Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/P_2H8Py0AkDpsKPETHKWUxNP0M0.roa
File: P_2H8Py0AkDpsKPETHKWUxNP0M0.roa (raw, json)
Hash identifier: U9LsJLxqeds3OXbqnqjX9zB//+Mx6463saUXA5Fq95Y=
Subject key identifier: 3F:FD:87:F0:FC:B4:02:40:E9:B0:A3:C4:4C:72:96:53:13:4F:D0:CD
Certificate issuer: /CN=b5344218a4880b500c033321e76bd78b4f3c1658
Certificate serial: 01947F876380C14D349CD2EE08F5F5BBD89B
Authority key identifier: B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/P_2H8Py0AkDpsKPETHKWUxNP0M0.roa
Signing time: Sun 19 Jan 2025 17:06:06 +0000
ROA not before: Sun 19 Jan 2025 17:06:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34615
IP address blocks: 192.109.30.0/24 maxlen: 24
192.109.37.0/24 maxlen: 24
192.109.38.0/24 maxlen: 24
2a0f:6c40::/29 maxlen: 29
2a0f:6c40::/32 maxlen: 32
2a0f:6c41::/32 maxlen: 32
2a0f:6c42::/32 maxlen: 32
2a0f:6c43::/32 maxlen: 32
2a0f:6c44::/32 maxlen: 32
2a0f:6c45::/32 maxlen: 32
2a0f:6c47::/32 maxlen: 32
Validation: Failed, certificate revoked on Sun 19 Jan 2025 21:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:7f:87:63:80:c1:4d:34:9c:d2:ee:08:f5:f5:bb:d8:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5344218a4880b500c033321e76bd78b4f3c1658
Validity
Not Before: Jan 19 17:06:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ffd87f0fcb40240e9b0a3c44c729653134fd0cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:97:2c:3a:00:8b:81:c4:bc:18:85:09:56:4a:
17:41:86:85:08:79:4a:d7:38:4f:21:2b:16:c0:d4:
a6:dc:78:e1:2e:c8:de:b2:e8:d7:93:72:7c:ec:a6:
8a:7e:15:15:cf:08:72:e0:58:96:32:46:18:b7:d6:
0c:b7:3c:19:6e:d6:be:2a:d4:c2:c1:36:2a:9d:40:
0e:4d:b4:dc:66:5b:b8:e4:72:32:a8:b4:a9:00:b3:
41:cf:96:33:f6:dc:d6:ce:72:30:6f:ca:f4:1f:16:
1b:53:1e:42:14:11:ff:9a:10:51:b0:5f:25:5f:8d:
d2:2b:b2:37:66:ff:54:49:9f:f8:51:1b:c8:03:9f:
7c:5f:c6:36:15:8b:c0:62:3a:c6:f3:14:83:dd:12:
f5:e6:1c:f1:da:33:a8:1f:09:62:be:09:fd:89:45:
ee:6c:af:70:4c:44:b1:64:83:a0:42:18:56:8b:17:
02:f3:e4:d7:d3:66:93:fd:13:9b:5b:10:d6:85:36:
9d:5f:d9:ba:ef:37:d0:19:df:f5:68:30:71:4d:b2:
f5:37:e4:14:63:6f:55:82:d5:14:e9:e4:1e:eb:8f:
a1:84:cb:38:da:cc:58:08:7d:37:a8:42:ff:ee:08:
18:cf:1a:19:58:b6:8b:fb:72:a5:3c:34:e4:ec:2a:
8b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:FD:87:F0:FC:B4:02:40:E9:B0:A3:C4:4C:72:96:53:13:4F:D0:CD
X509v3 Authority Key Identifier:
keyid:B5:34:42:18:A4:88:0B:50:0C:03:33:21:E7:6B:D7:8B:4F:3C:16:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTRCGKSIC1AMAzMh52vXi088Flg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/P_2H8Py0AkDpsKPETHKWUxNP0M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/d282be-7ca5-400f-be84-cfab10d30693/1/tTRCGKSIC1AMAzMh52vXi088Flg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.109.30.0/24
192.109.37.0-192.109.38.255
IPv6:
2a0f:6c40::/29
Signature Algorithm: sha256WithRSAEncryption
04:46:b3:91:ab:d0:63:39:ef:84:d0:ef:a4:41:5c:02:ec:78:
84:05:d1:b5:b4:e7:56:8f:cb:0b:0b:0e:80:46:f9:9f:7b:a8:
63:01:10:80:ab:42:1d:91:9e:f5:4a:b5:04:e4:65:62:35:0c:
68:c4:46:24:7d:0b:49:7b:2e:22:cd:d6:c1:ee:de:85:a0:26:
24:a8:a8:2f:40:37:93:d2:17:96:b7:35:06:7a:58:30:0b:2a:
75:5f:0b:3e:9a:25:76:d6:50:b1:70:93:60:df:ff:44:8f:96:
fd:37:dc:4b:bd:6d:99:c7:c0:79:64:54:74:c1:f4:26:e3:86:
2d:f3:5d:1f:ea:e2:1c:1e:53:bc:ff:19:13:f7:15:f9:47:44:
98:35:6e:ad:73:bf:f0:8a:38:1b:d3:8f:d5:49:67:34:d5:44:
1a:96:c6:97:48:17:9c:b5:7f:ba:05:cf:6b:81:8c:db:d4:47:
2e:cd:0f:e6:86:6d:13:21:bb:bc:88:06:31:d3:cc:af:ec:72:
8f:f3:14:2c:54:26:3f:ec:1c:56:ac:3b:3f:7a:53:de:43:ba:
e9:ea:c2:a9:38:c4:a1:1b:c4:38:7d:8b:57:c9:62:b3:ac:6f:
41:02:c9:33:61:47:73:b4:32:39:55:7e:00:d8:ff:2c:50:10:
b9:f6:53:6e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZR/h2OAwU00nNLuCPX1u9ibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MzQ0MjE4YTQ4ODBiNTAwYzAzMzMyMWU3NmJkNzhiNGYz
YzE2NTgwHhcNMjUwMTE5MTcwNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmZkODdmMGZjYjQwMjQwZTliMGEzYzQ0YzcyOTY1MzEzNGZkMGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAspcsOgCLgcS8GIUJVkoXQYaFCHlK
1zhPISsWwNSm3HjhLsjesujXk3J87KaKfhUVzwhy4FiWMkYYt9YMtzwZbta+KtTC
wTYqnUAOTbTcZlu45HIyqLSpALNBz5Yz9tzWznIwb8r0HxYbUx5CFBH/mhBRsF8l
X43SK7I3Zv9USZ/4URvIA598X8Y2FYvAYjrG8xSD3RL15hzx2jOoHwlivgn9iUXu
bK9wTESxZIOgQhhWixcC8+TX02aT/RObWxDWhTadX9m67zfQGd/1aDBxTbL1N+QU
Y29VgtUU6eQe64+hhMs42sxYCH03qEL/7ggYzxoZWLaL+3KlPDTk7CqLIwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFD/9h/D8tAJA6bCjxExyllMTT9DNMB8GA1UdIwQY
MBaAFLU0QhikiAtQDAMzIedr14tPPBZYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQt
Y2ZhYjEwZDMwNjkzLzEvUF8ySDhQeTBBa0Rwc0tQRVRIS1dVeE5QME0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9kMjgyYmUtN2NhNS00MDBmLWJlODQtY2ZhYjEwZDMwNjkz
LzEvdFRSQ0dLU0lDMUFNQXpNaDUydlhpMDg4RmxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAwG0eMAwD
BADAbSUDBADAbSYwDQQCAAIwBwMFAyoPbEAwDQYJKoZIhvcNAQELBQADggEBAARG
s5Gr0GM574TQ76RBXALseIQF0bW051aPywsLDoBG+Z97qGMBEICrQh2RnvVKtQTk
ZWI1DGjERiR9C0l7LiLN1sHu3oWgJiSoqC9AN5PSF5a3NQZ6WDALKnVfCz6aJXbW
ULFwk2Df/0SPlv033Eu9bZnHwHlkVHTB9Cbjhi3zXR/q4hweU7z/GRP3FflHRJg1
bq1zv/CKOBvTj9VJZzTVRBqWxpdIF5y1f7oFz2uBjNvURy7ND+aGbRMhu7yIBjHT
zK/sco/zFCxUJj/sHFasOz96U95Duunqwqk4xKEbxDh9i1fJYrOsb0ECyTNhR3O0
MjlVfgDY/yxQELn2U24=
-----END CERTIFICATE-----
Generated at Sun Apr 27 22:04:08 2025 by rpki-client