Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/hIB6jGC1m44JSYkqLkj_fl7ZfGo.roa
File: hIB6jGC1m44JSYkqLkj_fl7ZfGo.roa (raw, json)
Hash identifier: 3Rl/y3+jKoCYWn54q4gXFHeSbRiuKIoOW7xK9TDKSXk=
Subject key identifier: 84:80:7A:8C:60:B5:9B:8E:09:49:89:2A:2E:48:FF:7E:5E:D9:7C:6A
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 018CC9A318EFDBF1398776D8A5EC3D8FB243
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/hIB6jGC1m44JSYkqLkj_fl7ZfGo.roa
Signing time: Tue 02 Jan 2024 10:05:58 +0000
ROA not before: Tue 02 Jan 2024 10:05:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 176.46.145.0/24 maxlen: 24
109.203.164.0/24 maxlen: 24
109.203.166.0/24 maxlen: 24
176.46.147.0/24 maxlen: 24
37.49.146.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
31.170.55.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 10 Jan 2024 13:49:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:a3:18:ef:db:f1:39:87:76:d8:a5:ec:3d:8f:b2:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 10:05:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=84807a8c60b59b8e0949892a2e48ff7e5ed97c6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e2:7e:a9:73:a8:97:77:4d:a0:fc:5e:e3:b0:
2b:32:2e:e8:b1:df:9f:a0:50:4e:5b:43:be:9f:b1:
02:82:6e:84:e9:fd:27:01:f2:2e:b1:94:8d:bd:08:
3c:60:b0:18:03:88:05:e9:ee:9d:db:01:3a:ab:e7:
03:d2:41:4c:d2:bd:95:8b:68:c5:42:82:09:89:ca:
98:f4:85:a8:99:ea:53:1b:8d:00:80:77:33:f0:39:
2b:47:e3:40:93:5a:18:a9:3e:80:6c:34:ac:a1:07:
42:65:95:f9:e7:d4:80:22:f3:8d:c7:7d:71:46:ef:
cf:15:5f:57:75:c0:29:90:84:8b:ce:c3:51:93:55:
96:b0:0b:82:8a:55:06:eb:97:0c:9c:78:61:86:cc:
2f:5e:d6:c5:20:66:76:58:c5:a7:da:40:31:54:9f:
f4:b1:26:04:a3:d6:3f:fa:b8:49:b7:f7:04:f9:30:
51:0d:82:fa:c6:0e:26:41:d6:ee:1f:ba:d0:17:08:
34:f7:8e:c5:f6:e6:1c:37:17:ed:8b:e5:d1:00:39:
d2:97:6f:f3:97:1b:14:c0:e5:b0:3d:b1:70:d6:df:
23:38:15:4c:f9:fd:fc:5a:c0:ad:7d:f3:b2:bc:f8:
05:43:b2:88:10:26:bf:a3:ee:8a:2e:85:08:b8:8e:
33:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:80:7A:8C:60:B5:9B:8E:09:49:89:2A:2E:48:FF:7E:5E:D9:7C:6A
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/hIB6jGC1m44JSYkqLkj_fl7ZfGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.170.55.0/24
37.49.146.0/24
37.49.151.0/24
94.74.173.0/24
109.203.164.0/24
109.203.166.0/24
176.46.145.0/24
176.46.147.0/24
Signature Algorithm: sha256WithRSAEncryption
69:3d:54:b9:78:6b:3d:96:29:dc:1f:b7:09:a7:34:24:a7:9d:
30:98:19:0b:4a:c4:f3:8b:52:4b:6c:e5:34:c0:12:72:ef:2e:
21:99:67:5b:ca:ae:ea:98:fe:9c:cd:99:e0:7a:97:f3:b1:23:
78:da:cb:6e:c1:2e:64:a0:9d:13:50:71:2f:f4:2f:8a:97:3a:
27:b4:2e:0e:2d:82:51:c9:fa:79:fa:b2:00:9f:71:61:3f:d6:
db:15:f8:36:67:cb:d5:2e:fd:23:07:e3:55:57:66:ab:f4:7f:
38:12:3a:eb:3f:9c:22:46:2e:3c:39:04:30:d2:7d:6f:52:e7:
52:fc:ec:1d:3c:0f:2b:58:fb:90:0a:26:23:dd:64:2f:ac:45:
d9:52:ad:a8:9e:1b:7c:9d:03:37:17:e1:90:09:08:e2:dc:d0:
a5:b0:da:e7:7a:ac:41:16:b8:8a:ae:2e:27:af:d6:24:bb:6d:
42:05:23:d5:29:cb:af:8f:05:ec:6f:6f:4a:32:f7:4c:45:01:
62:3c:39:7f:6d:22:82:5e:7a:6f:1a:4c:21:86:b3:5a:a4:2c:
b1:ae:a0:af:7c:73:35:6d:07:d2:eb:4c:34:2a:ea:ad:1d:c2:
61:7e:aa:2c:8f:b8:d7:1b:96:7a:62:6f:14:56:ec:fe:49:a3:
3e:47:b6:88
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzJoxjv2/E5h3bYpew9j7JDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwMTAyMTAwNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDgwN2E4YzYwYjU5YjhlMDk0OTg5MmEyZTQ4ZmY3ZTVlZDk3YzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1eJ+qXOol3dNoPxe47ArMi7osd+f
oFBOW0O+n7ECgm6E6f0nAfIusZSNvQg8YLAYA4gF6e6d2wE6q+cD0kFM0r2Vi2jF
QoIJicqY9IWomepTG40AgHcz8DkrR+NAk1oYqT6AbDSsoQdCZZX559SAIvONx31x
Ru/PFV9XdcApkISLzsNRk1WWsAuCilUG65cMnHhhhswvXtbFIGZ2WMWn2kAxVJ/0
sSYEo9Y/+rhJt/cE+TBRDYL6xg4mQdbuH7rQFwg0947F9uYcNxfti+XRADnSl2/z
lxsUwOWwPbFw1t8jOBVM+f38WsCtffOyvPgFQ7KIECa/o+6KLoUIuI4z7wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFISAeoxgtZuOCUmJKi5I/35e2XxqMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvaElCNmpHQzFtNDRKU1lrcUxral9mbDdaZkdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAH6o3AwQA
JTGSAwQAJTGXAwQAXkqtAwQAbcukAwQAbcumAwQAsC6RAwQAsC6TMA0GCSqGSIb3
DQEBCwUAA4IBAQBpPVS5eGs9lincH7cJpzQkp50wmBkLSsTzi1JLbOU0wBJy7y4h
mWdbyq7qmP6czZngepfzsSN42stuwS5koJ0TUHEv9C+KlzontC4OLYJRyfp5+rIA
n3FhP9bbFfg2Z8vVLv0jB+NVV2ar9H84EjrrP5wiRi48OQQw0n1vUudS/OwdPA8r
WPuQCiYj3WQvrEXZUq2onht8nQM3F+GQCQji3NClsNrneqxBFriKri4nr9Yku21C
BSPVKcuvjwXsb29KMvdMRQFiPDl/bSKCXnpvGkwhhrNapCyxrqCvfHM1bQfS60w0
KuqtHcJhfqosj7jXG5Z6Ym8UVuz+SaM+R7aI
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:11:43 2025 by rpki-client