Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/B0GnjcxlBc4li-pG6Y4EB6IAtuM.roa
File: B0GnjcxlBc4li-pG6Y4EB6IAtuM.roa (raw, json)
Hash identifier: aO3K2ljlPTe+vGDEfzt84wGSQDcGUbJln83528yJXlw=
Subject key identifier: 07:41:A7:8D:CC:65:05:CE:25:8B:EA:46:E9:8E:04:07:A2:00:B6:E3
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018EC228E284FC1424353BD9998F915FCBAB
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/B0GnjcxlBc4li-pG6Y4EB6IAtuM.roa
Signing time: Tue 09 Apr 2024 09:20:43 +0000
ROA not before: Tue 09 Apr 2024 09:20:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 37.49.144.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 28 May 2024 08:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c2:28:e2:84:fc:14:24:35:3b:d9:99:8f:91:5f:cb:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Apr 9 09:20:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0741a78dcc6505ce258bea46e98e0407a200b6e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:87:59:dc:c6:0c:16:dd:ff:3e:2d:4c:34:99:
c5:b7:9f:69:58:8a:3e:60:96:8e:ff:28:e7:70:99:
7b:14:9e:84:b5:b1:82:da:df:61:e4:d3:42:40:d5:
87:12:59:f1:39:3f:a0:bf:2a:f6:e5:8f:c0:38:3b:
58:ce:3d:1b:ba:74:a2:e0:d3:e2:d1:e8:45:15:90:
05:f8:c2:bd:68:69:16:1a:92:3b:38:28:82:dc:c1:
95:1c:51:d8:fe:ed:7e:e1:73:71:cd:c3:07:04:29:
e8:ee:48:70:a1:b1:79:fe:57:c3:db:f2:ba:95:b9:
f6:7c:b9:68:84:01:ff:84:07:26:9b:a3:18:e0:c3:
a2:f2:87:d6:dc:4a:c5:a4:d0:62:b7:f6:40:87:dd:
85:fe:d0:7a:cd:c0:5e:e2:75:d0:1f:8b:a4:ab:ca:
49:2a:a2:42:8c:2b:7d:57:8a:4b:24:fb:1a:4e:91:
8c:ae:9b:c8:6f:40:b9:cc:7a:1b:0d:bd:73:15:aa:
0d:9a:7d:db:ad:1c:2e:22:b3:bc:03:9f:7c:d5:4f:
68:c8:f1:5d:0f:ea:39:73:c4:7b:7e:42:a7:e5:c3:
ec:8e:b2:76:ad:84:1e:50:1f:0e:3b:7d:cc:3d:d9:
73:c5:90:4a:09:c7:70:96:64:f5:c5:c1:42:9c:0f:
14:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:41:A7:8D:CC:65:05:CE:25:8B:EA:46:E9:8E:04:07:A2:00:B6:E3
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/B0GnjcxlBc4li-pG6Y4EB6IAtuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
109.203.166.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:ef:24:fe:12:07:10:37:3c:e6:78:34:40:93:03:90:ee:e3:
4b:db:59:25:3b:cb:66:20:eb:34:f9:23:f3:31:db:2b:37:a6:
90:a6:55:cf:85:42:e0:c3:15:4a:c4:82:82:b8:8e:94:1c:b2:
8c:2c:7a:e8:bf:ab:d6:46:98:d0:86:bc:ff:b7:a4:d2:ab:00:
5c:62:64:a1:c0:7f:82:d0:3b:0b:cd:b8:6f:1a:23:52:b7:69:
07:d9:dc:05:52:69:7c:52:fe:8e:d8:93:d6:75:26:e8:bc:41:
47:71:e0:02:d9:e5:ed:f3:88:0e:c1:89:ff:5f:47:4e:30:59:
9a:b4:1d:47:1c:0b:27:26:70:24:0a:b0:89:8a:6f:dc:38:47:
f6:e8:ba:18:57:38:07:7b:11:77:5c:ab:18:38:c6:e6:f2:53:
f7:ee:13:64:5b:3a:65:17:c1:22:9e:ec:ad:65:ce:fe:3c:5b:
c9:dd:ea:c4:53:7b:ac:d5:1a:5f:57:40:05:1b:2d:c6:76:e0:
e2:e5:55:25:00:4b:d5:47:b4:6a:b0:01:a9:94:17:10:e6:d0:
58:e3:75:ae:82:a9:5e:02:8c:ce:f3:d8:21:50:0e:b0:1c:fb:
4f:e0:e9:94:96:d4:e5:5c:3d:77:40:88:d9:58:e9:75:d4:57:
bd:ee:1c:12
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7CKOKE/BQkNTvZmY+RX8urMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwNDA5MDkyMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzQxYTc4ZGNjNjUwNWNlMjU4YmVhNDZlOThlMDQwN2EyMDBiNmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqIdZ3MYMFt3/Pi1MNJnFt59pWIo+
YJaO/yjncJl7FJ6EtbGC2t9h5NNCQNWHElnxOT+gvyr25Y/AODtYzj0bunSi4NPi
0ehFFZAF+MK9aGkWGpI7OCiC3MGVHFHY/u1+4XNxzcMHBCno7khwobF5/lfD2/K6
lbn2fLlohAH/hAcmm6MY4MOi8ofW3ErFpNBit/ZAh92F/tB6zcBe4nXQH4ukq8pJ
KqJCjCt9V4pLJPsaTpGMrpvIb0C5zHobDb1zFaoNmn3brRwuIrO8A5981U9oyPFd
D+o5c8R7fkKn5cPsjrJ2rYQeUB8OO33MPdlzxZBKCcdwlmT1xcFCnA8UWQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAdBp43MZQXOJYvqRumOBAeiALbjMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvQjBHbmpjeGxCYzRsaS1wRzZZNEVCNklBdHVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJTGQAwQA
bcumMA0GCSqGSIb3DQEBCwUAA4IBAQAt7yT+EgcQNzzmeDRAkwOQ7uNL21klO8tm
IOs0+SPzMdsrN6aQplXPhULgwxVKxIKCuI6UHLKMLHrov6vWRpjQhrz/t6TSqwBc
YmShwH+C0DsLzbhvGiNSt2kH2dwFUml8Uv6O2JPWdSbovEFHceAC2eXt84gOwYn/
X0dOMFmatB1HHAsnJnAkCrCJim/cOEf26LoYVzgHexF3XKsYOMbm8lP37hNkWzpl
F8EinuytZc7+PFvJ3erEU3us1RpfV0AFGy3GduDi5VUlAEvVR7RqsAGplBcQ5tBY
43WugqleAozO89ghUA6wHPtP4OmUltTlXD13QIjZWOl11Fe97hwS
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:44 2025 by rpki-client