Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/c5hiYMhs_r_H_DfxqH1-Rpraldk.roa
File: c5hiYMhs_r_H_DfxqH1-Rpraldk.roa (raw, json)
Hash identifier: +1T6fzvvhTxtBC6PHdOAmeEty1gSOHiaqkCh+g+K5Hs=
Subject key identifier: 73:98:62:60:C8:6C:FE:BF:C7:FC:37:F1:A8:7D:7E:46:9A:DA:95:D9
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0191EA51185C062C89074273A52B3C940E59
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/c5hiYMhs_r_H_DfxqH1-Rpraldk.roa
Signing time: Fri 13 Sep 2024 07:37:48 +0000
ROA not before: Fri 13 Sep 2024 07:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7029
IP address blocks: 37.49.150.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
176.46.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 02 Jan 2025 11:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ea:51:18:5c:06:2c:89:07:42:73:a5:2b:3c:94:0e:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Sep 13 07:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=73986260c86cfebfc7fc37f1a87d7e469ada95d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ca:40:97:9f:9b:2b:8a:30:f7:22:0b:a8:c7:
78:24:c9:4a:7f:2f:dc:c3:21:2e:28:fc:d9:99:63:
35:b5:ec:02:7b:a9:f6:95:bd:62:da:fa:89:e0:8c:
b9:5b:cb:b8:19:a7:03:98:bc:db:14:3b:cf:74:36:
62:c5:a7:b8:f9:49:17:60:55:ca:7d:73:c9:1e:df:
97:e3:06:f6:75:31:0b:af:1a:05:ab:a0:1c:1e:3d:
0d:43:a2:29:21:66:d3:f8:09:f6:56:e7:6c:63:a2:
a8:6f:df:aa:47:f8:63:9c:fc:5c:f9:30:80:17:ab:
d4:08:fa:d8:19:58:cd:a2:3a:f1:12:93:2d:52:8b:
20:b7:b7:d5:18:ac:4e:b7:da:f1:58:82:f2:77:8c:
fd:43:4c:95:b2:14:d5:d8:b8:a4:36:e1:05:0a:61:
77:1c:59:4d:e9:e1:cb:b4:cf:47:ea:ea:4d:af:db:
c4:18:a0:99:3b:ec:d1:7a:3b:d5:85:17:bf:e9:76:
5c:1b:fb:a2:e1:25:d8:0f:6e:ea:aa:9c:37:a1:fa:
f0:1e:3f:d6:da:a8:50:f5:1c:26:5f:40:1a:d4:49:
1f:97:e0:b0:30:d1:ea:14:3b:40:bd:04:95:f8:66:
00:4e:cb:02:8b:fb:ed:84:bd:68:5d:03:bc:7d:d3:
22:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:98:62:60:C8:6C:FE:BF:C7:FC:37:F1:A8:7D:7E:46:9A:DA:95:D9
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/c5hiYMhs_r_H_DfxqH1-Rpraldk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.150.0/24
176.46.143.0/24
176.46.146.0/24
176.46.159.0/24
Signature Algorithm: sha256WithRSAEncryption
50:50:50:69:38:b8:88:3a:bb:d3:be:31:93:11:67:a4:7b:24:
fc:87:b2:90:19:bb:0c:56:0f:ca:21:33:84:65:69:d1:30:70:
97:9c:54:4e:e5:39:9b:57:16:1f:1e:da:9c:a2:03:9c:70:68:
b9:70:f6:07:5c:24:09:f2:09:57:2d:af:5a:d5:0f:20:6e:a1:
89:3e:f2:28:61:39:69:b1:ee:b1:c2:7a:0d:c3:78:0c:02:22:
f9:83:9f:a8:ff:7d:bc:f6:79:e2:b7:03:7b:e7:d6:44:5e:6f:
bd:51:24:d5:56:65:a3:6f:0c:90:b1:85:dd:2d:8c:b8:f1:a7:
7e:75:cb:37:3a:0f:0e:c6:51:5a:4a:35:40:5e:04:b6:61:3d:
96:0f:17:3f:e4:b2:73:97:e2:21:75:49:21:b2:8c:e9:96:ba:
c5:73:34:71:4c:62:a6:f0:15:a9:f8:27:16:73:39:bb:2f:f7:
52:78:83:99:ab:33:87:a5:5e:84:53:ab:1e:43:e2:88:78:5f:
7e:e0:8e:e6:b7:11:de:37:67:c6:b6:ca:fa:46:50:9b:2c:4a:
63:87:fc:3b:44:a1:49:e0:98:37:a6:d7:50:c9:62:3c:e8:e0:
a0:45:53:d6:af:01:c3:ba:d1:d5:23:77:8f:74:5e:ec:b3:73:
5a:4a:bf:e9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHqURhcBiyJB0JzpSs8lA5ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwOTEzMDczNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Mzk4NjI2MGM4NmNmZWJmYzdmYzM3ZjFhODdkN2U0NjlhZGE5NWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtspAl5+bK4ow9yILqMd4JMlKfy/c
wyEuKPzZmWM1tewCe6n2lb1i2vqJ4Iy5W8u4GacDmLzbFDvPdDZixae4+UkXYFXK
fXPJHt+X4wb2dTELrxoFq6AcHj0NQ6IpIWbT+An2VudsY6Kob9+qR/hjnPxc+TCA
F6vUCPrYGVjNojrxEpMtUosgt7fVGKxOt9rxWILyd4z9Q0yVshTV2LikNuEFCmF3
HFlN6eHLtM9H6upNr9vEGKCZO+zRejvVhRe/6XZcG/ui4SXYD27qqpw3ofrwHj/W
2qhQ9RwmX0Aa1Ekfl+CwMNHqFDtAvQSV+GYATssCi/vthL1oXQO8fdMicwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHOYYmDIbP6/x/w38ah9fkaa2pXZMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvYzVoaVlNaHNfcl9IX0RmeHFIMS1ScHJhbGRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJTGWAwQA
sC6PAwQAsC6SAwQAsC6fMA0GCSqGSIb3DQEBCwUAA4IBAQBQUFBpOLiIOrvTvjGT
EWekeyT8h7KQGbsMVg/KITOEZWnRMHCXnFRO5TmbVxYfHtqcogOccGi5cPYHXCQJ
8glXLa9a1Q8gbqGJPvIoYTlpse6xwnoNw3gMAiL5g5+o/3289nnitwN759ZEXm+9
USTVVmWjbwyQsYXdLYy48ad+dcs3Og8OxlFaSjVAXgS2YT2WDxc/5LJzl+IhdUkh
sozplrrFczRxTGKm8BWp+CcWczm7L/dSeIOZqzOHpV6EU6seQ+KIeF9+4I7mtxHe
N2fGtsr6RlCbLEpjh/w7RKFJ4Jg3ptdQyWI86OCgRVPWrwHDutHVI3ePdF7ss3Na
Sr/p
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:47:07 2025 by rpki-client