Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Wq6oBT1lJW2bKEX_v603HK3_5Z8.roa
File: Wq6oBT1lJW2bKEX_v603HK3_5Z8.roa (raw, json)
Hash identifier: P07SiKunytyL9ZiN17p8FL7Fx2QvbJr7/OiBmS9Meto=
Subject key identifier: 5A:AE:A8:05:3D:65:25:6D:9B:28:45:FF:BF:AD:37:1C:AD:FF:E5:9F
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0193C5BB3C8DDFC22F734AFCC4E6F7478465
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Wq6oBT1lJW2bKEX_v603HK3_5Z8.roa
Signing time: Sat 14 Dec 2024 15:13:22 +0000
ROA not before: Sat 14 Dec 2024 15:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 37.49.148.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:c5:bb:3c:8d:df:c2:2f:73:4a:fc:c4:e6:f7:47:84:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Dec 14 15:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5aaea8053d65256d9b2845ffbfad371cadffe59f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e9:5f:a9:23:80:5f:ef:54:09:c9:ff:4f:19:
b5:9f:3f:24:98:54:9c:bb:bb:0a:4a:cf:57:de:d0:
2c:0c:75:8a:7f:ce:8c:64:98:3d:b4:2a:7a:da:61:
b0:5e:e7:f7:51:98:60:bf:1c:4c:2a:dd:76:6f:82:
d5:65:e9:f5:0e:40:15:86:16:17:c2:4e:66:de:2e:
d1:e6:30:05:10:75:77:0c:f5:4f:4e:70:5f:08:7f:
44:7a:55:e6:7f:16:3a:24:58:ac:34:c9:66:f2:ad:
8a:d7:c1:09:f3:db:00:a7:16:84:50:41:1d:63:e3:
d4:81:13:b7:8d:20:d8:96:d4:0c:78:d7:40:3a:d9:
40:ff:8c:6a:17:27:07:d0:5c:10:9b:aa:b6:0e:0f:
d6:ab:1e:d6:d4:49:b6:f1:43:14:a1:f0:1f:6d:53:
a3:a5:94:ef:6d:eb:f1:ca:d5:1f:cf:d3:8b:3c:16:
74:ff:50:b3:57:09:97:ac:02:28:4e:7a:e2:90:bd:
e4:3b:79:23:89:dd:6c:46:db:2c:2c:ef:ca:21:1f:
5e:09:c5:a4:2c:cc:f7:21:82:10:66:0c:43:30:c1:
25:36:35:a3:6b:b0:02:a9:14:7e:bf:e4:40:17:c4:
dd:3a:39:75:5f:d4:48:8d:3e:05:75:b4:90:7b:29:
b5:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:AE:A8:05:3D:65:25:6D:9B:28:45:FF:BF:AD:37:1C:AD:FF:E5:9F
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/Wq6oBT1lJW2bKEX_v603HK3_5Z8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/24
94.74.158.0/24
176.46.141.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:f7:ce:e9:09:15:9f:4d:ef:f5:61:31:10:94:93:82:b7:4e:
b0:33:73:bc:b4:73:e9:59:7e:22:28:d4:a8:7f:3a:92:d5:9d:
39:2e:f8:d9:8b:a9:55:17:83:a2:18:93:72:77:fc:98:9f:1c:
ef:54:e9:37:91:6f:22:48:bf:98:97:f1:19:83:61:6f:41:46:
21:38:25:c4:49:2d:77:c2:87:cf:ee:28:72:6a:10:ed:ae:58:
59:1f:48:43:bb:f9:b6:7d:3a:de:94:e9:11:0e:8e:2c:5a:55:
ab:f6:de:c4:43:f9:d9:0d:44:a7:b8:2b:ab:6a:e6:f0:9f:44:
b5:58:16:6c:b9:09:3c:a1:d6:9a:8c:ea:f2:94:7e:95:c3:25:
a5:74:df:33:3b:b3:c2:c7:af:e8:ac:85:2c:2e:6b:73:a5:c5:
c1:98:a6:3f:68:f3:fa:44:50:53:ee:4a:95:ea:7e:c0:d5:87:
2c:8b:08:42:1a:dd:93:60:0a:61:46:53:73:3b:2b:fc:19:10:
8e:8b:ae:96:03:74:13:18:7f:f2:06:98:a1:dd:8b:da:00:79:
74:dd:b8:21:99:de:75:35:3c:f4:bc:3c:42:52:02:56:8f:7f:
2e:cc:bd:bb:64:a9:51:21:2d:72:52:ce:d6:d8:83:47:7f:a9:
66:db:8c:4a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZPFuzyN38Ivc0r8xOb3R4RlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQxMjE0MTUxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YWFlYTgwNTNkNjUyNTZkOWIyODQ1ZmZiZmFkMzcxY2FkZmZlNTlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOlfqSOAX+9UCcn/Txm1nz8kmFSc
u7sKSs9X3tAsDHWKf86MZJg9tCp62mGwXuf3UZhgvxxMKt12b4LVZen1DkAVhhYX
wk5m3i7R5jAFEHV3DPVPTnBfCH9EelXmfxY6JFisNMlm8q2K18EJ89sApxaEUEEd
Y+PUgRO3jSDYltQMeNdAOtlA/4xqFycH0FwQm6q2Dg/Wqx7W1Em28UMUofAfbVOj
pZTvbevxytUfz9OLPBZ0/1CzVwmXrAIoTnrikL3kO3kjid1sRtssLO/KIR9eCcWk
LMz3IYIQZgxDMMElNjWja7ACqRR+v+RAF8TdOjl1X9RIjT4FdbSQeym1swIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFquqAU9ZSVtmyhF/7+tNxyt/+WfMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvV3E2b0JUMWxKVzJiS0VYX3Y2MDNISzNfNVo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJTGUAwQA
XkqeAwQAsC6NMA0GCSqGSIb3DQEBCwUAA4IBAQCo987pCRWfTe/1YTEQlJOCt06w
M3O8tHPpWX4iKNSofzqS1Z05LvjZi6lVF4OiGJNyd/yYnxzvVOk3kW8iSL+Yl/EZ
g2FvQUYhOCXESS13wofP7ihyahDtrlhZH0hDu/m2fTrelOkRDo4sWlWr9t7EQ/nZ
DUSnuCuraubwn0S1WBZsuQk8odaajOrylH6VwyWldN8zO7PCx6/orIUsLmtzpcXB
mKY/aPP6RFBT7kqV6n7A1YcsiwhCGt2TYAphRlNzOyv8GRCOi66WA3QTGH/yBpih
3YvaAHl03bghmd51NTz0vDxCUgJWj38uzL27ZKlRIS1yUs7W2INHf6lm24xK
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:27 2025 by rpki-client