Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/lFV-2Uk5Xyxybt3UCLRnHs-iSc0.roa
File: lFV-2Uk5Xyxybt3UCLRnHs-iSc0.roa (raw, json)
Hash identifier: Nu3Y5zQeS2GAgzKUkSKzfvLf+ztKqPmYTpd7A5UT/hE=
Subject key identifier: 94:55:7E:D9:49:39:5F:2C:72:6E:DD:D4:08:B4:67:1E:CF:A2:49:CD
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019426D864512A29A42C3D35E21464C47CED
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/lFV-2Uk5Xyxybt3UCLRnHs-iSc0.roa
Signing time: Thu 02 Jan 2025 11:48:23 +0000
ROA not before: Thu 02 Jan 2025 11:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 37.49.150.0/24 maxlen: 24
176.46.143.0/24 maxlen: 24
176.46.146.0/24 maxlen: 24
176.46.159.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 08 Jan 2025 10:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:64:51:2a:29:a4:2c:3d:35:e2:14:64:c4:7c:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jan 2 11:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94557ed949395f2c726eddd408b4671ecfa249cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:86:f1:52:0c:35:c6:89:ee:a7:e1:bd:0f:7b:
75:0c:43:38:e0:5d:19:4b:a2:b6:fd:f2:32:fc:2f:
7c:0e:5e:1f:57:77:09:63:a6:59:28:d6:57:6c:08:
19:92:3a:3a:22:0e:4b:d6:0a:0e:7f:84:21:c5:df:
b6:d4:72:eb:be:a1:bc:e9:8c:41:99:00:52:d9:8f:
7d:6a:af:45:5a:74:fc:e7:54:91:90:de:9e:fc:78:
2b:83:d5:93:d3:5b:c6:5c:c3:c8:98:1d:e8:ae:0c:
a3:2e:3b:39:76:97:2e:ac:d8:af:fe:42:72:29:8f:
c3:89:c7:1b:b4:53:2d:45:47:95:f3:34:0a:d7:41:
cc:8a:c8:cd:84:11:58:7f:41:71:05:fd:ba:31:63:
ca:0b:f9:e4:16:64:95:70:34:e6:e6:4d:cb:30:d2:
be:37:a3:02:86:d0:2e:a7:09:10:8b:d0:bd:8c:36:
55:60:1f:16:bd:92:60:a0:e5:93:79:0a:c9:c3:12:
79:99:e8:f1:81:6a:f3:a5:5f:c8:c7:02:f1:6b:4e:
70:3e:9c:6d:c8:94:4c:ad:1c:06:59:a2:b0:f2:45:
be:2c:e5:2f:94:e9:7f:bc:88:59:d4:dc:93:c7:d9:
9c:77:05:23:81:9c:61:59:f7:d9:9b:6c:d5:8f:47:
1b:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:55:7E:D9:49:39:5F:2C:72:6E:DD:D4:08:B4:67:1E:CF:A2:49:CD
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/lFV-2Uk5Xyxybt3UCLRnHs-iSc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.150.0/24
176.46.143.0/24
176.46.146.0/24
176.46.159.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:38:2f:58:dd:ca:1f:d7:77:1f:0d:df:64:bc:50:53:36:e6:
af:fc:85:fc:27:48:68:81:68:a5:87:d6:39:17:7c:e8:12:2d:
ae:5d:d8:16:d7:e7:ac:fc:bb:11:03:b8:a3:7c:f1:b1:2b:3a:
fe:10:51:af:4c:af:80:98:76:b3:81:21:c6:ff:93:d2:75:b1:
db:d7:69:fd:27:f9:fe:ad:f3:64:f8:38:28:43:bd:56:5d:32:
3a:a6:34:e1:6f:de:e1:3e:5f:37:a5:97:70:81:66:0c:d1:45:
f3:82:94:d8:22:e1:d8:79:cf:cf:0c:80:4c:f9:fa:4f:a5:40:
15:70:06:a6:eb:9c:ca:20:77:60:b7:1f:97:bd:e6:60:73:d2:
ee:17:28:85:be:76:97:d6:da:6a:44:fd:b2:6b:9b:b9:03:29:
5f:32:6b:77:4c:24:5e:9e:4f:8b:dc:f1:d3:ca:1d:04:f0:76:
ac:d4:1c:da:db:80:40:85:aa:48:21:6b:3c:5e:c5:47:99:2a:
ed:7a:f9:89:18:49:29:66:cb:56:68:1f:57:4f:ce:51:a9:9a:
e4:9b:53:77:c3:17:de:7f:47:53:6a:5b:2c:34:db:3d:d0:93:
ec:c1:60:a3:ff:ba:e3:8c:a7:61:04:81:84:95:bf:de:3f:32:
c1:0f:56:81
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQm2GRRKimkLD014hRkxHztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUwMTAyMTE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDU1N2VkOTQ5Mzk1ZjJjNzI2ZWRkZDQwOGI0NjcxZWNmYTI0OWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIbxUgw1xonup+G9D3t1DEM44F0Z
S6K2/fIy/C98Dl4fV3cJY6ZZKNZXbAgZkjo6Ig5L1goOf4Qhxd+21HLrvqG86YxB
mQBS2Y99aq9FWnT851SRkN6e/Hgrg9WT01vGXMPImB3orgyjLjs5dpcurNiv/kJy
KY/DiccbtFMtRUeV8zQK10HMisjNhBFYf0FxBf26MWPKC/nkFmSVcDTm5k3LMNK+
N6MChtAupwkQi9C9jDZVYB8WvZJgoOWTeQrJwxJ5mejxgWrzpV/IxwLxa05wPpxt
yJRMrRwGWaKw8kW+LOUvlOl/vIhZ1NyTx9mcdwUjgZxhWffZm2zVj0cbIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJRVftlJOV8scm7d1Ai0Zx7PoknNMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvbEZWLTJVazVYeXh5YnQzVUNMUm5Icy1pU2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJTGWAwQA
sC6PAwQAsC6SAwQAsC6fMA0GCSqGSIb3DQEBCwUAA4IBAQAOOC9Y3cof13cfDd9k
vFBTNuav/IX8J0hogWilh9Y5F3zoEi2uXdgW1+es/LsRA7ijfPGxKzr+EFGvTK+A
mHazgSHG/5PSdbHb12n9J/n+rfNk+DgoQ71WXTI6pjThb97hPl83pZdwgWYM0UXz
gpTYIuHYec/PDIBM+fpPpUAVcAam65zKIHdgtx+XveZgc9LuFyiFvnaX1tpqRP2y
a5u5AylfMmt3TCRenk+L3PHTyh0E8Has1Bza24BAhapIIWs8XsVHmSrtevmJGEkp
ZstWaB9XT85RqZrkm1N3wxfef0dTalssNNs90JPswWCj/7rjjKdhBIGElb/ePzLB
D1aB
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:04:42 2025 by rpki-client