Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/SRGaCnLQKZPnAj9zsP4coYrnhus.roa
File: SRGaCnLQKZPnAj9zsP4coYrnhus.roa (raw, json)
Hash identifier: xv7EzSNamTSRDVtKeXbV0BGhelRe/wI+JcnEEoQDO38=
Subject key identifier: 49:11:9A:0A:72:D0:29:93:E7:02:3F:73:B0:FE:1C:A1:8A:E7:86:EB
Certificate issuer: /CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Certificate serial: 01932371541A4D5D7B5A42F229462D1E8564
Authority key identifier: BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/SRGaCnLQKZPnAj9zsP4coYrnhus.roa
Signing time: Wed 13 Nov 2024 02:54:09 +0000
ROA not before: Wed 13 Nov 2024 02:54:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5413
IP address blocks: 37.252.60.0/22 maxlen: 23
95.172.224.0/19 maxlen: 24
212.105.160.0/19 maxlen: 24
2a00:10ef::/32 maxlen: 48
Validation: Failed, certificate revoked on Wed 01 Jan 2025 13:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:23:71:54:1a:4d:5d:7b:5a:42:f2:29:46:2d:1e:85:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bda96d02a822f46253c2aee680441d5ac27c3df5
Validity
Not Before: Nov 13 02:54:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49119a0a72d02993e7023f73b0fe1ca18ae786eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:16:4f:a5:f9:3f:9a:fd:98:a8:46:eb:62:5e:
9b:f1:39:a3:d8:7a:c2:60:27:d4:bd:20:7d:cf:f9:
9a:49:ef:8d:f9:8b:9d:f1:33:46:f8:e9:94:3f:b7:
26:ad:43:bb:56:a8:ca:cf:73:b1:50:39:46:59:cc:
bd:37:e7:d5:a6:57:65:ae:81:b0:2a:be:ff:57:f8:
1c:4c:db:6d:84:46:82:f5:a5:51:9f:e4:ae:da:03:
74:8b:d6:bb:2c:1c:a7:03:fc:37:ab:c6:f0:44:69:
fc:7d:da:27:78:f3:92:2e:54:49:00:ee:70:1a:a9:
bf:1a:cb:71:1a:36:d7:b0:a5:fa:53:36:68:7e:f5:
a4:9c:66:3e:8b:7e:38:3f:0c:5b:88:ad:66:93:4d:
3e:3b:a5:aa:58:d0:fb:13:12:a8:84:37:c3:cd:12:
b2:22:34:2c:bd:ab:d1:02:ce:ae:8a:37:66:02:6d:
9a:11:a9:54:a0:d1:05:4c:99:e5:cf:0b:97:d9:00:
a8:7c:e0:16:74:ba:a2:2c:97:82:e2:b5:8d:7e:fb:
50:f6:69:15:35:51:88:c0:0e:bc:83:95:6a:cb:55:
07:7c:7f:30:57:3a:5d:9a:04:6e:cb:89:cb:d0:85:
b2:37:24:51:ed:c8:91:0e:2c:3d:41:96:30:aa:b6:
4a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:11:9A:0A:72:D0:29:93:E7:02:3F:73:B0:FE:1C:A1:8A:E7:86:EB
X509v3 Authority Key Identifier:
keyid:BD:A9:6D:02:A8:22:F4:62:53:C2:AE:E6:80:44:1D:5A:C2:7C:3D:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/valtAqgi9GJTwq7mgEQdWsJ8PfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/SRGaCnLQKZPnAj9zsP4coYrnhus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a27b39-8011-4142-86c2-cf83d6e40558/1/valtAqgi9GJTwq7mgEQdWsJ8PfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.60.0/22
95.172.224.0/19
212.105.160.0/19
IPv6:
2a00:10ef::/32
Signature Algorithm: sha256WithRSAEncryption
2d:48:2b:a4:e0:0f:0c:cd:51:de:d7:7d:9f:a7:61:c5:41:ca:
0e:82:be:c5:12:e9:ef:f3:7c:6a:95:ea:74:c8:0b:c5:80:36:
a3:c3:8a:c6:43:64:f7:29:55:a5:c1:ed:22:d5:38:11:74:ea:
48:fb:11:59:2a:d5:cc:10:e4:f3:13:46:8e:db:62:05:48:2c:
94:91:8f:1b:f1:2c:89:01:44:98:16:62:c0:2f:f0:4c:b2:f6:
a4:09:f0:76:98:bc:dc:58:61:12:4d:a2:c4:96:53:f0:a6:a8:
d6:bb:d3:f1:68:66:6b:54:27:1b:72:41:a5:9a:62:e0:68:02:
c3:56:27:f0:8a:24:04:0b:68:0d:75:ed:6c:a2:41:9a:c1:b3:
4e:7b:7d:ca:12:d5:77:66:a3:70:8f:07:9a:dd:f8:71:94:36:
5c:c7:09:66:53:90:da:15:7c:9a:93:5c:af:58:c6:9a:77:63:
36:52:3c:bd:b9:57:e4:97:85:a6:13:2b:75:e2:47:fc:18:40:
b9:2b:2e:b8:f4:8d:42:40:cd:10:03:0b:a6:71:90:fb:ca:10:
8a:5e:62:68:49:09:04:7f:ce:3c:5c:83:59:5f:90:16:07:5b:
cb:52:ad:11:11:a6:b8:fa:81:77:29:47:92:28:96:c1:d8:96:
c1:95:40:25
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZMjcVQaTV17WkLyKUYtHoVkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkYTk2ZDAyYTgyMmY0NjI1M2MyYWVlNjgwNDQxZDVhYzI3
YzNkZjUwHhcNMjQxMTEzMDI1NDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OTExOWEwYTcyZDAyOTkzZTcwMjNmNzNiMGZlMWNhMThhZTc4NmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xZPpfk/mv2YqEbrYl6b8Tmj2HrC
YCfUvSB9z/maSe+N+Yud8TNG+OmUP7cmrUO7VqjKz3OxUDlGWcy9N+fVpldlroGw
Kr7/V/gcTNtthEaC9aVRn+Su2gN0i9a7LBynA/w3q8bwRGn8fdonePOSLlRJAO5w
Gqm/GstxGjbXsKX6UzZofvWknGY+i344PwxbiK1mk00+O6WqWND7ExKohDfDzRKy
IjQsvavRAs6uijdmAm2aEalUoNEFTJnlzwuX2QCofOAWdLqiLJeC4rWNfvtQ9mkV
NVGIwA68g5Vqy1UHfH8wVzpdmgRuy4nL0IWyNyRR7ciRDiw9QZYwqrZKcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFEkRmgpy0CmT5wI/c7D+HKGK54brMB8GA1UdIwQY
MBaAFL2pbQKoIvRiU8Ku5oBEHVrCfD31MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzIt
Y2Y4M2Q2ZTQwNTU4LzEvU1JHYUNuTFFLWlBuQWo5enNQNGNvWXJuaHVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hMjdiMzktODAxMS00MTQyLTg2YzItY2Y4M2Q2ZTQwNTU4
LzEvdmFsdEFxZ2k5R0pUd3E3bWdFUWRXc0o4UGZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCJfw8AwQF
X6zgAwQF1GmgMA0EAgACMAcDBQAqABDvMA0GCSqGSIb3DQEBCwUAA4IBAQAtSCuk
4A8MzVHe132fp2HFQcoOgr7FEunv83xqlep0yAvFgDajw4rGQ2T3KVWlwe0i1TgR
dOpI+xFZKtXMEOTzE0aO22IFSCyUkY8b8SyJAUSYFmLAL/BMsvakCfB2mLzcWGES
TaLEllPwpqjWu9PxaGZrVCcbckGlmmLgaALDVifwiiQEC2gNde1sokGawbNOe33K
EtV3ZqNwjwea3fhxlDZcxwlmU5DaFXyak1yvWMaad2M2Ujy9uVfkl4WmEyt14kf8
GEC5Ky649I1CQM0QAwumcZD7yhCKXmJoSQkEf848XINZX5AWB1vLUq0REaa4+oF3
KUeSKJbB2JbBlUAl
-----END CERTIFICATE-----
Generated at Sun Feb 16 21:45:16 2025 by rpki-client