Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa
File: pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa (raw, json)
Hash identifier: Um1REQuAFM5QZXJVW3/aLRg6Vrvt3X9pO96osVFHsUc=
Subject key identifier: A7:08:82:1F:56:4F:94:94:76:C5:3F:17:64:31:75:EE:7F:D1:C6:4F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018F86785A3E670CEDF6C1C7CED598DD0B2A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa
Signing time: Fri 17 May 2024 12:13:05 +0000
ROA not before: Fri 17 May 2024 12:13:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 109.176.253.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 27 May 2024 08:48:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:86:78:5a:3e:67:0c:ed:f6:c1:c7:ce:d5:98:dd:0b:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 17 12:13:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a708821f564f949476c53f17643175ee7fd1c64f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6f:e0:a9:54:c6:0f:d4:2b:49:36:b9:30:82:
ed:0e:bc:34:ef:c4:d2:6d:bf:6e:1a:01:de:93:94:
50:81:1b:38:cf:20:4c:49:f9:2e:a8:9f:c0:c9:bb:
4e:96:be:07:5c:d5:f0:2a:91:9f:d7:27:a7:3d:0c:
91:d7:37:23:35:c3:a2:83:07:e6:ac:13:cb:bd:8f:
e9:dd:d3:d9:0f:f3:84:88:cc:a9:40:9a:05:41:08:
2e:1b:1f:e4:a2:9f:32:34:d8:4a:d1:3d:e6:ae:a0:
8b:39:86:5e:ff:12:96:11:3b:bd:5a:73:4e:84:f1:
9a:6d:b8:cb:8e:80:c8:73:67:3a:0e:ee:3e:0f:d6:
50:98:d1:2c:73:fe:cf:9a:cb:0b:4e:a8:1b:cb:79:
b1:d9:f2:f7:cb:9c:08:8e:fc:9c:e7:38:4a:69:89:
02:93:59:00:c4:8d:b8:37:8f:15:99:38:6a:73:8c:
13:73:e0:f9:56:1e:63:30:9e:e1:7b:96:9c:e2:e5:
31:48:b3:14:9c:21:11:42:6a:98:c8:bf:b6:95:1e:
2f:01:bd:85:c6:95:48:2a:de:92:4c:9c:57:d7:6f:
8a:f5:5b:82:29:71:57:18:c5:48:39:88:49:2a:77:
b9:86:96:9b:e9:28:ee:f1:3c:f7:5e:7c:77:9d:44:
e2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:08:82:1F:56:4F:94:94:76:C5:3F:17:64:31:75:EE:7F:D1:C6:4F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/pwiCH1ZPlJR2xT8XZDF17n_Rxk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.253.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:a2:84:d8:6a:8d:a7:b7:2f:92:08:dd:83:af:0f:9e:26:b1:
d3:1c:37:eb:cc:50:f6:29:c8:10:7f:e0:a1:54:05:81:53:e6:
e8:87:06:4b:25:bf:d6:21:cc:59:95:3a:3e:3b:97:38:c4:7f:
e0:28:2e:7e:ff:72:c3:bf:45:d6:91:65:6f:98:91:b8:be:09:
49:b4:66:61:b1:a9:28:1c:20:7d:5c:71:a5:88:a4:ed:8c:55:
e3:45:5f:cd:de:82:39:96:48:6e:4f:b3:df:b9:19:14:bb:09:
a2:79:c8:08:3d:94:60:58:8d:04:63:a8:c6:55:15:c0:36:2b:
4a:ef:cf:c8:e9:9f:7a:f5:91:1d:6d:12:16:18:db:f2:75:be:
9e:b1:11:10:77:ab:99:e6:a9:9e:8d:74:fe:8f:c2:28:da:e6:
57:7f:36:0d:d3:92:b1:bc:9c:bb:48:73:29:3b:0a:4e:12:6d:
b4:9d:af:a7:5b:cc:24:d8:fe:be:20:72:f5:a0:86:fb:82:7d:
53:7f:91:5d:9c:05:77:c2:81:fe:d1:27:2f:97:15:e2:aa:f9:
8c:f0:52:ad:8f:ef:86:d9:c0:e7:9a:ba:fa:d1:a8:b6:31:86:
57:1e:48:5b:cb:bc:1a:b8:d0:05:7e:64:59:f1:4f:2d:51:ad:
4f:08:5b:f6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY+GeFo+Zwzt9sHHztWY3QsqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTE3MTIxMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzA4ODIxZjU2NGY5NDk0NzZjNTNmMTc2NDMxNzVlZTdmZDFjNjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW/gqVTGD9QrSTa5MILtDrw078TS
bb9uGgHek5RQgRs4zyBMSfkuqJ/AybtOlr4HXNXwKpGf1yenPQyR1zcjNcOigwfm
rBPLvY/p3dPZD/OEiMypQJoFQQguGx/kop8yNNhK0T3mrqCLOYZe/xKWETu9WnNO
hPGabbjLjoDIc2c6Du4+D9ZQmNEsc/7PmssLTqgby3mx2fL3y5wIjvyc5zhKaYkC
k1kAxI24N48VmThqc4wTc+D5Vh5jMJ7he5ac4uUxSLMUnCERQmqYyL+2lR4vAb2F
xpVIKt6STJxX12+K9VuCKXFXGMVIOYhJKne5hpab6Sju8Tz3Xnx3nUTiuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKcIgh9WT5SUdsU/F2Qxde5/0cZPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvcHdpQ0gxWlBsSlIyeFQ4WFpERjE3bl9SeGs4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbD9MA0G
CSqGSIb3DQEBCwUAA4IBAQAvooTYao2nty+SCN2Drw+eJrHTHDfrzFD2KcgQf+Ch
VAWBU+bohwZLJb/WIcxZlTo+O5c4xH/gKC5+/3LDv0XWkWVvmJG4vglJtGZhsako
HCB9XHGliKTtjFXjRV/N3oI5lkhuT7PfuRkUuwmiecgIPZRgWI0EY6jGVRXANitK
78/I6Z969ZEdbRIWGNvydb6esREQd6uZ5qmejXT+j8Io2uZXfzYN05KxvJy7SHMp
OwpOEm20na+nW8wk2P6+IHL1oIb7gn1Tf5FdnAV3woH+0ScvlxXiqvmM8FKtj++G
2cDnmrr60ai2MYZXHkhby7wauNAFfmRZ8U8tUa1PCFv2
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:17:30 2025 by rpki-client