Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rg4zJm8GS8ioqM0HK9Kgn2gQ50Q.roa
File: rg4zJm8GS8ioqM0HK9Kgn2gQ50Q.roa (raw, json)
Hash identifier: cODaFs5qo07vun5ZqhFHqWbhI9V9W5NtFl+ru21CKEc=
Subject key identifier: AE:0E:33:26:6F:06:4B:C8:A8:A8:CD:07:2B:D2:A0:9F:68:10:E7:44
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 0190EE37FB53D1E53EC2C7F7C0C5AD02DD64
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rg4zJm8GS8ioqM0HK9Kgn2gQ50Q.roa
Signing time: Fri 26 Jul 2024 08:46:04 +0000
ROA not before: Fri 26 Jul 2024 08:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 37.49.145.0/24 maxlen: 24
37.49.147.0/24 maxlen: 24
37.49.151.0/24 maxlen: 24
94.74.147.0/24 maxlen: 24
94.74.168.0/24 maxlen: 24
94.74.173.0/24 maxlen: 24
109.203.160.0/24 maxlen: 24
109.203.161.0/24 maxlen: 24
176.46.129.0/24 maxlen: 24
176.46.130.0/24 maxlen: 24
176.46.133.0/24 maxlen: 24
176.46.134.0/24 maxlen: 24
176.46.135.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 11 Sep 2024 07:32:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ee:37:fb:53:d1:e5:3e:c2:c7:f7:c0:c5:ad:02:dd:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Jul 26 08:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae0e33266f064bc8a8a8cd072bd2a09f6810e744
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:5e:31:15:84:b5:99:04:f5:fa:e8:6f:d2:7c:
86:74:6a:45:fa:55:3c:75:77:30:df:68:6d:23:c9:
ef:0f:d4:62:57:0e:ff:c1:92:46:ac:18:36:22:50:
06:9d:89:4e:1e:13:bb:66:15:a4:46:d3:e5:0f:c0:
9e:34:c4:02:a9:7a:6d:6d:82:b9:46:51:fd:96:bb:
9d:92:d3:9a:b5:e2:4c:d3:af:7f:6d:d1:d6:f9:d1:
69:d1:29:c0:fe:7b:ef:26:5f:bf:1c:34:c3:0a:75:
5a:b0:03:00:15:b5:cc:b7:82:11:9d:9a:38:13:e4:
6f:c4:bf:f1:77:c1:2c:8d:41:60:71:96:e6:fb:57:
07:b6:0f:7a:e6:54:2e:15:5a:07:d2:3c:e0:cb:87:
f0:91:6d:04:75:2e:3c:34:9f:9e:13:64:84:d6:ab:
54:de:28:64:5b:f8:1a:a9:90:bb:7a:e7:ad:b1:62:
7b:c7:ab:69:a5:b5:ed:e7:f2:38:a9:74:ee:24:a5:
63:cb:95:27:dd:05:c1:92:12:b5:cb:43:8c:eb:b6:
6d:39:e7:61:f7:8a:2f:ae:e2:9b:52:97:aa:de:14:
44:0c:05:2f:57:f6:d8:71:76:99:8c:41:d2:2e:02:
c9:f2:9f:47:19:3e:0a:13:3c:f5:58:31:95:67:c8:
39:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:0E:33:26:6F:06:4B:C8:A8:A8:CD:07:2B:D2:A0:9F:68:10:E7:44
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/rg4zJm8GS8ioqM0HK9Kgn2gQ50Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.145.0/24
37.49.147.0/24
37.49.151.0/24
94.74.147.0/24
94.74.168.0/24
94.74.173.0/24
109.203.160.0/23
176.46.129.0-176.46.130.255
176.46.133.0-176.46.135.255
Signature Algorithm: sha256WithRSAEncryption
78:95:d6:0a:a7:b1:6d:da:d1:c2:e6:52:1f:7e:9b:de:1b:b5:
7b:a7:65:d1:8f:b6:84:25:32:97:a9:ef:cf:e6:ee:0f:93:db:
36:6e:33:29:a2:c7:e4:9e:02:44:17:02:86:14:82:1b:1c:1a:
6d:f7:81:5d:01:4d:d1:1c:1d:e9:85:86:4b:05:ed:36:de:f8:
9c:1b:ec:b7:13:f9:40:87:09:3c:b6:cb:01:4f:38:c1:22:1c:
ba:f7:66:fc:62:e5:16:64:19:64:bd:de:65:ee:ee:96:6f:2e:
48:74:a9:30:3e:ac:a0:6b:d5:e0:41:28:cf:1e:42:5a:65:23:
16:93:1a:b4:ba:34:44:f6:3d:3e:19:e1:16:3a:df:c0:db:04:
da:ca:8f:08:4c:4d:48:66:57:18:78:05:31:9d:aa:93:39:66:
4d:cb:37:42:7c:4a:e8:7e:b3:aa:13:47:68:28:e4:4c:84:49:
ff:c9:29:29:dd:86:2d:18:b4:3a:98:e3:5b:c8:92:9f:7e:8d:
ac:cb:47:56:e0:35:79:b4:7b:6e:6f:35:54:65:1c:98:51:81:
29:de:0b:71:3c:99:cd:4c:43:fb:db:46:a7:3d:9a:ea:69:4a:
8f:a9:0b:84:a0:b2:91:d7:4a:34:60:08:fb:1d:21:87:ef:52:
7f:66:19:46
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZDuN/tT0eU+wsf3wMWtAt1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQwNzI2MDg0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTBlMzMyNjZmMDY0YmM4YThhOGNkMDcyYmQyYTA5ZjY4MTBlNzQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs14xFYS1mQT1+uhv0nyGdGpF+lU8
dXcw32htI8nvD9RiVw7/wZJGrBg2IlAGnYlOHhO7ZhWkRtPlD8CeNMQCqXptbYK5
RlH9lrudktOateJM069/bdHW+dFp0SnA/nvvJl+/HDTDCnVasAMAFbXMt4IRnZo4
E+RvxL/xd8EsjUFgcZbm+1cHtg965lQuFVoH0jzgy4fwkW0EdS48NJ+eE2SE1qtU
3ihkW/gaqZC7euetsWJ7x6tppbXt5/I4qXTuJKVjy5Un3QXBkhK1y0OM67ZtOedh
94ovruKbUpeq3hREDAUvV/bYcXaZjEHSLgLJ8p9HGT4KEzz1WDGVZ8g5AwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFK4OMyZvBkvIqKjNByvSoJ9oEOdEMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvcmc0ekptOEdTOGlvcU0wSEs5S2duMmdRNTBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQAJTGRAwQA
JTGTAwQAJTGXAwQAXkqTAwQAXkqoAwQAXkqtAwQBbcugMAwDBACwLoEDBACwLoIw
DAMEALAuhQMEA7AugDANBgkqhkiG9w0BAQsFAAOCAQEAeJXWCqexbdrRwuZSH36b
3hu1e6dl0Y+2hCUyl6nvz+buD5PbNm4zKaLH5J4CRBcChhSCGxwabfeBXQFN0Rwd
6YWGSwXtNt74nBvstxP5QIcJPLbLAU84wSIcuvdm/GLlFmQZZL3eZe7ulm8uSHSp
MD6soGvV4EEozx5CWmUjFpMatLo0RPY9PhnhFjrfwNsE2sqPCExNSGZXGHgFMZ2q
kzlmTcs3QnxK6H6zqhNHaCjkTIRJ/8kpKd2GLRi0OpjjW8iSn36NrMtHVuA1ebR7
bm81VGUcmFGBKd4LcTyZzUxD+9tGpz2a6mlKj6kLhKCykddKNGAI+x0hh+9Sf2YZ
Rg==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:06:51 2025 by rpki-client