Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/yNw8X_YG1WnPfPhtYboQEmmrqs4.roa
File: yNw8X_YG1WnPfPhtYboQEmmrqs4.roa (raw, json)
Hash identifier: M2AwkSIFu5NZpMj0GQRJjDYAxBd6795471XZETM312Y=
Subject key identifier: C8:DC:3C:5F:F6:06:D5:69:CF:7C:F8:6D:61:BA:10:12:69:AB:AA:CE
Certificate issuer: /CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Certificate serial: 01948B30019FD99B7DFE9CFC75BBCE250A6D
Authority key identifier: 50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/yNw8X_YG1WnPfPhtYboQEmmrqs4.roa
Signing time: Tue 21 Jan 2025 23:26:06 +0000
ROA not before: Tue 21 Jan 2025 23:26:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398748
IP address blocks: 37.228.148.0/22 maxlen: 22
37.228.148.0/24 maxlen: 24
37.228.149.0/24 maxlen: 24
37.228.150.0/24 maxlen: 24
37.228.151.0/24 maxlen: 24
2a06:1c41::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Feb 2025 15:29:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:8b:30:01:9f:d9:9b:7d:fe:9c:fc:75:bb:ce:25:0a:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50d18196b29f60e85d8712de4039a531cfc1ab31
Validity
Not Before: Jan 21 23:26:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c8dc3c5ff606d569cf7cf86d61ba101269abaace
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:d1:0e:7f:f4:b5:f8:7e:61:37:ee:e1:83:2f:
a4:6c:0f:d1:14:86:0d:58:48:de:5a:7d:55:7b:20:
e3:b2:39:17:e6:36:69:38:a2:fb:e4:4a:23:22:8a:
bb:35:22:d5:25:d6:dc:97:76:b9:28:5d:16:b6:7c:
54:d3:da:e7:24:b3:a1:09:4c:08:16:29:68:df:5a:
71:58:46:7c:e6:1f:0a:09:41:1b:c6:95:39:21:3c:
2a:29:89:e7:68:31:06:d8:db:63:3c:ee:8c:b9:74:
bc:9a:c5:21:23:20:5a:92:b1:ba:f5:92:85:3c:9b:
cc:d4:ca:c3:54:93:e8:28:41:af:19:0b:77:68:45:
08:a6:04:f6:9d:4e:9f:58:96:7e:d3:d5:b3:d0:32:
cb:05:95:b6:bb:e4:24:13:99:3e:46:8e:68:4d:45:
d5:46:4c:6d:09:df:0c:b8:e3:30:a5:bd:48:04:f4:
b3:e2:90:e1:be:b0:17:18:a0:4f:58:d6:bb:52:c2:
72:39:d6:2b:e1:26:4a:da:f6:30:78:a6:54:6a:5a:
ee:54:07:fc:50:09:ec:ec:99:80:cd:45:96:85:12:
0e:84:bb:6f:18:f2:6a:09:4d:ae:5d:7f:de:9d:be:
89:b5:d5:00:28:59:83:ea:1b:56:21:b8:d6:e1:fb:
fa:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:DC:3C:5F:F6:06:D5:69:CF:7C:F8:6D:61:BA:10:12:69:AB:AA:CE
X509v3 Authority Key Identifier:
keyid:50:D1:81:96:B2:9F:60:E8:5D:87:12:DE:40:39:A5:31:CF:C1:AB:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UNGBlrKfYOhdhxLeQDmlMc_BqzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/yNw8X_YG1WnPfPhtYboQEmmrqs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/cbecf4-bced-4d83-bfca-b4a181cd40f6/1/UNGBlrKfYOhdhxLeQDmlMc_BqzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.148.0/22
IPv6:
2a06:1c41::/32
Signature Algorithm: sha256WithRSAEncryption
7e:3b:c2:7b:29:23:18:5f:92:8b:d8:e7:82:7b:cd:14:9c:ca:
f0:d0:ef:d3:8c:e6:cd:62:c2:db:2d:ae:f1:21:76:4d:51:ea:
b0:3a:b3:40:39:42:84:a4:59:86:73:02:b2:1a:37:34:5e:33:
2d:52:6f:e9:4d:d0:53:9e:08:bc:43:7e:ff:3a:eb:98:be:b9:
26:12:c9:1c:9e:6d:da:07:b3:6e:ef:c5:6c:d1:b3:93:49:00:
ed:61:f0:fd:2a:9d:ba:c0:5a:02:c7:1b:f5:26:ee:f3:4f:cf:
ff:81:62:a3:4a:15:9c:a3:0a:ba:f5:41:93:01:8d:68:67:01:
2d:4c:5a:ad:cc:21:25:26:81:36:74:f9:04:23:10:b8:97:66:
cd:8b:ab:91:ca:d7:2d:6b:dd:9e:d1:d1:d2:fa:b8:d9:19:18:
cf:2c:33:5f:0a:b3:e7:39:ae:62:2e:7c:33:8d:8f:ba:6e:1b:
20:50:4d:b3:30:a7:f6:0f:49:46:f6:7f:12:be:15:26:b3:02:
0b:f9:8d:26:c3:3d:45:6b:fe:02:2c:d2:b3:44:d7:3c:6c:39:
c6:40:e1:c4:c2:d5:c7:f0:cb:5d:4c:06:17:f9:6e:83:3f:69:
9a:68:bd:23:dc:61:b9:0f:52:9b:66:67:f3:d8:25:3b:54:7a:
a8:fc:8e:af
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSLMAGf2Zt9/pz8dbvOJQptMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZDE4MTk2YjI5ZjYwZTg1ZDg3MTJkZTQwMzlhNTMxY2Zj
MWFiMzEwHhcNMjUwMTIxMjMyNjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOGRjM2M1ZmY2MDZkNTY5Y2Y3Y2Y4NmQ2MWJhMTAxMjY5YWJhYWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAytEOf/S1+H5hN+7hgy+kbA/RFIYN
WEjeWn1VeyDjsjkX5jZpOKL75EojIoq7NSLVJdbcl3a5KF0WtnxU09rnJLOhCUwI
Filo31pxWEZ85h8KCUEbxpU5ITwqKYnnaDEG2NtjPO6MuXS8msUhIyBakrG69ZKF
PJvM1MrDVJPoKEGvGQt3aEUIpgT2nU6fWJZ+09Wz0DLLBZW2u+QkE5k+Ro5oTUXV
RkxtCd8MuOMwpb1IBPSz4pDhvrAXGKBPWNa7UsJyOdYr4SZK2vYweKZUalruVAf8
UAns7JmAzUWWhRIOhLtvGPJqCU2uXX/enb6JtdUAKFmD6htWIbjW4fv6lwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMjcPF/2BtVpz3z4bWG6EBJpq6rOMB8GA1UdIwQY
MBaAFFDRgZayn2DoXYcS3kA5pTHPwasxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2Et
YjRhMTgxY2Q0MGY2LzEveU53OFhfWUcxV25QZlBodFlib1FFbW1ycXM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9jYmVjZjQtYmNlZC00ZDgzLWJmY2EtYjRhMTgxY2Q0MGY2
LzEvVU5HQmxyS2ZZT2hkaHhMZVFEbWxNY19CcXpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCJeSUMA0E
AgACMAcDBQAqBhxBMA0GCSqGSIb3DQEBCwUAA4IBAQB+O8J7KSMYX5KL2OeCe80U
nMrw0O/TjObNYsLbLa7xIXZNUeqwOrNAOUKEpFmGcwKyGjc0XjMtUm/pTdBTngi8
Q37/OuuYvrkmEskcnm3aB7Nu78Vs0bOTSQDtYfD9Kp26wFoCxxv1Ju7zT8//gWKj
ShWcowq69UGTAY1oZwEtTFqtzCElJoE2dPkEIxC4l2bNi6uRytcta92e0dHS+rjZ
GRjPLDNfCrPnOa5iLnwzjY+6bhsgUE2zMKf2D0lG9n8SvhUmswIL+Y0mwz1Fa/4C
LNKzRNc8bDnGQOHEwtXH8MtdTAYX+W6DP2maaL0j3GG5D1KbZmfz2CU7VHqo/I6v
-----END CERTIFICATE-----
Generated at Mon Apr 7 18:07:59 2025 by rpki-client