Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zfyDX4HtYp76HA7B15yF8qNZ7dk.roa
File: zfyDX4HtYp76HA7B15yF8qNZ7dk.roa (raw, json)
Hash identifier: n//udVYOCdlH3YkmLS7xBWKSroXwWRHKAfXyW+kfsgQ=
Subject key identifier: CD:FC:83:5F:81:ED:62:9E:FA:1C:0E:C1:D7:9C:85:F2:A3:59:ED:D9
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FC36C424A4DE0BBACEA0E85399891A9E8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zfyDX4HtYp76HA7B15yF8qNZ7dk.roa
Signing time: Wed 29 May 2024 08:16:42 +0000
ROA not before: Wed 29 May 2024 08:16:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48753
IP address blocks: 109.176.16.0/24 maxlen: 24
109.176.21.0/24 maxlen: 24
109.176.201.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 16 Jun 2024 19:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:6c:42:4a:4d:e0:bb:ac:ea:0e:85:39:98:91:a9:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 29 08:16:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=cdfc835f81ed629efa1c0ec1d79c85f2a359edd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f4:01:16:ae:3e:29:6f:3a:bc:1a:ad:51:12:
38:54:5f:80:a1:d4:f8:5d:34:25:e3:62:e9:62:8f:
32:51:d1:d3:b3:a7:37:5b:3c:ce:72:c5:93:80:e1:
99:4f:6b:60:88:e8:5f:72:11:89:99:fb:89:44:ff:
a3:92:70:45:82:ae:be:ef:c4:41:f0:db:93:d5:ab:
41:76:45:d8:a4:dc:a7:34:1a:89:9b:57:a4:42:5b:
4b:47:9b:10:8f:33:76:6b:ff:f6:90:79:98:88:bf:
11:8d:0f:58:0c:27:70:4e:12:eb:80:c1:a3:c3:28:
97:e9:5b:c5:cc:df:18:f5:70:33:df:dd:7c:6b:e6:
30:8a:0d:68:48:46:c7:71:fe:f2:c7:0c:7d:09:61:
82:24:b7:30:4e:5a:83:05:26:ed:fa:4a:fa:32:37:
e9:77:a0:eb:b6:4d:91:af:03:63:87:a8:93:f6:e0:
c8:4c:04:f2:49:af:82:1e:4b:6d:ad:e8:b8:87:f8:
59:f9:28:39:4b:b5:b7:69:44:83:a5:db:0c:6c:1c:
54:de:73:55:46:0c:13:cd:c3:5b:85:4d:38:aa:bc:
65:77:9a:db:a7:c7:d0:63:39:16:98:cf:27:4c:8d:
97:8b:d6:7c:1c:0c:c2:ee:a1:47:65:5f:36:c5:0a:
12:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FC:83:5F:81:ED:62:9E:FA:1C:0E:C1:D7:9C:85:F2:A3:59:ED:D9
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zfyDX4HtYp76HA7B15yF8qNZ7dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.16.0/24
109.176.21.0/24
109.176.201.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:3d:d1:ec:f0:bc:4a:05:4a:d5:48:c0:b8:85:d8:72:b6:51:
ba:a0:57:59:33:71:c4:ab:f5:bb:7a:2b:0f:e2:17:a0:32:9b:
dd:a1:ef:46:77:64:53:46:b5:1a:83:7e:f9:13:6f:d6:de:f7:
ff:38:e4:9d:aa:a9:ea:fe:f1:69:07:11:27:4b:95:8c:5b:38:
b1:24:f9:6d:fd:d0:60:0b:cf:1c:b6:3a:78:1a:71:22:bd:16:
20:f8:ff:7d:11:3b:8f:71:ee:90:8d:a8:a3:a9:d3:16:03:81:
9c:f1:9b:b9:c2:1f:fd:f9:05:53:60:5e:0f:69:35:de:85:5a:
3e:7c:aa:c1:59:09:e7:88:b5:98:b3:d5:9e:f5:bc:0b:37:0e:
b0:d0:0f:30:1c:b4:80:88:9d:3b:0a:27:00:d7:ca:68:db:78:
30:d3:14:6b:ec:f1:1c:b6:cc:68:4f:06:5a:c7:00:d7:5c:e0:
90:69:55:7a:93:ae:28:73:9b:3b:14:86:16:0c:41:31:38:71:
a0:31:05:f7:62:89:b9:d3:5b:85:6e:ac:81:cb:d6:fb:70:07:
ca:01:47:48:0f:d8:16:91:08:19:36:53:46:06:75:93:78:40:
fe:77:29:c5:e4:75:e8:0a:53:b7:7b:c3:3a:f4:dc:d8:fd:d6:
a3:93:d2:43
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/DbEJKTeC7rOoOhTmYkanoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI5MDgxNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGZjODM1ZjgxZWQ2MjllZmExYzBlYzFkNzljODVmMmEzNTllZGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PQBFq4+KW86vBqtURI4VF+AodT4
XTQl42LpYo8yUdHTs6c3WzzOcsWTgOGZT2tgiOhfchGJmfuJRP+jknBFgq6+78RB
8NuT1atBdkXYpNynNBqJm1ekQltLR5sQjzN2a//2kHmYiL8RjQ9YDCdwThLrgMGj
wyiX6VvFzN8Y9XAz3918a+Ywig1oSEbHcf7yxwx9CWGCJLcwTlqDBSbt+kr6Mjfp
d6Drtk2RrwNjh6iT9uDITATySa+CHkttrei4h/hZ+Sg5S7W3aUSDpdsMbBxU3nNV
RgwTzcNbhU04qrxld5rbp8fQYzkWmM8nTI2Xi9Z8HAzC7qFHZV82xQoStwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM38g1+B7WKe+hwOwdechfKjWe3ZMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvemZ5RFg0SHRZcDc2SEE3QjE1eUY4cU5aN2RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbbAQAwQA
bbAVAwQAbbDJMA0GCSqGSIb3DQEBCwUAA4IBAQB/PdHs8LxKBUrVSMC4hdhytlG6
oFdZM3HEq/W7eisP4hegMpvdoe9Gd2RTRrUag375E2/W3vf/OOSdqqnq/vFpBxEn
S5WMWzixJPlt/dBgC88ctjp4GnEivRYg+P99ETuPce6QjaijqdMWA4Gc8Zu5wh/9
+QVTYF4PaTXehVo+fKrBWQnniLWYs9We9bwLNw6w0A8wHLSAiJ07CicA18po23gw
0xRr7PEctsxoTwZaxwDXXOCQaVV6k64oc5s7FIYWDEExOHGgMQX3Yom501uFbqyB
y9b7cAfKAUdID9gWkQgZNlNGBnWTeED+dynF5HXoClO3e8M69NzY/dajk9JD
-----END CERTIFICATE-----
Generated at Thu Mar 13 19:16:48 2025 by rpki-client