Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oXNlAH0Cx0Th22UqwDl7_hE59ZE.roa
File: oXNlAH0Cx0Th22UqwDl7_hE59ZE.roa (raw, json)
Hash identifier: 9Cu1CBPfXP2y5hO3HWzW8v+62j6v+JnLzIct/NhvemY=
Subject key identifier: A1:73:65:00:7D:02:C7:44:E1:DB:65:2A:C0:39:7B:FE:11:39:F5:91
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0194140992D5EE49D0E43613DE59DB9D1096
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oXNlAH0Cx0Th22UqwDl7_hE59ZE.roa
Signing time: Sun 29 Dec 2024 20:09:19 +0000
ROA not before: Sun 29 Dec 2024 20:09:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213693
IP address blocks: 109.176.202.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 09:47:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:14:09:92:d5:ee:49:d0:e4:36:13:de:59:db:9d:10:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Dec 29 20:09:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a17365007d02c744e1db652ac0397bfe1139f591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:8a:3a:ea:92:d3:5c:58:bc:90:94:ed:5e:2f:
15:53:9f:7e:46:4a:e6:4d:40:dc:41:d0:46:e5:57:
20:a8:9f:69:2e:2b:4a:7f:6f:b4:34:04:a3:86:e8:
d7:cf:8c:af:5c:dd:74:de:f5:e6:d8:61:26:2b:36:
6f:25:6e:e9:82:14:5f:14:1b:6d:3d:c5:9d:be:33:
1c:95:6a:d6:4f:f8:65:4c:27:e2:55:0d:ca:3a:80:
da:81:2b:e5:c5:2d:5c:b8:84:68:eb:10:ee:20:9f:
f3:28:f2:9f:92:90:3e:db:41:6c:f9:1b:62:87:e6:
74:ec:cd:2d:30:d5:68:cf:e9:57:f3:5f:98:24:ae:
f9:c6:9f:cb:08:d0:98:7e:e9:f2:2c:28:64:44:b3:
b2:69:37:63:9d:91:49:da:71:6b:29:32:20:95:9f:
24:6c:d5:db:cd:48:ee:e7:b4:6e:b3:98:bf:c1:00:
99:1e:ba:ea:59:58:51:73:05:d1:27:5e:a2:1d:c7:
b9:a5:99:f4:6b:be:25:52:9e:d4:88:2a:4f:6e:ff:
5c:44:bc:0e:46:73:6f:f8:28:b4:28:02:11:d1:b1:
f5:e6:b8:eb:5f:95:0e:9b:41:04:bf:ce:72:88:17:
ea:d7:8d:b9:7f:84:d9:b3:6a:c7:f9:f0:fa:e4:00:
11:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:73:65:00:7D:02:C7:44:E1:DB:65:2A:C0:39:7B:FE:11:39:F5:91
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/oXNlAH0Cx0Th22UqwDl7_hE59ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.202.0/24
Signature Algorithm: sha256WithRSAEncryption
84:cb:6e:b7:9f:ed:8c:15:0d:16:3e:1a:15:8b:ae:ee:47:52:
64:08:f2:6c:eb:00:f0:77:cd:01:d1:44:a9:1e:23:eb:49:64:
eb:51:5d:8f:28:7d:04:7f:42:97:54:cd:ba:ca:e8:d7:74:11:
32:08:21:e6:fc:18:75:01:da:94:59:69:fd:55:14:c7:f2:d4:
bf:b6:4f:29:7d:66:08:4c:8e:c0:8a:88:16:8a:04:73:44:c0:
a3:2d:28:f2:b1:32:20:3c:78:1a:70:69:6f:cf:06:d1:57:10:
13:02:43:03:9d:78:f0:57:8e:13:6e:ae:58:70:b4:77:d7:7b:
76:56:33:8b:79:59:5b:c1:bb:c8:67:8d:c1:bd:e0:ef:d8:a7:
4e:ad:a6:85:07:44:d5:a0:2f:40:4e:62:05:a2:a4:22:94:56:
34:ac:1e:dc:0d:89:e4:e5:53:3d:dd:e6:21:a2:5a:dc:53:cc:
89:45:16:de:0b:14:0e:b3:34:ca:4c:13:66:96:f2:9b:cd:25:
b1:c3:37:9c:c8:b2:5f:c0:14:9a:0a:d4:83:29:7d:fd:39:98:
47:3b:be:81:e7:73:31:84:69:b5:7f:3f:00:9c:73:97:da:91:
6a:46:01:ed:a9:0b:4b:aa:cb:7a:63:7c:72:de:4c:94:5f:8c:
25:b9:84:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQUCZLV7knQ5DYT3lnbnRCWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQxMjI5MjAwOTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTczNjUwMDdkMDJjNzQ0ZTFkYjY1MmFjMDM5N2JmZTExMzlmNTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4o66pLTXFi8kJTtXi8VU59+Rkrm
TUDcQdBG5VcgqJ9pLitKf2+0NASjhujXz4yvXN103vXm2GEmKzZvJW7pghRfFBtt
PcWdvjMclWrWT/hlTCfiVQ3KOoDagSvlxS1cuIRo6xDuIJ/zKPKfkpA+20Fs+Rti
h+Z07M0tMNVoz+lX81+YJK75xp/LCNCYfunyLChkRLOyaTdjnZFJ2nFrKTIglZ8k
bNXbzUju57Rus5i/wQCZHrrqWVhRcwXRJ16iHce5pZn0a74lUp7UiCpPbv9cRLwO
RnNv+Ci0KAIR0bH15rjrX5UOm0EEv85yiBfq1425f4TZs2rH+fD65AARwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFzZQB9AsdE4dtlKsA5e/4ROfWRMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvb1hObEFIMEN4MFRoMjJVcXdEbDdfaEU1OVpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDKMA0G
CSqGSIb3DQEBCwUAA4IBAQCEy263n+2MFQ0WPhoVi67uR1JkCPJs6wDwd80B0USp
HiPrSWTrUV2PKH0Ef0KXVM26yujXdBEyCCHm/Bh1AdqUWWn9VRTH8tS/tk8pfWYI
TI7AiogWigRzRMCjLSjysTIgPHgacGlvzwbRVxATAkMDnXjwV44Tbq5YcLR313t2
VjOLeVlbwbvIZ43BveDv2KdOraaFB0TVoC9ATmIFoqQilFY0rB7cDYnk5VM93eYh
olrcU8yJRRbeCxQOszTKTBNmlvKbzSWxwzecyLJfwBSaCtSDKX39OZhHO76B53Mx
hGm1fz8AnHOX2pFqRgHtqQtLqst6Y3xy3kyUX4wluYRn
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:24:29 2025 by rpki-client