Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sxK0N6Z77YlES1A-RymAgnFSCto.roa
File: sxK0N6Z77YlES1A-RymAgnFSCto.roa (raw, json)
Hash identifier: 6hrgQ47Cvj75dGK3S5py8AbndKvui1+WSP6nDZnUcRM=
Subject key identifier: B3:12:B4:37:A6:7B:ED:89:44:4B:50:3E:47:29:80:82:71:52:0A:DA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191E1D77A0A6D3851455415378BBB2A8903
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sxK0N6Z77YlES1A-RymAgnFSCto.roa
Signing time: Wed 11 Sep 2024 16:08:00 +0000
ROA not before: Wed 11 Sep 2024 16:08:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215362
IP address blocks: 82.153.220.0/24 maxlen: 24
109.176.23.0/24 maxlen: 24
109.176.193.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 04 Oct 2024 18:05:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:d7:7a:0a:6d:38:51:45:54:15:37:8b:bb:2a:89:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 11 16:08:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b312b437a67bed89444b503e4729808271520ada
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:af:c2:79:b9:89:d1:8d:eb:14:ca:bf:e9:67:
3c:9b:24:61:aa:84:f3:62:be:c8:ee:8a:8e:0c:67:
9c:fc:ac:e9:9f:ac:c0:b0:e8:f2:ff:6e:9d:76:2c:
9e:ee:cc:7d:38:cb:16:f8:8c:b5:4c:8e:a3:21:ed:
d5:27:aa:54:5b:ef:58:64:97:d5:95:1e:9e:78:51:
b5:6c:9a:b1:54:e6:ef:ba:c7:f2:94:6c:ac:e6:e4:
d5:c3:4d:d9:34:86:69:8c:4d:93:77:cc:c4:c8:ce:
08:84:03:ea:86:4b:87:9f:55:57:39:29:8b:a8:52:
3c:3e:d8:9f:85:9d:0b:b1:6f:6e:de:7f:d0:b5:20:
11:e5:a5:fb:5c:9d:01:50:1a:fa:bc:6e:05:8d:ce:
b3:29:9a:e8:59:97:fd:19:ae:9e:29:e2:a7:ae:37:
a1:7f:b2:a3:ad:c8:67:f6:0f:24:54:a3:d8:da:d8:
e6:d0:f3:67:9a:73:03:28:98:3f:f0:87:8a:57:19:
48:8f:5b:03:d9:aa:2f:57:93:22:cc:3b:43:35:ee:
ea:29:93:be:b7:e1:59:65:c2:bc:be:0a:4b:b5:d1:
c8:e2:95:a1:e6:4a:f3:45:59:85:c9:ab:a9:2d:44:
ca:23:a9:b7:e8:51:47:91:2a:c1:7e:6e:fa:a8:11:
cc:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:12:B4:37:A6:7B:ED:89:44:4B:50:3E:47:29:80:82:71:52:0A:DA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sxK0N6Z77YlES1A-RymAgnFSCto.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
109.176.23.0/24
109.176.193.0/24
Signature Algorithm: sha256WithRSAEncryption
61:49:03:b2:1d:ba:79:9c:84:c4:61:c2:48:88:04:7d:6e:a1:
1c:9f:13:de:d6:34:56:0f:a3:89:83:9e:c6:b5:46:7e:e3:29:
b6:dc:db:ee:23:f5:15:d6:99:06:c2:46:ef:6f:31:c9:ec:5f:
ae:2c:eb:76:a9:16:2a:c4:84:89:1c:ff:79:70:1f:3b:39:57:
e0:db:f7:8a:70:08:23:ee:a6:10:4e:28:a2:5d:3c:16:c6:08:
d0:a7:d0:36:d6:5c:58:4f:38:19:be:9a:bc:63:8e:6b:ed:29:
37:20:a9:a2:19:f1:04:f0:ce:53:75:a1:e7:4e:e6:fd:89:15:
b3:74:4d:b4:c8:4f:14:b3:52:f2:f7:4f:74:01:8a:4c:26:3c:
e0:8d:cd:4e:81:6b:79:2a:8d:ec:4c:93:bf:88:b1:73:8a:95:
c5:c1:c2:f1:04:e7:bd:30:06:a5:2a:77:f1:7f:de:96:04:9e:
3a:63:fd:a0:ae:69:4b:62:ef:31:2e:2d:dd:14:79:e8:ac:10:
e0:29:55:2b:f3:99:8f:5c:e9:29:c7:3d:1c:cd:eb:2d:d8:9e:
d0:a0:54:0b:38:d5:5d:af:75:f4:b8:e4:ba:2a:e1:3a:cc:72:
e6:a4:2c:ff:88:16:d2:7a:28:db:77:75:99:f6:dc:d9:d1:77:
4f:31:5e:e6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZHh13oKbThRRVQVN4u7KokDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTExMTYwODAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzEyYjQzN2E2N2JlZDg5NDQ0YjUwM2U0NzI5ODA4MjcxNTIwYWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoK/CebmJ0Y3rFMq/6Wc8myRhqoTz
Yr7I7oqODGec/Kzpn6zAsOjy/26ddiye7sx9OMsW+Iy1TI6jIe3VJ6pUW+9YZJfV
lR6eeFG1bJqxVObvusfylGys5uTVw03ZNIZpjE2Td8zEyM4IhAPqhkuHn1VXOSmL
qFI8PtifhZ0LsW9u3n/QtSAR5aX7XJ0BUBr6vG4Fjc6zKZroWZf9Ga6eKeKnrjeh
f7Kjrchn9g8kVKPY2tjm0PNnmnMDKJg/8IeKVxlIj1sD2aovV5MizDtDNe7qKZO+
t+FZZcK8vgpLtdHI4pWh5krzRVmFyaupLUTKI6m36FFHkSrBfm76qBHMMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLMStDeme+2JREtQPkcpgIJxUgraMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc3hLME42Wjc3WWxFUzFBLVJ5bUFnbkZTQ3RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpncAwQA
bbAXAwQAbbDBMA0GCSqGSIb3DQEBCwUAA4IBAQBhSQOyHbp5nITEYcJIiAR9bqEc
nxPe1jRWD6OJg57GtUZ+4ym23NvuI/UV1pkGwkbvbzHJ7F+uLOt2qRYqxISJHP95
cB87OVfg2/eKcAgj7qYQTiiiXTwWxgjQp9A21lxYTzgZvpq8Y45r7Sk3IKmiGfEE
8M5TdaHnTub9iRWzdE20yE8Us1Ly9090AYpMJjzgjc1OgWt5Ko3sTJO/iLFzipXF
wcLxBOe9MAalKnfxf96WBJ46Y/2grmlLYu8xLi3dFHnorBDgKVUr85mPXOkpxz0c
zest2J7QoFQLONVdr3X0uOS6KuE6zHLmpCz/iBbSeijbd3WZ9tzZ0XdPMV7m
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:22:06 2025 by rpki-client