Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/9oxwHTaGkfZuJT32md6CYBToQ80.roa
File: 9oxwHTaGkfZuJT32md6CYBToQ80.roa (raw, json)
Hash identifier: JTermiy/BlRohLzvMWVrfYu9ASPrTjmJy+WVr2FnAVE=
Subject key identifier: F6:8C:70:1D:36:86:91:F6:6E:25:3D:F6:99:DE:82:60:14:E8:43:CD
Certificate issuer: /CN=427ce5719caa681adbd493a8d9a38a675d6bd639
Certificate serial: 018CC8DF737C9BB1B2B784E08BFD489ABF99
Authority key identifier: 42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/9oxwHTaGkfZuJT32md6CYBToQ80.roa
Signing time: Tue 02 Jan 2024 06:32:16 +0000
ROA not before: Tue 02 Jan 2024 06:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 176.52.187.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 17:47:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:73:7c:9b:b1:b2:b7:84:e0:8b:fd:48:9a:bf:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=427ce5719caa681adbd493a8d9a38a675d6bd639
Validity
Not Before: Jan 2 06:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f68c701d368691f66e253df699de826014e843cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:89:48:fc:4d:4b:f5:c2:1b:27:76:c1:71:d2:
bd:d0:b0:52:e1:25:93:1f:9b:e0:40:7d:91:dc:f1:
1b:93:1b:f3:4d:aa:e2:5e:3d:39:e3:89:e4:65:af:
8e:78:18:0b:e4:8c:15:48:95:a2:3d:33:b3:ff:06:
aa:fa:13:d9:a0:b0:56:62:7d:28:8b:fb:40:60:5a:
b1:a2:dd:d7:9e:87:22:f6:fa:0e:2d:ec:b5:fd:dc:
ce:76:6f:87:29:80:95:af:78:0d:00:e7:04:aa:07:
9b:04:db:a3:06:50:4c:5e:0c:5a:87:5e:48:90:0c:
e4:d1:4f:cc:2e:88:2f:bb:80:db:aa:b6:93:7b:8a:
81:a9:48:ef:c5:a9:e8:9f:85:b7:ee:b2:b2:23:38:
e4:d0:70:79:60:d0:55:cc:d5:35:b8:27:c4:44:50:
93:60:c4:33:5b:6b:d3:c9:f9:0a:2b:d8:dc:62:03:
aa:88:71:e2:f2:b2:7d:28:a6:cd:e7:39:be:52:75:
7d:62:05:53:4e:77:69:9e:5f:ee:b3:d3:34:40:bc:
58:24:a8:5e:ee:aa:c2:30:00:43:31:21:90:11:f0:
26:9f:bb:68:a6:3e:c0:cc:5e:96:e9:56:e1:d7:82:
d0:ed:a3:9d:e8:c3:d7:89:e8:14:9d:7a:fd:06:fd:
20:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:8C:70:1D:36:86:91:F6:6E:25:3D:F6:99:DE:82:60:14:E8:43:CD
X509v3 Authority Key Identifier:
keyid:42:7C:E5:71:9C:AA:68:1A:DB:D4:93:A8:D9:A3:8A:67:5D:6B:D6:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QnzlcZyqaBrb1JOo2aOKZ11r1jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/9oxwHTaGkfZuJT32md6CYBToQ80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/3e3548-fdb5-4ded-ba59-091c2d303fe8/1/QnzlcZyqaBrb1JOo2aOKZ11r1jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.52.187.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:cc:5e:30:5b:77:e9:a5:90:36:fb:05:cb:40:13:24:04:72:
b6:02:f1:98:ba:93:4a:e4:48:46:48:cc:50:a4:c1:ce:6f:22:
af:5e:6c:4f:4f:93:4b:8c:0a:64:33:80:54:42:a7:a3:bc:85:
96:74:96:d3:e5:a8:63:c2:d8:95:76:40:30:91:2d:94:34:79:
dc:65:01:70:83:3a:d4:eb:e6:09:d2:0f:0d:ff:e0:4c:61:29:
88:48:59:ee:6a:83:43:d8:16:a7:b1:e4:b2:b6:c2:38:c3:55:
e8:1d:ea:8e:32:73:e8:10:2c:b0:ae:7f:ba:14:81:ab:60:5a:
38:38:34:df:42:37:9d:7f:a5:04:5f:52:a3:69:4c:52:9b:a1:
1b:a6:a0:94:0d:b6:c3:fc:e2:0a:51:9c:a2:5f:d0:ff:c5:76:
ca:aa:11:3d:08:a3:25:cf:f1:36:d3:86:8a:0c:b1:51:8f:f9:
f7:47:bf:2d:74:d0:06:f3:19:43:7c:7b:3b:b5:61:d4:83:2d:
07:c9:f2:d1:f4:2d:0f:33:b0:0c:f3:8d:3f:fb:27:0d:2b:7b:
81:e2:2b:56:bb:5f:17:18:65:67:89:9e:0d:e7:3e:ee:60:4f:
5b:67:87:d4:37:23:0c:e9:92:e3:2e:e4:ab:d4:40:af:0d:dc:
f1:a5:fa:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI33N8m7Gyt4Tgi/1Imr+ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyN2NlNTcxOWNhYTY4MWFkYmQ0OTNhOGQ5YTM4YTY3NWQ2
YmQ2MzkwHhcNMjQwMTAyMDYzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNjhjNzAxZDM2ODY5MWY2NmUyNTNkZjY5OWRlODI2MDE0ZTg0M2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArIlI/E1L9cIbJ3bBcdK90LBS4SWT
H5vgQH2R3PEbkxvzTariXj0544nkZa+OeBgL5IwVSJWiPTOz/waq+hPZoLBWYn0o
i/tAYFqxot3Xnoci9voOLey1/dzOdm+HKYCVr3gNAOcEqgebBNujBlBMXgxah15I
kAzk0U/MLogvu4DbqraTe4qBqUjvxanon4W37rKyIzjk0HB5YNBVzNU1uCfERFCT
YMQzW2vTyfkKK9jcYgOqiHHi8rJ9KKbN5zm+UnV9YgVTTndpnl/us9M0QLxYJKhe
7qrCMABDMSGQEfAmn7topj7AzF6W6Vbh14LQ7aOd6MPXiegUnXr9Bv0gowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPaMcB02hpH2biU99pnegmAU6EPNMB8GA1UdIwQY
MBaAFEJ85XGcqmga29STqNmjimdda9Y5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW56bGNaeXFhQnJiMUpPbzJhT0taMTFyMWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC8zZTM1NDgtZmRiNS00ZGVkLWJhNTkt
MDkxYzJkMzAzZmU4LzEvOW94d0hUYUdrZlp1SlQzMm1kNkNZQlRvUTgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC8zZTM1NDgtZmRiNS00ZGVkLWJhNTktMDkxYzJkMzAzZmU4
LzEvUW56bGNaeXFhQnJiMUpPbzJhT0taMTFyMWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsDS7MA0G
CSqGSIb3DQEBCwUAA4IBAQBKzF4wW3fppZA2+wXLQBMkBHK2AvGYupNK5EhGSMxQ
pMHObyKvXmxPT5NLjApkM4BUQqejvIWWdJbT5ahjwtiVdkAwkS2UNHncZQFwgzrU
6+YJ0g8N/+BMYSmISFnuaoND2BanseSytsI4w1XoHeqOMnPoECywrn+6FIGrYFo4
ODTfQjedf6UEX1KjaUxSm6EbpqCUDbbD/OIKUZyiX9D/xXbKqhE9CKMlz/E204aK
DLFRj/n3R78tdNAG8xlDfHs7tWHUgy0HyfLR9C0PM7AM840/+ycNK3uB4itWu18X
GGVniZ4N5z7uYE9bZ4fUNyMM6ZLjLuSr1ECvDdzxpfpC
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:26:07 2025 by rpki-client