Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yyrXCxEjTs1LMJoK24Ie5Jz2NnM.roa
File: yyrXCxEjTs1LMJoK24Ie5Jz2NnM.roa (raw, json)
Hash identifier: q8GqvIa3uf7Ch8645/l1bTAMQxHTHBPJYaoCZi+6v+w=
Subject key identifier: CB:2A:D7:0B:11:23:4E:CD:4B:30:9A:0A:DB:82:1E:E4:9C:F6:36:73
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191BD7BA65469525E9A847E475E065A5482
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yyrXCxEjTs1LMJoK24Ie5Jz2NnM.roa
Signing time: Wed 04 Sep 2024 14:41:22 +0000
ROA not before: Wed 04 Sep 2024 14:41:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 109.176.243.0/24 maxlen: 24
194.105.90.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Oct 2024 16:19:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:7b:a6:54:69:52:5e:9a:84:7e:47:5e:06:5a:54:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 14:41:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cb2ad70b11234ecd4b309a0adb821ee49cf63673
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:d6:55:18:07:0b:40:ec:74:5b:9f:0f:df:56:
c4:c0:c0:2e:11:47:d4:3d:fa:e3:02:9d:7b:64:c4:
e0:0c:89:db:26:a3:bc:72:20:0b:d7:f2:b6:8e:ae:
6c:3a:fe:e9:e8:d3:ca:0e:c4:a8:3e:7f:84:d4:71:
a4:c0:4c:28:81:22:74:cc:32:8c:63:79:ab:7f:26:
42:5c:24:2b:48:94:02:a7:81:01:c5:af:67:e9:e0:
47:63:f8:c8:96:66:ce:2d:3b:86:01:d8:3e:57:51:
4e:e0:f9:14:fe:c6:6b:cb:ff:f3:be:f1:07:f0:0c:
9e:a3:bd:0a:a2:c6:5d:f3:b8:a9:10:ee:13:af:0e:
f0:ff:7a:5e:94:ff:f5:3c:bc:fe:f4:ef:fb:cc:6e:
c5:85:ad:43:a7:eb:c8:5a:3c:f5:6a:f3:4e:3c:49:
e8:2c:f1:5e:e0:82:97:5d:58:1b:ce:19:3f:de:55:
dd:e0:09:bb:c7:a4:a3:97:e9:36:03:2a:67:99:1a:
ba:45:c3:bb:e6:14:8c:da:7f:fe:8d:eb:20:aa:71:
b0:7c:28:77:33:80:41:9a:55:f0:83:5b:e2:92:43:
8f:3d:9e:50:69:5a:38:c0:96:ff:70:86:d5:82:53:
ee:5f:f7:c9:7d:a8:80:07:dc:ba:1b:82:63:7b:04:
b2:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:2A:D7:0B:11:23:4E:CD:4B:30:9A:0A:DB:82:1E:E4:9C:F6:36:73
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/yyrXCxEjTs1LMJoK24Ie5Jz2NnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.243.0/24
194.105.90.0/24
213.130.138.0/24
Signature Algorithm: sha256WithRSAEncryption
06:8e:77:c8:4e:ec:fc:4d:f5:f8:b9:d8:e2:fb:f5:c5:95:53:
a0:4f:96:09:f2:7f:f9:fa:9a:12:39:16:79:e6:2c:bd:20:b7:
7c:15:cb:a2:bc:2a:a1:be:6c:98:fb:12:66:50:d1:f7:e4:6c:
10:52:5e:8e:2d:bc:dd:13:43:04:62:59:1a:92:a0:9f:2c:3b:
5f:29:6e:ed:0d:da:7e:f3:92:0e:bd:a4:a8:f6:d1:5e:62:0a:
ea:3b:6f:bd:6c:43:5b:3f:4a:51:3e:8a:15:fa:6a:62:3e:82:
38:ff:54:f0:e6:d1:10:7a:91:4e:47:8e:d9:26:7c:96:dc:ad:
bc:65:fc:c9:61:c7:ac:b4:bf:8b:cb:03:cf:01:92:36:ff:f0:
99:8d:39:19:97:03:05:e8:7a:e0:9a:55:fa:a9:a5:5e:e7:0f:
a5:85:54:c2:64:0b:df:24:1f:71:81:2f:bd:58:6a:d6:bc:4f:
49:20:e3:f9:7b:a9:0b:4b:8c:fa:e7:6d:00:33:ac:c9:5a:6a:
f1:b6:57:72:d6:7d:ad:40:5e:e3:95:8c:99:d5:76:fa:c7:95:
60:3f:38:e8:a3:1b:7f:7d:b1:7f:eb:23:ee:c9:50:1e:f5:43:
01:c4:6f:96:f8:3f:5b:d6:11:85:a7:71:5a:2a:c2:d4:68:82:
94:0e:43:e4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZG9e6ZUaVJemoR+R14GWlSCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA0MTQ0MTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjJhZDcwYjExMjM0ZWNkNGIzMDlhMGFkYjgyMWVlNDljZjYzNjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA29ZVGAcLQOx0W58P31bEwMAuEUfU
PfrjAp17ZMTgDInbJqO8ciAL1/K2jq5sOv7p6NPKDsSoPn+E1HGkwEwogSJ0zDKM
Y3mrfyZCXCQrSJQCp4EBxa9n6eBHY/jIlmbOLTuGAdg+V1FO4PkU/sZry//zvvEH
8Ayeo70KosZd87ipEO4Trw7w/3pelP/1PLz+9O/7zG7Fha1Dp+vIWjz1avNOPEno
LPFe4IKXXVgbzhk/3lXd4Am7x6Sjl+k2AypnmRq6RcO75hSM2n/+jesgqnGwfCh3
M4BBmlXwg1vikkOPPZ5QaVo4wJb/cIbVglPuX/fJfaiAB9y6G4JjewSyTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMsq1wsRI07NSzCaCtuCHuSc9jZzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEveXlyWEN4RWpUczFMTUpvSzI0SWU1SnoyTm5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbbDzAwQA
wmlaAwQA1YKKMA0GCSqGSIb3DQEBCwUAA4IBAQAGjnfITuz8TfX4udji+/XFlVOg
T5YJ8n/5+poSORZ55iy9ILd8FcuivCqhvmyY+xJmUNH35GwQUl6OLbzdE0MEYlka
kqCfLDtfKW7tDdp+85IOvaSo9tFeYgrqO2+9bENbP0pRPooV+mpiPoI4/1Tw5tEQ
epFOR47ZJnyW3K28ZfzJYcestL+LywPPAZI2//CZjTkZlwMF6HrgmlX6qaVe5w+l
hVTCZAvfJB9xgS+9WGrWvE9JIOP5e6kLS4z6520AM6zJWmrxtldy1n2tQF7jlYyZ
1Xb6x5VgPzjooxt/fbF/6yPuyVAe9UMBxG+W+D9b1hGFp3FaKsLUaIKUDkPk
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:13:13 2025 by rpki-client