:2d:bc:2d:8a:81:15:f1:41:f8:dd:47:06:1b:56:b3:fc:
7f:3a:4b:d8:d0:8d:38:ce:ad:1f:9c:0a:c0:5a:26:12:12:3a:
c0:8d:dc:a6:3b:a5:7c:43:ab:ca:52:64:a4:a9:d8:db:cb:c7:
5f:d4:7d:cc:ae:79:2f:34:36:34:ef:a5:74:a4:46:e2:4f:a8:
1f:d1:35:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSU/7FdMHgPS+pLorwkQQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZDlhOThlYjFkZGNlMjFjNzUwNDgxZWIzMDBkODI2NmExMzMyZTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoZSq1mUSXPvnXmg/BQYM8E8pPQvK
lnJUcAIZ/ODBMGbto/YI2RO1H6qg8P9BCPBfDPwxGKatRWxa4TTHUBhnNDY+ZIOF
i4gi29JApoX4XndGQ/GgB+nVce5L6MFyDtE6f2XRLM1gG6fi/Tv8rLlNH5OEhSFt
1+AjXfDfDsWWpmHM2898WKCLBK9imDTVt+o2+3djXGjaaEahV3XGCy9rnWfIInZw
ak5KeR8pJuIlQuCs1dJPjf5rJkVleLHN5DzPsI9pygO4snHAOyEjK2NXLaVXi/pq
wA7o3XvcxO4J7iUfM4eq+Eb+GzOC0eQOLrCDHA7D2dbxkINlNmuDQXvGuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ2amOsd3OIcdQSB6zANgmahMy4nMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvblpxWTZ4M2M0aHgxQklIck1BMkNacUV6TGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD4MA0G
CSqGSIb3DQEBCwUAA4IBAQCabGD0KHuwZj4mk5cnjmXD7y9VUs3h9+A6Ll3gqpKO
AedVY0UWWh1k9YOY/M89PdyHivdU/nZuC5IGVLd6NoepQsJV4nVU7J7XGVdIg9fv
Eyj5/QyA3WHrU9gL+mFxSNLrJxJs2dpKOgXeuNPjBq4nK8Ydp4OIzdTxdm7iZ3hr
l/IDEiYwuDsN/s5NS26nezxdweMUa9RWrcsod0Qa2/UsUXUUpPqp+hrcdtdhqDAH
OIEevJrnlS28LYqBFfFB+N1HBhtWs/x/OkvY0I04zq0fnArAWiYSEjrAjdymO6V8
Q6vKUmSkqdjby8df1H3MrnkvNDY076V0pEbiT6gf0TWl
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:25:42 2025 by rpki-client