Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/P-fC7fHkyqKQ751G9_TuUq6GwPA.roa
File: P-fC7fHkyqKQ751G9_TuUq6GwPA.roa (raw, json)
Hash identifier: Ui2NaLmPMoma9zdZkbMNmeRT78mWWiSjmtaeOzLhIbE=
Subject key identifier: 3F:E7:C2:ED:F1:E4:CA:A2:90:EF:9D:46:F7:F4:EE:52:AE:86:C0:F0
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018CF3A2C89077FC066F127FEBA2B10302D4
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/P-fC7fHkyqKQ751G9_TuUq6GwPA.roa
Signing time: Wed 10 Jan 2024 13:49:40 +0000
ROA not before: Wed 10 Jan 2024 13:49:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.145.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.140.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.151.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
176.46.148.0/24 maxlen: 24
176.46.157.0/24 maxlen: 24
176.46.158.0/24 maxlen: 24
176.46.156.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
185.34.160.0/22 maxlen: 24
176.46.132.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
31.170.55.0/24 maxlen: 24
37.49.145.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
94.74.156.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 18 Jan 2024 07:38:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:a2:c8:90:77:fc:06:6f:12:7f:eb:a2:b1:03:02:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 10 13:49:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3fe7c2edf1e4caa290ef9d46f7f4ee52ae86c0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:76:96:f1:25:0f:87:aa:78:83:ba:2d:a4:8a:
c1:24:c4:c2:8c:4b:a0:37:6c:1c:93:bf:28:8d:dd:
0a:81:c0:04:55:0f:0c:6e:ae:bf:41:8b:09:ca:eb:
55:08:74:33:2d:ac:50:78:3e:dc:85:6a:ff:37:88:
93:1f:f6:42:fe:41:b6:f1:9f:9a:c5:fe:67:e5:f1:
5e:98:4b:08:05:45:9e:db:a2:e7:4e:21:e8:fe:9d:
ae:55:4c:c0:f2:d0:04:fb:ff:1a:ca:85:17:40:b1:
65:ee:44:eb:a1:e0:4f:e6:97:c0:70:28:84:fa:09:
bb:66:a7:33:45:15:29:f6:ee:48:38:bf:df:ba:00:
64:c8:9e:7f:ba:60:04:a4:5f:ac:32:dc:28:64:91:
d5:6b:cf:b1:98:e8:24:3d:ac:d1:13:26:84:62:cc:
fa:bc:fc:1a:1c:c5:1f:76:d4:81:c4:a5:71:53:00:
63:b0:d8:fe:0f:76:51:bd:c9:33:46:e5:35:30:d2:
2d:cf:a7:61:79:52:71:9d:1f:52:88:06:8c:d7:b9:
0b:7a:60:76:6b:36:06:96:e4:29:27:3a:f1:c7:41:
8f:e8:bb:12:6c:a5:89:13:15:0a:56:ec:07:60:0b:
82:1b:27:b5:34:9a:06:85:16:a2:f5:d9:74:74:5d:
4e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:E7:C2:ED:F1:E4:CA:A2:90:EF:9D:46:F7:F4:EE:52:AE:86:C0:F0
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/P-fC7fHkyqKQ751G9_TuUq6GwPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.145.0/24
37.49.147.0/24
94.74.152.0-94.74.156.255
109.203.160.0/24
109.203.168.0-109.203.191.255
176.46.129.0-176.46.130.255
176.46.132.0-176.46.136.255
176.46.138.0-176.46.142.255
176.46.145.0/24
176.46.147.0-176.46.148.255
176.46.150.0/23
176.46.153.0-176.46.158.255
185.34.160.0/22
Signature Algorithm: sha256WithRSAEncryption
28:22:31:1f:25:9d:45:93:ab:2a:98:eb:e3:0f:94:11:de:3d:
98:8f:01:c0:91:33:70:41:23:83:05:1c:48:0d:2d:b4:12:f5:
f2:3f:60:a5:20:a8:3a:16:57:4d:4c:85:35:55:04:d4:e2:d4:
6d:2b:17:92:d4:10:e1:98:73:f9:a5:c1:70:35:51:93:d0:43:
a1:32:ac:15:6b:27:74:b2:0e:be:76:97:d0:5a:f4:53:e5:18:
7c:f4:23:03:d8:94:84:a5:c6:01:b8:d0:ff:39:ff:a5:e2:a6:
99:c8:55:1f:2a:23:da:36:3c:32:54:71:eb:f0:3f:b1:05:94:
2c:de:14:83:b9:7a:ad:c5:65:de:a1:62:82:3a:a8:7a:8f:01:
f9:be:82:5e:88:03:ee:16:7a:f0:f7:52:26:d3:bf:4c:7c:df:
b8:21:ed:c2:db:10:13:44:2d:86:36:b8:21:9e:91:15:34:13:
bc:1b:0e:9c:f6:90:e8:f4:49:af:b8:8a:be:8e:bc:0b:eb:69:
b6:a6:48:01:ca:fb:0d:b0:dd:4f:ef:bc:c0:86:38:8b:e6:58:
13:e5:52:f8:48:8a:df:31:54:55:93:58:e7:2e:e2:aa:60:81:
31:4a:d6:08:b9:b4:ff:5b:e0:9e:b4:47:be:52:f9:0e:14:f9:
3f:e2:15:65
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAYzzosiQd/wGbxJ/66KxAwLUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTEwMTM0OTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZmU3YzJlZGYxZTRjYWEyOTBlZjlkNDZmN2Y0ZWU1MmFlODZjMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh3aW8SUPh6p4g7otpIrBJMTCjEug
N2wck78ojd0KgcAEVQ8Mbq6/QYsJyutVCHQzLaxQeD7chWr/N4iTH/ZC/kG28Z+a
xf5n5fFemEsIBUWe26LnTiHo/p2uVUzA8tAE+/8ayoUXQLFl7kTroeBP5pfAcCiE
+gm7ZqczRRUp9u5IOL/fugBkyJ5/umAEpF+sMtwoZJHVa8+xmOgkPazREyaEYsz6
vPwaHMUfdtSBxKVxUwBjsNj+D3ZRvckzRuU1MNItz6dheVJxnR9SiAaM17kLemB2
azYGluQpJzrxx0GP6LsSbKWJExUKVuwHYAuCGye1NJoGhRai9dl0dF1OLQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFD/nwu3x5MqikO+dRvf07lKuhsDwMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvUC1mQzdmSGt5cUtRNzUxRzlfVHVVcTZHd1BBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAf
qjcDBAAlMZEDBAAlMZMwDAMEA15KmAMEAF5KnAMEAG3LoDAMAwQDbcuoAwQGbcuA
MAwDBACwLoEDBACwLoIwDAMEArAuhAMEALAuiDAMAwQBsC6KAwQAsC6OAwQAsC6R
MAwDBACwLpMDBACwLpQDBAGwLpYwDAMEALAumQMEALAungMEArkioDANBgkqhkiG
9w0BAQsFAAOCAQEAKCIxHyWdRZOrKpjr4w+UEd49mI8BwJEzcEEjgwUcSA0ttBL1
8j9gpSCoOhZXTUyFNVUE1OLUbSsXktQQ4Zhz+aXBcDVRk9BDoTKsFWsndLIOvnaX
0Fr0U+UYfPQjA9iUhKXGAbjQ/zn/peKmmchVHyoj2jY8MlRx6/A/sQWULN4Ug7l6
rcVl3qFigjqoeo8B+b6CXogD7hZ68PdSJtO/THzfuCHtwtsQE0Qthja4IZ6RFTQT
vBsOnPaQ6PRJr7iKvo68C+tptqZIAcr7DbDdT++8wIY4i+ZYE+VS+EiK3zFUVZNY
5y7iqmCBMUrWCLm0/1vgnrRHvlL5DhT5P+IVZQ==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:03:10 2025 by rpki-client