Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/C1eazoTX0IQSMlrsLyFBo1DeouA.roa
File: C1eazoTX0IQSMlrsLyFBo1DeouA.roa (raw, json)
Hash identifier: Ex4VVFcF8Hv9jUa5yeamPjzuAGDetPGjliubigr5kk0=
Subject key identifier: 0B:57:9A:CE:84:D7:D0:84:12:32:5A:EC:2F:21:41:A3:50:DE:A2:E0
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018CC801C6E08988961C5A4607C4D126C092
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/C1eazoTX0IQSMlrsLyFBo1DeouA.roa
Signing time: Tue 02 Jan 2024 02:30:08 +0000
ROA not before: Tue 02 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216050
IP address blocks: 109.203.165.0/24 maxlen: 24
109.203.162.0/24 maxlen: 24
109.203.167.0/24 maxlen: 24
176.46.128.0/24 maxlen: 24
176.46.131.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 09 Feb 2024 09:53:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c6:e0:89:88:96:1c:5a:46:07:c4:d1:26:c0:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0b579ace84d7d08412325aec2f2141a350dea2e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:57:a1:8d:88:a2:f4:66:d0:d7:c7:55:d0:46:
2d:19:ea:2e:35:bf:02:1f:77:ad:9b:c2:35:07:1f:
bc:de:3f:05:64:0e:e5:ec:97:e8:ee:2b:fc:36:ea:
c9:ab:d1:63:b6:54:47:e0:9f:5e:2f:07:d2:28:9f:
e5:f1:50:a7:28:90:51:1a:6a:d6:ba:f7:05:b9:12:
31:a1:a3:2c:46:db:3c:8c:c4:c0:8a:e4:08:f1:c4:
09:9b:1b:02:c0:04:8d:34:0b:06:ee:83:d5:b7:53:
bd:94:3b:4b:ca:67:bb:5f:11:4a:fe:cb:66:03:1f:
a4:0b:47:35:f3:18:63:47:19:23:9e:d9:9a:c0:c0:
09:80:11:05:de:27:db:c8:96:87:43:06:13:7b:87:
c3:f5:e0:4b:b9:6e:7f:c2:9b:20:e4:f4:60:74:04:
92:b0:d5:18:7a:b0:88:58:1f:fe:81:1a:d3:7a:fd:
75:25:24:88:03:ab:9f:eb:67:b8:89:bf:a4:1b:1a:
89:98:90:ef:2e:a3:49:b3:73:7f:fd:78:06:44:82:
cf:8d:9c:eb:52:00:4b:5d:de:7e:ac:ab:c4:0c:4f:
cc:fa:78:23:bc:3a:1f:3a:48:32:55:47:e3:33:82:
07:35:88:10:31:0e:3a:70:dc:89:f4:f3:2f:ce:0d:
b2:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:57:9A:CE:84:D7:D0:84:12:32:5A:EC:2F:21:41:A3:50:DE:A2:E0
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/C1eazoTX0IQSMlrsLyFBo1DeouA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.203.162.0/24
109.203.165.0/24
109.203.167.0/24
176.46.128.0/24
176.46.131.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:21:14:cb:64:dc:54:12:26:4d:39:d5:8d:b7:43:ae:c2:11:
88:0c:a2:e2:c0:c3:ec:75:92:45:5d:78:65:ba:18:c3:72:20:
9d:85:94:c5:38:da:fa:44:37:41:76:eb:7f:4e:b4:b0:88:b0:
68:cf:04:93:33:28:75:de:2e:2a:40:8d:e9:2d:df:2f:84:cf:
c1:70:31:4a:6a:54:64:f6:00:4e:a5:8a:11:9b:c5:22:4d:88:
fa:4a:83:89:e2:4a:2c:c9:d4:9b:a6:48:8d:68:21:87:de:b6:
83:8d:90:7e:d2:74:00:1f:13:c3:f9:5c:55:ae:31:18:77:ca:
d6:21:39:3b:85:57:9f:e2:e2:8d:73:dc:05:41:aa:37:d8:05:
06:b2:01:02:6f:b2:81:02:f8:ab:78:31:71:19:14:a1:99:43:
f7:24:0f:b9:63:bc:f1:81:ac:9c:a0:4a:34:63:51:7b:09:dc:
63:2f:90:6f:df:47:a3:08:c3:5b:e3:b1:04:80:ae:24:9d:c2:
0e:44:c6:eb:40:ef:2e:1f:b1:0f:79:07:43:e6:d1:32:54:f4:
78:5b:db:e0:2b:69:22:a1:cf:1c:52:f1:2c:3c:25:44:96:7d:
ca:c9:88:89:a9:98:9e:36:88:bb:06:a7:fb:0e:04:21:2d:a9:
fe:c6:8a:e8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzIAcbgiYiWHFpGB8TRJsCSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTAyMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYjU3OWFjZTg0ZDdkMDg0MTIzMjVhZWMyZjIxNDFhMzUwZGVhMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArVehjYii9GbQ18dV0EYtGeouNb8C
H3etm8I1Bx+83j8FZA7l7Jfo7iv8NurJq9FjtlRH4J9eLwfSKJ/l8VCnKJBRGmrW
uvcFuRIxoaMsRts8jMTAiuQI8cQJmxsCwASNNAsG7oPVt1O9lDtLyme7XxFK/stm
Ax+kC0c18xhjRxkjntmawMAJgBEF3ifbyJaHQwYTe4fD9eBLuW5/wpsg5PRgdASS
sNUYerCIWB/+gRrTev11JSSIA6uf62e4ib+kGxqJmJDvLqNJs3N//XgGRILPjZzr
UgBLXd5+rKvEDE/M+ngjvDofOkgyVUfjM4IHNYgQMQ46cNyJ9PMvzg2ykwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAtXms6E19CEEjJa7C8hQaNQ3qLgMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvQzFlYXpvVFgwSVFTTWxyc0x5RkJvMURlb3VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAbcuiAwQA
bculAwQAbcunAwQAsC6AAwQAsC6DMA0GCSqGSIb3DQEBCwUAA4IBAQCNIRTLZNxU
EiZNOdWNt0OuwhGIDKLiwMPsdZJFXXhluhjDciCdhZTFONr6RDdBdut/TrSwiLBo
zwSTMyh13i4qQI3pLd8vhM/BcDFKalRk9gBOpYoRm8UiTYj6SoOJ4kosydSbpkiN
aCGH3raDjZB+0nQAHxPD+VxVrjEYd8rWITk7hVef4uKNc9wFQao32AUGsgECb7KB
AvireDFxGRShmUP3JA+5Y7zxgaycoEo0Y1F7CdxjL5Bv30ejCMNb47EEgK4kncIO
RMbrQO8uH7EPeQdD5tEyVPR4W9vgK2kioc8cUvEsPCVEln3KyYiJqZieNoi7Bqf7
DgQhLan+xoro
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:57:52 2025 by rpki-client