Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eSqYf2NVC2yVeAQiBEFutRFcFBY.roa
File: eSqYf2NVC2yVeAQiBEFutRFcFBY.roa (raw, json)
Hash identifier: fWMBwZ78IwPGtukmUemEhnW1sUt56jVTFCdFvbqea6g=
Subject key identifier: 79:2A:98:7F:63:55:0B:6C:95:78:04:22:04:41:6E:B5:11:5C:14:16
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01924B2F11434CE593B86E13B16942A97DA6
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eSqYf2NVC2yVeAQiBEFutRFcFBY.roa
Signing time: Wed 02 Oct 2024 03:03:48 +0000
ROA not before: Wed 02 Oct 2024 03:03:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 37.49.144.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Oct 2024 08:43:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4b:2f:11:43:4c:e5:93:b8:6e:13:b1:69:42:a9:7d:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 2 03:03:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=792a987f63550b6c9578042204416eb5115c1416
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:80:92:bd:df:3c:15:c2:1a:c0:e1:86:b3:73:
56:db:14:37:2b:3d:cf:dd:a0:02:60:15:34:47:12:
ad:7c:47:7e:a8:78:f6:f2:87:4f:8d:07:ee:ca:ec:
eb:f0:ba:b2:20:4b:d8:c4:fd:a3:39:e4:18:ab:84:
c0:01:b5:3d:3e:6c:3c:cb:34:55:6b:47:1c:6d:91:
99:69:50:a7:4f:e3:fc:77:bf:38:6e:17:b8:ee:3b:
20:7a:96:79:d1:29:af:e8:7f:2e:66:eb:fd:f0:c4:
67:24:ec:3d:ab:22:63:ab:a7:44:0e:33:af:fd:37:
ff:89:7a:f8:ae:92:96:64:0e:78:d1:0f:df:a3:15:
14:47:f7:9b:98:86:08:78:00:48:ea:13:fb:c7:20:
13:32:f5:35:66:0d:82:b5:12:e6:c7:f0:91:d7:13:
51:07:0b:ad:f4:c1:4b:47:d8:f2:e8:6c:cb:02:b2:
2e:c3:29:bf:d5:d5:60:dd:b7:60:dd:a7:c5:48:44:
6b:25:fa:38:e4:68:38:0a:b2:81:2f:f8:30:ac:fd:
07:e4:83:8e:55:90:07:ef:30:46:9c:42:6e:8a:96:
40:63:2a:e8:56:a2:91:d5:e2:2b:2c:77:c9:bb:80:
47:aa:59:bf:58:7f:64:67:54:01:56:b2:64:7d:80:
0b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2A:98:7F:63:55:0B:6C:95:78:04:22:04:41:6E:B5:11:5C:14:16
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/eSqYf2NVC2yVeAQiBEFutRFcFBY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
94.74.152.0/22
109.203.166.0/24
109.203.168.0/21
109.203.184.0/21
Signature Algorithm: sha256WithRSAEncryption
a0:e1:8e:e1:a9:59:51:ad:ae:9f:b6:ad:01:f6:f7:3f:f0:fc:
21:c5:b5:6e:31:32:8e:db:77:8c:a5:55:0f:ea:85:10:25:73:
ad:05:95:bc:91:1a:dc:d6:d8:12:6d:dd:b8:07:24:5a:09:a1:
5f:ee:97:d4:b1:06:8a:7e:51:d5:d5:8e:b8:4d:8d:60:64:ae:
16:98:2c:fa:d9:4f:21:54:8a:ae:76:a3:c8:02:09:1c:9a:03:
d8:0e:9c:de:8e:00:61:c9:5b:fc:d7:a9:b1:da:cb:60:1c:2a:
de:82:b9:d4:f6:e7:e6:49:9b:0b:35:6e:9a:32:be:a3:8f:04:
b7:f6:02:12:4b:43:3a:a0:ff:8d:54:61:25:67:aa:c7:f1:81:
cc:85:61:8b:fa:98:7d:aa:46:f7:72:00:24:98:47:2b:3c:bb:
eb:ec:2c:60:64:a3:0b:21:dd:08:b2:55:0d:9f:25:52:f9:06:
e2:18:04:e2:ed:a6:bc:98:6c:0e:04:07:17:32:72:78:b3:01:
b1:06:29:9e:1a:72:f0:e5:12:6e:89:8c:bc:1f:cd:8f:84:4b:
13:d5:2c:e8:fc:d1:7b:94:12:a6:c9:10:c7:1f:b4:b9:d5:95:
b1:01:e7:68:ec:24:f1:3f:6d:ef:25:33:bd:fc:a8:08:be:33:
c6:55:a7:c7
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJLLxFDTOWTuG4TsWlCqX2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQxMDAyMDMwMzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTJhOTg3ZjYzNTUwYjZjOTU3ODA0MjIwNDQxNmViNTExNWMxNDE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ICSvd88FcIawOGGs3NW2xQ3Kz3P
3aACYBU0RxKtfEd+qHj28odPjQfuyuzr8LqyIEvYxP2jOeQYq4TAAbU9Pmw8yzRV
a0ccbZGZaVCnT+P8d784bhe47jsgepZ50Smv6H8uZuv98MRnJOw9qyJjq6dEDjOv
/Tf/iXr4rpKWZA540Q/foxUUR/ebmIYIeABI6hP7xyATMvU1Zg2CtRLmx/CR1xNR
Bwut9MFLR9jy6GzLArIuwym/1dVg3bdg3afFSERrJfo45Gg4CrKBL/gwrP0H5IOO
VZAH7zBGnEJuipZAYyroVqKR1eIrLHfJu4BHqlm/WH9kZ1QBVrJkfYALVwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHkqmH9jVQtslXgEIgRBbrURXBQWMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvZVNxWWYyTlZDMnlWZUFRaUJFRnV0UkZjRkJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAJTGQAwQC
XkqYAwQAbcumAwQDbcuoAwQDbcu4MA0GCSqGSIb3DQEBCwUAA4IBAQCg4Y7hqVlR
ra6ftq0B9vc/8PwhxbVuMTKO23eMpVUP6oUQJXOtBZW8kRrc1tgSbd24ByRaCaFf
7pfUsQaKflHV1Y64TY1gZK4WmCz62U8hVIqudqPIAgkcmgPYDpzejgBhyVv816mx
2stgHCregrnU9ufmSZsLNW6aMr6jjwS39gISS0M6oP+NVGElZ6rH8YHMhWGL+ph9
qkb3cgAkmEcrPLvr7CxgZKMLId0IslUNnyVS+QbiGATi7aa8mGwOBAcXMnJ4swGx
BimeGnLw5RJuiYy8H82PhEsT1Szo/NF7lBKmyRDHH7S51ZWxAedo7CTxP23vJTO9
/KgIvjPGVafH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:01:09 2025 by rpki-client