Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/8eNWhMoxwUudk5BTdHgcZBHwSAI.roa
File: 8eNWhMoxwUudk5BTdHgcZBHwSAI.roa (raw, json)
Hash identifier: GDSWhuM/1czGxDwEwIRVSgAXJDyrtSP2rcXOH8aDH0U=
Subject key identifier: F1:E3:56:84:CA:31:C1:4B:9D:93:90:53:74:78:1C:64:11:F0:48:02
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018D1B7CFA29E84894C26F67B865E8DF1F71
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/8eNWhMoxwUudk5BTdHgcZBHwSAI.roa
Signing time: Thu 18 Jan 2024 07:33:11 +0000
ROA not before: Thu 18 Jan 2024 07:33:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203963
IP address blocks: 37.49.144.0/24 maxlen: 24
37.49.148.0/24 maxlen: 24
37.49.149.0/24 maxlen: 24
37.49.150.0/24 maxlen: 24
94.74.140.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 19 Jan 2024 12:31:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:1b:7c:fa:29:e8:48:94:c2:6f:67:b8:65:e8:df:1f:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 18 07:33:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f1e35684ca31c14b9d93905374781c6411f04802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:4f:47:df:4f:8b:d3:fd:15:7b:26:47:2a:c8:
c9:10:80:01:e6:70:5f:ba:78:9c:4f:a1:c4:83:2e:
f4:ef:f3:f5:32:89:a7:32:ee:e5:d3:2c:bf:ec:ca:
b8:e9:48:3b:f8:b2:12:41:39:85:9a:d4:e5:13:5b:
d0:76:57:29:48:40:56:6b:f7:ec:a8:f5:6b:1c:02:
af:14:59:a1:57:71:eb:f8:37:e5:63:be:3f:3f:1e:
01:3e:83:4d:97:f0:c1:ed:a2:fb:a7:50:16:22:5d:
a3:8e:1b:4a:bf:13:65:7e:93:9b:02:57:40:c9:57:
42:5a:d3:3d:e6:8c:00:3b:a7:8e:d0:7d:35:26:ea:
28:f1:cb:00:06:a9:34:20:47:49:43:a4:b5:3a:3f:
08:4f:e5:fb:e9:9e:7c:62:55:e9:65:d7:fe:da:18:
b3:49:2a:77:de:cb:1f:8a:a9:d4:48:29:95:40:d7:
e3:37:2a:3e:33:30:a6:78:7b:13:69:54:c0:62:4b:
60:13:cf:9b:0d:16:f5:68:f7:cc:27:bc:2b:1d:8d:
b1:27:57:e0:c6:94:d5:eb:24:4f:56:04:99:3e:62:
4c:31:c3:eb:e6:68:9c:b3:db:31:d7:4d:9a:ba:05:
58:47:a9:d4:0d:11:53:b5:a7:f3:7d:ad:6c:a9:6a:
f2:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:E3:56:84:CA:31:C1:4B:9D:93:90:53:74:78:1C:64:11:F0:48:02
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/8eNWhMoxwUudk5BTdHgcZBHwSAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
37.49.148.0-37.49.150.255
94.74.140.0/24
94.74.158.0/23
94.74.164.0/24
94.74.169.0/24
94.74.171.0/24
94.74.182.0/24
94.74.191.0/24
109.203.163.0/24
176.46.144.0/24
176.46.149.0/24
176.46.152.0/24
Signature Algorithm: sha256WithRSAEncryption
41:6a:78:1d:82:76:9a:0d:c3:39:f7:07:41:43:aa:07:4c:1c:
88:6e:9d:d0:ea:23:5f:e8:19:83:48:f4:ee:c6:5b:5d:35:30:
32:47:08:b8:3b:bf:fc:e6:69:b3:b8:16:8b:e6:3f:ad:dd:fd:
7c:56:9e:50:e5:e8:8d:d5:8e:89:a4:da:0f:4f:df:a0:58:83:
c9:6f:47:68:0b:9a:9e:90:98:4a:8c:54:c2:ce:e9:f7:77:44:
c8:d0:e7:46:56:3b:0d:b3:c8:38:be:10:47:83:6a:e6:9a:4e:
1f:3c:16:63:85:e6:8f:cb:fe:d5:dc:24:d2:07:13:4f:cb:d5:
96:b9:40:15:e7:58:40:0d:e3:48:cd:04:cf:4b:97:20:43:1d:
f8:8e:47:27:57:5a:83:5a:9b:0b:aa:06:bc:07:8e:33:3c:b2:
8f:b9:43:50:2d:9c:d5:7e:b8:d4:55:82:bd:60:9d:bd:14:4e:
2c:48:63:36:d0:79:7a:ee:61:35:a7:71:47:2f:76:82:15:9e:
31:24:e7:d3:ac:04:b5:10:5a:2c:3a:90:53:c9:7a:1b:10:99:
7f:23:8e:49:3d:b4:72:48:e5:ba:a7:1c:42:1e:80:ae:d9:b9:
67:4e:3d:26:29:3c:6c:73:ac:2f:e0:37:c5:4e:02:a2:5a:ab:
2f:6f:0f:8d
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAY0bfPop6EiUwm9nuGXo3x9xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTE4MDczMzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMWUzNTY4NGNhMzFjMTRiOWQ5MzkwNTM3NDc4MWM2NDExZjA0ODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmE9H30+L0/0VeyZHKsjJEIAB5nBf
unicT6HEgy707/P1MomnMu7l0yy/7Mq46Ug7+LISQTmFmtTlE1vQdlcpSEBWa/fs
qPVrHAKvFFmhV3Hr+DflY74/Px4BPoNNl/DB7aL7p1AWIl2jjhtKvxNlfpObAldA
yVdCWtM95owAO6eO0H01Juoo8csABqk0IEdJQ6S1Oj8IT+X76Z58YlXpZdf+2hiz
SSp33ssfiqnUSCmVQNfjNyo+MzCmeHsTaVTAYktgE8+bDRb1aPfMJ7wrHY2xJ1fg
xpTV6yRPVgSZPmJMMcPr5mics9sx102augVYR6nUDRFTtafzfa1sqWryOwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFPHjVoTKMcFLnZOQU3R4HGQR8EgCMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvOGVOV2hNb3h3VXVkazVCVGRIZ2NaQkh3U0FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQAJTGQMAwD
BAIlMZQDBAAlMZYDBABeSowDBAFeSp4DBABeSqQDBABeSqkDBABeSqsDBABeSrYD
BABeSr8DBABty6MDBACwLpADBACwLpUDBACwLpgwDQYJKoZIhvcNAQELBQADggEB
AEFqeB2CdpoNwzn3B0FDqgdMHIhundDqI1/oGYNI9O7GW101MDJHCLg7v/zmabO4
FovmP63d/XxWnlDl6I3Vjomk2g9P36BYg8lvR2gLmp6QmEqMVMLO6fd3RMjQ50ZW
Ow2zyDi+EEeDauaaTh88FmOF5o/L/tXcJNIHE0/L1Za5QBXnWEAN40jNBM9LlyBD
HfiORydXWoNamwuqBrwHjjM8so+5Q1AtnNV+uNRVgr1gnb0UTixIYzbQeXruYTWn
cUcvdoIVnjEk59OsBLUQWiw6kFPJehsQmX8jjkk9tHJI5bqnHEIegK7ZuWdOPSYp
PGxzrC/gN8VOAqJaqy9vD40=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:17 2025 by rpki-client