Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eKvaPcUJvVmBtVXzUPhsCAb-D6w.roa
File: eKvaPcUJvVmBtVXzUPhsCAb-D6w.roa (raw, json)
Hash identifier: 8Nx/IwZ/ohBd9TIIZU+TkSY/XuhfEz0nc5dwcrtsWzQ=
Subject key identifier: 78:AB:DA:3D:C5:09:BD:59:81:B5:55:F3:50:F8:6C:08:06:FE:0F:AC
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019426D868D09AA1AEF0EF868D65B6DACC48
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eKvaPcUJvVmBtVXzUPhsCAb-D6w.roa
Signing time: Thu 02 Jan 2025 11:48:24 +0000
ROA not before: Thu 02 Jan 2025 11:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203963
IP address blocks: 37.49.148.0/24 maxlen: 24
94.74.137.0/24 maxlen: 24
94.74.156.0/24 maxlen: 24
94.74.158.0/24 maxlen: 24
94.74.159.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
94.74.169.0/24 maxlen: 24
94.74.171.0/24 maxlen: 24
94.74.182.0/24 maxlen: 24
94.74.187.0/24 maxlen: 24
94.74.191.0/24 maxlen: 24
109.203.163.0/24 maxlen: 24
176.46.136.0/24 maxlen: 24
176.46.138.0/24 maxlen: 24
176.46.139.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
176.46.142.0/24 maxlen: 24
176.46.144.0/24 maxlen: 24
176.46.148.0/24 maxlen: 24
176.46.149.0/24 maxlen: 24
176.46.150.0/24 maxlen: 24
176.46.152.0/24 maxlen: 24
176.46.153.0/24 maxlen: 24
176.46.154.0/24 maxlen: 24
176.46.155.0/24 maxlen: 24
176.46.156.0/24 maxlen: 24
176.46.157.0/24 maxlen: 24
176.46.158.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 06 Feb 2025 06:53:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:68:d0:9a:a1:ae:f0:ef:86:8d:65:b6:da:cc:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 11:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78abda3dc509bd5981b555f350f86c0806fe0fac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:78:2b:65:72:af:25:f3:a0:05:5d:79:3c:af:
23:34:b2:93:8a:2b:2b:ff:ae:61:fe:fd:bd:3d:e7:
42:cb:2e:b0:30:05:a2:e1:4a:a7:5e:44:0e:03:6f:
ce:d7:14:36:88:63:31:9d:c7:42:6d:91:09:90:cd:
c2:d8:6d:05:7b:d8:8a:71:96:48:f1:b5:69:1c:5c:
33:fb:ed:84:8e:75:94:21:7e:32:74:d1:49:53:20:
68:ac:ad:b7:4d:0d:ac:2e:31:c0:c3:5c:57:16:c3:
06:be:2d:c1:ed:3c:13:03:83:a0:ee:d5:0f:db:76:
82:37:5b:f2:f9:09:8e:ce:da:69:e6:2b:e2:f7:54:
57:cf:f4:5c:0e:5f:68:6d:59:e2:10:d8:9e:29:89:
ff:2f:c6:33:83:d9:12:b0:f9:25:a1:56:e0:db:d9:
c9:ae:e9:fe:63:58:7c:cd:e1:fb:d7:cd:22:15:30:
b5:e7:d1:c8:ff:40:c8:5b:58:55:4c:20:92:1e:a2:
73:2e:56:37:73:8e:c6:90:fc:32:fb:7f:a6:9e:e1:
bb:02:05:fa:d5:e1:27:ea:1e:84:be:a6:e9:d6:9f:
f0:1a:ff:f9:e7:c1:88:77:21:0c:7c:31:e0:f2:46:
b8:64:71:b8:ef:95:44:66:1a:65:16:dc:6a:0f:8a:
bc:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AB:DA:3D:C5:09:BD:59:81:B5:55:F3:50:F8:6C:08:06:FE:0F:AC
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eKvaPcUJvVmBtVXzUPhsCAb-D6w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.148.0/24
94.74.137.0/24
94.74.156.0/24
94.74.158.0/23
94.74.164.0/24
94.74.169.0/24
94.74.171.0/24
94.74.182.0/24
94.74.187.0/24
94.74.191.0/24
109.203.163.0/24
176.46.136.0/24
176.46.138.0/23
176.46.141.0-176.46.142.255
176.46.144.0/24
176.46.148.0-176.46.150.255
176.46.152.0-176.46.158.255
Signature Algorithm: sha256WithRSAEncryption
01:0e:43:71:4a:91:eb:d5:8e:98:b8:99:0c:a4:6f:4d:c0:71:
2e:46:14:7d:86:3b:2b:86:16:03:7b:8b:ad:6c:c8:70:16:d2:
a8:fe:cc:99:a2:3d:52:5c:92:c1:e1:b9:6d:bd:d4:af:fa:9c:
86:81:f9:27:a1:1d:33:e2:63:05:05:8c:36:b2:60:c0:5e:ff:
13:b9:df:41:b6:7d:30:23:dc:a0:d3:94:58:fc:6e:e7:77:9e:
70:0e:f8:b9:fc:ce:01:0e:fd:ca:5f:9c:69:40:05:59:60:4c:
b3:a5:3a:3b:8e:4d:e2:f2:61:87:97:8a:f7:95:d8:f3:6b:5d:
2e:7f:4a:eb:1b:b9:6d:d2:29:37:34:c3:41:24:61:0d:c2:25:
bc:35:13:82:77:75:ac:92:97:b0:dc:d0:ee:ef:5d:21:aa:de:
c4:26:e6:bb:77:b6:31:4b:f3:b9:c9:85:03:68:7f:05:7d:ba:
a3:05:f3:f0:86:0d:7b:16:75:a9:65:fa:d6:e0:fa:26:3d:5f:
d2:2e:6a:a9:41:74:98:3a:2b:49:ec:55:0d:0b:12:7f:d4:82:
06:13:33:c3:60:4f:e5:0c:fd:c3:0e:ac:ae:42:10:b9:fc:a2:
81:34:0f:8f:70:cd:2d:37:55:c9:3c:ac:13:1b:3a:09:ed:e7:
32:df:51:78
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZQm2GjQmqGu8O+GjWW22sxIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMTAyMTE0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGFiZGEzZGM1MDliZDU5ODFiNTU1ZjM1MGY4NmMwODA2ZmUwZmFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw3grZXKvJfOgBV15PK8jNLKTiisr
/65h/v29PedCyy6wMAWi4UqnXkQOA2/O1xQ2iGMxncdCbZEJkM3C2G0Fe9iKcZZI
8bVpHFwz++2EjnWUIX4ydNFJUyBorK23TQ2sLjHAw1xXFsMGvi3B7TwTA4Og7tUP
23aCN1vy+QmOztpp5ivi91RXz/RcDl9obVniENieKYn/L8Yzg9kSsPkloVbg29nJ
run+Y1h8zeH7180iFTC159HI/0DIW1hVTCCSHqJzLlY3c47GkPwy+3+mnuG7AgX6
1eEn6h6Evqbp1p/wGv/558GIdyEMfDHg8ka4ZHG475VEZhplFtxqD4q8pwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFHir2j3FCb1ZgbVV81D4bAgG/g+sMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZUt2YVBjVUp2Vm1CdFZYelVQaHNDQWItRDZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEACUx
lAMEAF5KiQMEAF5KnAMEAV5KngMEAF5KpAMEAF5KqQMEAF5KqwMEAF5KtgMEAF5K
uwMEAF5KvwMEAG3LowMEALAuiAMEAbAuijAMAwQAsC6NAwQAsC6OAwQAsC6QMAwD
BAKwLpQDBACwLpYwDAMEA7AumAMEALAunjANBgkqhkiG9w0BAQsFAAOCAQEAAQ5D
cUqR69WOmLiZDKRvTcBxLkYUfYY7K4YWA3uLrWzIcBbSqP7MmaI9UlySweG5bb3U
r/qchoH5J6EdM+JjBQWMNrJgwF7/E7nfQbZ9MCPcoNOUWPxu53eecA74ufzOAQ79
yl+caUAFWWBMs6U6O45N4vJhh5eK95XY82tdLn9K6xu5bdIpNzTDQSRhDcIlvDUT
gnd1rJKXsNzQ7u9dIarexCbmu3e2MUvzucmFA2h/BX26owXz8IYNexZ1qWX61uD6
Jj1f0i5qqUF0mDorSexVDQsSf9SCBhMzw2BP5Qz9ww6srkIQufyigTQPj3DNLTdV
yTysExs6Ce3nMt9ReA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:07 2025 by rpki-client