Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Sf3e6sT3L4-tdm4oMWr-SwnDUHQ.roa
File: Sf3e6sT3L4-tdm4oMWr-SwnDUHQ.roa (raw, json)
Hash identifier: Lj32yEuZgAm90paMJ3QnSQKb44Q8VDzDU72ZrtQCbZ0=
Subject key identifier: 49:FD:DE:EA:C4:F7:2F:8F:AD:76:6E:28:31:6A:FE:4B:09:C3:50:74
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0190A4DFE40C243924F0B8860D9C84767A3E
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Sf3e6sT3L4-tdm4oMWr-SwnDUHQ.roa
Signing time: Fri 12 Jul 2024 02:57:34 +0000
ROA not before: Fri 12 Jul 2024 02:57:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 37.49.144.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 29 Jul 2024 14:18:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a4:df:e4:0c:24:39:24:f0:b8:86:0d:9c:84:76:7a:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 12 02:57:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=49fddeeac4f72f8fad766e28316afe4b09c35074
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:07:62:43:e8:0f:40:23:9f:1f:ea:92:10:d9:
4f:d5:85:13:9d:36:75:29:87:44:ca:4a:1b:7e:a5:
a1:0e:f0:a9:16:0b:48:00:db:99:da:74:da:71:34:
9e:9b:9f:84:d7:76:e1:c6:42:9f:75:dd:25:04:e9:
27:32:84:11:af:1d:a1:c6:f2:0f:5b:42:26:1e:40:
34:cd:e4:3c:93:87:88:46:69:06:86:00:21:55:b6:
a2:11:9d:5c:f7:a4:66:4b:b5:91:c7:87:5d:2d:33:
37:d8:ba:e4:5a:86:45:5a:c2:0c:ba:b3:ed:b5:3f:
2d:29:c7:05:38:54:9e:f2:eb:e4:12:6d:e2:93:d6:
4a:67:99:db:7e:e3:d2:e1:65:43:c2:e9:9b:2a:f9:
61:99:4c:ff:c1:a3:8a:39:c4:6c:37:88:a9:02:dd:
26:12:b3:18:7b:eb:8b:5e:0c:8d:8a:01:df:ee:4a:
63:54:8a:84:59:ad:73:cc:ae:b6:30:6f:b4:f8:07:
27:c0:4d:16:85:5a:a1:eb:3d:0b:0f:31:9f:93:74:
73:91:f3:64:ea:51:79:59:2f:8f:04:e8:f2:a5:15:
dd:4f:ff:68:08:1a:a3:41:48:ae:53:ce:14:a5:24:
4d:83:8c:fa:02:1d:9a:da:cd:16:fc:ca:25:d6:da:
dd:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:FD:DE:EA:C4:F7:2F:8F:AD:76:6E:28:31:6A:FE:4B:09:C3:50:74
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Sf3e6sT3L4-tdm4oMWr-SwnDUHQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
109.203.166.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:88:80:54:fb:62:46:5b:42:b1:7d:b7:e8:5b:a1:9a:72:45:
bd:03:e7:5c:f5:8b:fc:f8:fb:e5:3f:71:37:f0:76:2e:69:fc:
0e:06:c5:1c:e6:35:5e:19:b8:ae:5b:3e:be:34:13:ec:0b:b4:
75:a7:5e:d7:fa:63:91:0f:18:7e:c2:b5:cf:45:f0:16:f9:60:
0b:66:d7:a8:b0:2e:b0:4d:b1:30:a2:51:20:57:ec:03:1b:f3:
2b:05:bb:ad:4d:c6:7e:e4:b6:b2:d1:17:5c:f7:8e:8f:65:88:
10:50:51:91:35:32:da:32:1e:6f:9d:f1:f2:fc:06:99:98:06:
e9:1a:f1:13:95:c2:43:36:bf:ad:43:16:2e:0c:3d:97:5c:50:
41:f6:87:95:15:e7:93:09:6c:45:a0:ea:b5:2d:ca:aa:16:8f:
b2:8e:f0:8f:d8:ae:7c:28:a8:ce:36:9a:ef:0d:ac:3c:0b:6a:
3d:7a:86:af:33:c6:e8:bb:01:b3:b5:28:5b:31:e3:f0:44:29:
81:e9:f6:89:29:0b:72:4e:0b:9a:08:8a:34:3c:00:41:bb:0e:
d9:4d:09:c4:d3:e3:53:31:4d:04:99:ab:7c:d8:38:8e:c6:e5:
12:e5:88:4a:19:ed:36:49:14:92:6a:df:71:e6:86:a9:32:2f:
bd:9a:45:6a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZCk3+QMJDkk8LiGDZyEdno+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwNzEyMDI1NzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OWZkZGVlYWM0ZjcyZjhmYWQ3NjZlMjgzMTZhZmU0YjA5YzM1MDc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQdiQ+gPQCOfH+qSENlP1YUTnTZ1
KYdEykobfqWhDvCpFgtIANuZ2nTacTSem5+E13bhxkKfdd0lBOknMoQRrx2hxvIP
W0ImHkA0zeQ8k4eIRmkGhgAhVbaiEZ1c96RmS7WRx4ddLTM32LrkWoZFWsIMurPt
tT8tKccFOFSe8uvkEm3ik9ZKZ5nbfuPS4WVDwumbKvlhmUz/waOKOcRsN4ipAt0m
ErMYe+uLXgyNigHf7kpjVIqEWa1zzK62MG+0+AcnwE0WhVqh6z0LDzGfk3RzkfNk
6lF5WS+PBOjypRXdT/9oCBqjQUiuU84UpSRNg4z6Ah2a2s0W/Mol1trdKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEn93urE9y+PrXZuKDFq/ksJw1B0MB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvU2YzZTZzVDNMNC10ZG00b01Xci1Td25EVUhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJTGQAwQA
bcumMA0GCSqGSIb3DQEBCwUAA4IBAQCKiIBU+2JGW0KxfbfoW6GackW9A+dc9Yv8
+PvlP3E38HYuafwOBsUc5jVeGbiuWz6+NBPsC7R1p17X+mORDxh+wrXPRfAW+WAL
ZteosC6wTbEwolEgV+wDG/MrBbutTcZ+5Lay0Rdc946PZYgQUFGRNTLaMh5vnfHy
/AaZmAbpGvETlcJDNr+tQxYuDD2XXFBB9oeVFeeTCWxFoOq1LcqqFo+yjvCP2K58
KKjONprvDaw8C2o9eoavM8bouwGztShbMePwRCmB6faJKQtyTguaCIo0PABBuw7Z
TQnE0+NTMU0Emat82DiOxuUS5YhKGe02SRSSat9x5oapMi+9mkVq
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:05:53 2025 by rpki-client