Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/F_ygh6dvhfCVwXvHJVMVuMreIyE.roa
File: F_ygh6dvhfCVwXvHJVMVuMreIyE.roa (raw, json)
Hash identifier: B1ywxpAZo7PMCRy2XwEPS240BYb4noWjvYMZpP8z50I=
Subject key identifier: 17:FC:A0:87:A7:6F:85:F0:95:C1:7B:C7:25:53:15:B8:CA:DE:23:21
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0191BD7D7B6597A9C253F00ED528023BF5F4
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/F_ygh6dvhfCVwXvHJVMVuMreIyE.roa
Signing time: Wed 04 Sep 2024 14:43:23 +0000
ROA not before: Wed 04 Sep 2024 14:43:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215362
IP address blocks: 82.153.220.0/24 maxlen: 24
109.176.23.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 16:08:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bd:7d:7b:65:97:a9:c2:53:f0:0e:d5:28:02:3b:f5:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 14:43:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=17fca087a76f85f095c17bc7255315b8cade2321
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:76:7c:d8:75:e4:ad:9e:57:39:59:32:35:85:
93:41:cf:a9:c8:a8:97:c0:ae:49:7d:da:b7:85:d1:
73:bd:8d:0a:96:29:f6:fa:38:ee:b6:67:e9:c0:37:
5f:9a:dc:b4:1e:01:2c:b4:a0:0e:07:b5:65:25:62:
86:fe:fb:06:18:c4:86:6a:2f:10:8c:89:99:83:27:
c8:1f:d1:9a:0e:27:d4:14:f4:3a:4b:63:73:3a:6b:
39:84:93:a3:ff:c1:25:2f:90:44:bc:d5:99:b9:a0:
ba:94:9e:b2:38:ee:8e:b7:5c:9b:05:41:af:ad:a8:
ea:69:a3:6f:cc:9d:c1:5a:43:75:d2:9f:34:46:b5:
26:cf:f3:93:66:a2:3a:13:18:75:f7:35:0b:80:d6:
b7:59:b5:13:fa:4c:16:ab:9d:5f:40:b2:d1:e5:44:
b5:20:de:1c:02:e5:9b:11:53:a9:19:b4:67:06:f4:
ee:16:79:c7:0a:bd:0d:58:d5:79:0f:cc:ae:9c:0f:
56:06:ee:db:64:da:0d:01:f8:4c:48:b4:ba:98:2e:
69:28:c8:50:2b:cf:20:c5:f9:0c:bb:5d:fe:d4:15:
2a:a9:e3:2f:21:b6:d1:c4:08:ee:96:b7:48:2c:c6:
e2:88:94:1a:7a:70:f8:b6:48:8b:43:61:b2:cf:58:
ba:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:FC:A0:87:A7:6F:85:F0:95:C1:7B:C7:25:53:15:B8:CA:DE:23:21
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/F_ygh6dvhfCVwXvHJVMVuMreIyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.220.0/24
109.176.23.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:9f:28:2f:55:62:02:ac:e4:a5:24:cb:c9:9e:04:34:b8:1b:
04:b0:15:42:1c:32:3f:f0:eb:ea:bc:4b:17:36:19:e8:f6:55:
13:43:97:0c:67:80:33:39:a8:e3:6c:30:82:bf:35:0b:c3:8a:
8b:d7:26:c3:b0:7e:b6:3f:c1:ae:7e:5d:28:e9:70:78:de:5e:
f2:1f:da:33:6c:06:3f:44:ea:e6:c9:bf:49:f7:cf:23:a5:07:
f9:9f:ba:d1:ff:b4:d1:94:94:9d:fe:e9:ce:5e:3d:36:8f:77:
f6:ad:25:b4:83:f2:06:42:8f:6d:a9:e1:9d:90:84:12:4b:00:
0d:09:ab:27:a7:5a:6b:b8:61:40:54:89:fc:29:62:72:65:6a:
7c:90:20:df:51:d2:6d:93:7c:09:97:8a:6b:6c:95:64:82:33:
fa:0d:f2:79:dc:d6:32:56:49:ed:2c:b8:87:64:44:ae:d1:c3:
67:a3:d3:fd:c1:b6:96:a5:89:13:63:ff:d6:7b:1f:c5:a4:a4:
b6:27:c8:9d:22:f5:da:35:9c:4f:53:95:48:0a:92:da:26:62:
e6:e0:ae:4a:73:ff:09:6d:a6:b9:5c:e1:dc:de:7d:83:84:1b:
a2:4d:01:39:bd:ed:93:c2:7c:fe:59:8a:04:75:85:7a:29:6b:
af:aa:09:57
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZG9fXtll6nCU/AO1SgCO/X0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwOTA0MTQ0MzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxN2ZjYTA4N2E3NmY4NWYwOTVjMTdiYzcyNTUzMTViOGNhZGUyMzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz3Z82HXkrZ5XOVkyNYWTQc+pyKiX
wK5Jfdq3hdFzvY0Klin2+jjutmfpwDdfmty0HgEstKAOB7VlJWKG/vsGGMSGai8Q
jImZgyfIH9GaDifUFPQ6S2NzOms5hJOj/8ElL5BEvNWZuaC6lJ6yOO6Ot1ybBUGv
rajqaaNvzJ3BWkN10p80RrUmz/OTZqI6Exh19zULgNa3WbUT+kwWq51fQLLR5US1
IN4cAuWbEVOpGbRnBvTuFnnHCr0NWNV5D8yunA9WBu7bZNoNAfhMSLS6mC5pKMhQ
K88gxfkMu13+1BUqqeMvIbbRxAjulrdILMbiiJQaenD4tkiLQ2Gyz1i6RwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBf8oIenb4XwlcF7xyVTFbjK3iMhMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvRl95Z2g2ZHZoZkNWd1h2SEpWTVZ1TXJlSXlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAUpncAwQA
bbAXMA0GCSqGSIb3DQEBCwUAA4IBAQBMnygvVWICrOSlJMvJngQ0uBsEsBVCHDI/
8OvqvEsXNhno9lUTQ5cMZ4AzOajjbDCCvzULw4qL1ybDsH62P8Gufl0o6XB43l7y
H9ozbAY/ROrmyb9J988jpQf5n7rR/7TRlJSd/unOXj02j3f2rSW0g/IGQo9tqeGd
kIQSSwANCasnp1pruGFAVIn8KWJyZWp8kCDfUdJtk3wJl4prbJVkgjP6DfJ53NYy
VkntLLiHZESu0cNno9P9wbaWpYkTY//Wex/FpKS2J8idIvXaNZxPU5VICpLaJmLm
4K5Kc/8Jbaa5XOHc3n2DhBuiTQE5ve2Twnz+WYoEdYV6KWuvqglX
-----END CERTIFICATE-----
Generated at Tue Apr 29 19:54:39 2025 by rpki-client