Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/1BIeW_wGSb_hFXWVUgUWZisyiIw.roa
File: 1BIeW_wGSb_hFXWVUgUWZisyiIw.roa (raw, json)
Hash identifier: ZjHeC9tHbbOqYkPo6BVYnxCNxprbm8btxXhxAQ9yg30=
Subject key identifier: D4:12:1E:5B:FC:06:49:BF:E1:15:75:95:52:05:16:66:2B:32:88:8C
Certificate issuer: /CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Certificate serial: 01938390E0E710017F60C2612F66958227B6
Authority key identifier: 52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/1BIeW_wGSb_hFXWVUgUWZisyiIw.roa
Signing time: Sun 01 Dec 2024 18:52:10 +0000
ROA not before: Sun 01 Dec 2024 18:52:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15020
IP address blocks: 37.46.197.0/24 maxlen: 24
94.185.86.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 01:49:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:83:90:e0:e7:10:01:7f:60:c2:61:2f:66:95:82:27:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52dc9c218b510c07bc6659b09fbd32afe68abfd2
Validity
Not Before: Dec 1 18:52:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4121e5bfc0649bfe1157595520516662b32888c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:8c:c2:92:94:f2:9f:4a:ee:cc:98:04:39:29:
4d:a8:4c:48:35:f9:3c:d1:af:08:fc:85:6b:07:eb:
1f:ab:bc:2c:8a:33:15:ad:b9:fe:15:51:54:95:4c:
8b:84:e2:c5:73:0f:aa:30:5b:0b:aa:c1:6b:bb:31:
b4:f2:a0:2a:95:37:c5:24:e2:64:a0:1a:5a:a7:33:
77:94:11:6a:93:7d:b1:e7:71:2b:ac:49:8c:d2:fd:
05:f0:12:bf:32:cc:2b:2f:2b:8f:b3:df:ed:03:51:
a6:9f:38:21:dd:a6:19:6c:66:86:fc:cd:0f:4a:e8:
57:de:0d:b6:ab:ab:8b:e4:90:37:df:2e:46:92:f8:
4b:81:72:f9:bd:28:67:e6:7f:79:07:70:f1:ed:3b:
ab:a5:4e:1e:ae:89:63:52:2d:1d:cc:7a:93:80:df:
0b:8a:b2:da:f6:cf:21:5f:60:8a:87:33:c2:73:97:
59:91:25:22:5b:a7:e8:71:47:b7:f8:18:f0:7e:74:
16:ba:8f:f8:9e:7a:1b:a1:ad:dd:3f:ad:c0:84:25:
5b:33:8b:0f:be:e3:9a:f4:fa:5b:fb:00:81:21:2d:
b3:dc:e5:6e:df:9d:c7:7b:70:6a:93:15:06:dd:03:
d0:b9:d8:56:6e:47:59:5a:d1:74:d7:be:99:03:4b:
b2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:12:1E:5B:FC:06:49:BF:E1:15:75:95:52:05:16:66:2B:32:88:8C
X509v3 Authority Key Identifier:
keyid:52:DC:9C:21:8B:51:0C:07:BC:66:59:B0:9F:BD:32:AF:E6:8A:BF:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UtycIYtRDAe8Zlmwn70yr-aKv9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/1BIeW_wGSb_hFXWVUgUWZisyiIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/409b7e-1275-43ed-af0f-52f97b277d1f/1/UtycIYtRDAe8Zlmwn70yr-aKv9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.197.0/24
94.185.86.0/24
Signature Algorithm: sha256WithRSAEncryption
10:c3:65:8f:86:c4:fb:ef:a3:30:c5:ff:92:2b:e7:74:70:5f:
f7:1a:4e:14:4b:bf:6a:7c:24:cd:81:7e:d5:13:9e:2b:b7:ed:
2d:a1:c6:ed:75:b3:42:5c:18:b2:bd:9b:b7:87:2e:8f:06:06:
6f:96:a8:bf:15:d1:4b:d9:e9:e6:af:33:00:91:0a:6d:40:5f:
ba:fa:ea:49:d6:2f:c8:9d:43:b7:db:98:31:bd:02:8c:c8:6f:
9e:be:9c:04:5c:9a:6e:43:bd:0a:ff:3e:03:07:26:5b:3d:49:
5d:9b:43:aa:a9:29:2d:54:21:52:cd:f0:01:09:86:68:17:40:
b4:bf:58:94:ff:76:15:71:23:65:ff:b9:af:ef:ca:1e:75:db:
a3:2d:8c:b3:40:ca:6f:62:c0:90:30:d7:18:c9:c8:f6:14:6e:
af:23:d7:bd:40:58:c3:62:83:cd:06:84:e7:c3:b6:f2:8f:82:
de:6d:88:eb:e3:3c:76:0e:7b:3b:8a:e8:7b:a4:3b:30:53:3f:
8f:4f:6c:e3:bc:63:d2:ce:a5:7f:58:c7:ce:83:d1:d9:17:18:
b4:b2:fe:92:6c:ef:08:e3:7e:9e:2b:b7:fa:0f:48:96:06:92:
29:58:4e:08:70:e3:56:e2:59:9d:38:75:1f:37:e0:8d:36:84:
98:57:0b:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZODkODnEAF/YMJhL2aVgie2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZGM5YzIxOGI1MTBjMDdiYzY2NTliMDlmYmQzMmFmZTY4
YWJmZDIwHhcNMjQxMjAxMTg1MjEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDEyMWU1YmZjMDY0OWJmZTExNTc1OTU1MjA1MTY2NjJiMzI4ODhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2YzCkpTyn0ruzJgEOSlNqExINfk8
0a8I/IVrB+sfq7wsijMVrbn+FVFUlUyLhOLFcw+qMFsLqsFruzG08qAqlTfFJOJk
oBpapzN3lBFqk32x53ErrEmM0v0F8BK/MswrLyuPs9/tA1Gmnzgh3aYZbGaG/M0P
SuhX3g22q6uL5JA33y5GkvhLgXL5vShn5n95B3Dx7TurpU4eroljUi0dzHqTgN8L
irLa9s8hX2CKhzPCc5dZkSUiW6focUe3+BjwfnQWuo/4nnoboa3dP63AhCVbM4sP
vuOa9Ppb+wCBIS2z3OVu353He3BqkxUG3QPQudhWbkdZWtF0176ZA0uyAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNQSHlv8Bkm/4RV1lVIFFmYrMoiMMB8GA1UdIwQY
MBaAFFLcnCGLUQwHvGZZsJ+9Mq/mir/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYt
NTJmOTdiMjc3ZDFmLzEvMUJJZVdfd0dTYl9oRlhXVlVnVVdaaXN5aUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC80MDliN2UtMTI3NS00M2VkLWFmMGYtNTJmOTdiMjc3ZDFm
LzEvVXR5Y0lZdFJEQWU4Wmxtd243MHlyLWFLdjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJS7FAwQA
XrlWMA0GCSqGSIb3DQEBCwUAA4IBAQAQw2WPhsT776Mwxf+SK+d0cF/3Gk4US79q
fCTNgX7VE54rt+0tocbtdbNCXBiyvZu3hy6PBgZvlqi/FdFL2enmrzMAkQptQF+6
+upJ1i/InUO325gxvQKMyG+evpwEXJpuQ70K/z4DByZbPUldm0OqqSktVCFSzfAB
CYZoF0C0v1iU/3YVcSNl/7mv78oeddujLYyzQMpvYsCQMNcYycj2FG6vI9e9QFjD
YoPNBoTnw7byj4LebYjr4zx2Dns7iuh7pDswUz+PT2zjvGPSzqV/WMfOg9HZFxi0
sv6SbO8I436eK7f6D0iWBpIpWE4IcONW4lmdOHUfN+CNNoSYVwt5
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:17:26 2025 by rpki-client