Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LtOlX44cCXDr2ALs0dH_sM-UJaw.roa
File: LtOlX44cCXDr2ALs0dH_sM-UJaw.roa (raw, json)
Hash identifier: AFTPZKwwZ8PWVOQYg+b2Pp2U1zRvapND3yQDJsOgg1o=
Subject key identifier: 2E:D3:A5:5F:8E:1C:09:70:EB:D8:02:EC:D1:D1:FF:B0:CF:94:25:AC
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018CC3496570B3FBF5D7C161768233A6F31F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LtOlX44cCXDr2ALs0dH_sM-UJaw.roa
Signing time: Mon 01 Jan 2024 04:30:16 +0000
ROA not before: Mon 01 Jan 2024 04:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216200
IP address blocks: 109.176.240.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 03 Sep 2024 11:55:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:65:70:b3:fb:f5:d7:c1:61:76:82:33:a6:f3:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 04:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2ed3a55f8e1c0970ebd802ecd1d1ffb0cf9425ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:65:30:0e:73:d3:2c:73:c9:4c:49:a9:41:c1:
74:3e:0b:05:b1:75:4a:98:6e:d9:a5:e4:7f:ea:b8:
dd:30:b4:a5:a2:df:d1:97:87:58:a2:cf:16:02:09:
ec:af:8a:b4:db:be:ac:e2:23:71:0c:ce:ff:92:3e:
fb:34:b5:4b:53:f0:d6:20:69:37:4b:47:7a:b5:d8:
13:c3:d2:e9:78:69:7d:d4:9b:43:39:1c:48:14:6e:
69:7a:7d:9a:f2:d1:c1:b4:69:7e:94:c9:08:53:ca:
ba:87:96:f0:fd:a4:7a:2f:a5:27:e4:d5:32:90:96:
0f:91:6d:d9:50:9a:0d:50:19:8e:6a:f5:d5:c7:fa:
55:cf:d5:28:2b:d1:b3:6b:b6:27:09:fc:90:aa:66:
69:24:78:69:f4:35:a4:7c:6f:ac:e6:ce:4d:9c:b2:
7b:3e:d9:fd:0e:73:1e:4f:2a:b8:e0:a1:4f:fe:20:
4c:96:9b:de:e1:c4:1e:32:18:09:56:a1:a4:05:d7:
79:b4:4a:ee:71:d5:e6:06:f5:d9:ef:61:c6:f2:21:
c2:68:27:c9:26:d7:08:96:e2:f2:a3:30:c6:87:bf:
bf:f8:e0:55:2a:f6:3c:93:e2:ab:0f:b9:db:72:ef:
37:c5:6c:db:42:c3:bc:b3:63:23:a5:cf:04:20:9b:
fc:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:D3:A5:5F:8E:1C:09:70:EB:D8:02:EC:D1:D1:FF:B0:CF:94:25:AC
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/LtOlX44cCXDr2ALs0dH_sM-UJaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.240.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:db:94:cb:26:a6:c9:d5:35:3a:fd:90:63:da:b9:bf:a4:c5:
55:db:23:6f:7d:1d:61:ff:4d:f8:33:a9:b6:38:00:40:77:2b:
73:76:f6:91:a8:be:64:e9:42:dc:14:7e:d2:95:e1:f5:2a:42:
9a:be:79:fa:69:75:b9:02:9d:4f:60:c5:0e:e7:81:83:d0:8b:
77:2a:8c:0f:70:98:2a:08:60:fc:4d:75:34:3e:28:32:2b:47:
49:33:39:51:74:0d:12:99:97:3f:5f:ec:a1:59:5b:bc:bd:12:
f2:93:b7:a3:e0:10:9e:cd:cb:4d:3f:ac:d9:56:09:a8:08:2b:
67:37:23:26:02:56:af:c0:65:28:32:3c:a4:4b:5a:e5:bc:44:
b2:3a:53:ba:a5:65:7c:5d:b6:69:06:81:a0:48:ec:56:14:d9:
51:1a:99:bb:cd:ae:fa:f8:14:ac:4b:13:c1:01:98:50:da:5e:
cd:1c:f9:16:1c:5f:af:b2:48:67:3c:fa:be:4d:36:ac:0f:5b:
45:37:0f:af:4d:35:08:d0:0a:70:e6:40:e5:8b:1a:4b:d3:c2:
72:cb:5b:8b:6e:af:6b:be:a0:66:7c:30:dc:ef:33:d6:9a:7a:
ec:68:c5:ff:88:2c:c7:20:fa:f9:05:a8:02:f4:a6:57:fa:42:
39:40:7c:37
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSWVws/v118FhdoIzpvMfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTAxMDQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZWQzYTU1ZjhlMWMwOTcwZWJkODAyZWNkMWQxZmZiMGNmOTQyNWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAimUwDnPTLHPJTEmpQcF0PgsFsXVK
mG7ZpeR/6rjdMLSlot/Rl4dYos8WAgnsr4q0276s4iNxDM7/kj77NLVLU/DWIGk3
S0d6tdgTw9LpeGl91JtDORxIFG5pen2a8tHBtGl+lMkIU8q6h5bw/aR6L6Un5NUy
kJYPkW3ZUJoNUBmOavXVx/pVz9UoK9Gza7YnCfyQqmZpJHhp9DWkfG+s5s5NnLJ7
Ptn9DnMeTyq44KFP/iBMlpve4cQeMhgJVqGkBdd5tErucdXmBvXZ72HG8iHCaCfJ
JtcIluLyozDGh7+/+OBVKvY8k+KrD7nbcu83xWzbQsO8s2Mjpc8EIJv80QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFC7TpV+OHAlw69gC7NHR/7DPlCWsMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvTHRPbFg0NGNDWERyMkFMczBkSF9zTS1VSmF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbbDwMA0G
CSqGSIb3DQEBCwUAA4IBAQA725TLJqbJ1TU6/ZBj2rm/pMVV2yNvfR1h/034M6m2
OABAdytzdvaRqL5k6ULcFH7SleH1KkKavnn6aXW5Ap1PYMUO54GD0It3KowPcJgq
CGD8TXU0PigyK0dJMzlRdA0SmZc/X+yhWVu8vRLyk7ej4BCezctNP6zZVgmoCCtn
NyMmAlavwGUoMjykS1rlvESyOlO6pWV8XbZpBoGgSOxWFNlRGpm7za76+BSsSxPB
AZhQ2l7NHPkWHF+vskhnPPq+TTasD1tFNw+vTTUI0Apw5kDlixpL08Jyy1uLbq9r
vqBmfDDc7zPWmnrsaMX/iCzHIPr5BagC9KZX+kI5QHw3
-----END CERTIFICATE-----
Generated at Tue Apr 29 22:55:39 2025 by rpki-client