Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/snfhBLFZRVyHt5BdOu06N-fFe2Q.roa
File: snfhBLFZRVyHt5BdOu06N-fFe2Q.roa (raw, json)
Hash identifier: 0uH2a23sFaI4SSE0W5pU1Q5OScBcnS+8AswNg6oiwlI=
Subject key identifier: B2:77:E1:04:B1:59:45:5C:87:B7:90:5D:3A:ED:3A:37:E7:C5:7B:64
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 01928A3219730CAAE690A210D3949F3BC72E
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/snfhBLFZRVyHt5BdOu06N-fFe2Q.roa
Signing time: Mon 14 Oct 2024 08:43:12 +0000
ROA not before: Mon 14 Oct 2024 08:43:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 53356
IP address blocks: 37.49.144.0/24 maxlen: 24
94.74.152.0/22 maxlen: 24
109.203.166.0/24 maxlen: 24
109.203.168.0/21 maxlen: 24
109.203.176.0/21 maxlen: 24
109.203.184.0/21 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Oct 2024 08:39:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8a:32:19:73:0c:aa:e6:90:a2:10:d3:94:9f:3b:c7:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 14 08:43:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b277e104b159455c87b7905d3aed3a37e7c57b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:6d:0a:c3:14:0d:16:22:2a:22:e2:5d:2b:42:
0d:de:3a:b9:fb:4c:91:b6:be:9d:55:00:ad:2c:fb:
53:98:dc:ea:77:97:3e:4a:18:55:70:05:71:39:4d:
18:2d:6a:72:bc:0c:a0:f3:c8:1d:67:75:95:25:68:
8d:76:5b:49:7a:a4:77:0a:b5:3c:07:ba:29:fd:cd:
e2:64:ef:d3:c2:fe:2a:4c:1f:2f:b3:8f:4b:66:8c:
7d:cd:c9:22:f1:ad:30:d1:bf:3e:89:de:2a:35:fd:
e0:de:89:c7:57:06:78:79:42:74:af:0b:fb:08:fa:
64:38:1b:75:2f:7c:77:f5:88:f6:d5:32:d3:58:26:
1a:bc:50:da:e0:89:ca:8e:eb:b6:41:b9:39:ee:3d:
05:d6:e3:ba:f8:64:81:27:f3:5b:04:d7:79:b1:82:
b8:0c:6b:f8:f6:e6:5a:ba:ec:4d:a6:53:24:18:20:
f4:32:37:4b:e9:27:63:6e:e8:ba:69:6b:65:2a:96:
39:93:a0:df:72:92:d7:fc:71:37:d4:df:5e:41:95:
12:c7:5f:9c:ba:18:f8:90:3a:80:70:52:04:e0:cc:
ac:99:00:b7:47:2c:1e:83:b7:cc:35:c5:a1:bb:bb:
18:b4:d9:74:d0:80:0b:ba:f2:b5:4a:fb:02:ca:03:
87:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B2:77:E1:04:B1:59:45:5C:87:B7:90:5D:3A:ED:3A:37:E7:C5:7B:64
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/snfhBLFZRVyHt5BdOu06N-fFe2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.49.144.0/24
94.74.152.0/22
109.203.166.0/24
109.203.168.0-109.203.191.255
Signature Algorithm: sha256WithRSAEncryption
8a:b8:e7:a4:84:10:91:b9:dc:80:7f:d2:ff:12:d7:1c:17:dd:
54:3b:53:ce:c3:f2:31:e4:b7:7a:a4:cd:54:9b:80:1e:d0:5a:
48:8a:52:35:ee:b6:ea:34:a1:c7:23:40:14:9e:4e:ed:01:5f:
a0:a2:85:f9:84:23:28:4d:d8:82:08:ce:4b:fc:57:7f:eb:3c:
4e:c7:9d:15:43:f5:cd:76:b8:89:b1:df:92:47:00:56:e9:93:
b9:bc:c7:53:1f:5d:5f:cd:ce:03:e3:26:e7:2e:eb:68:02:c2:
c3:ac:29:56:ee:f4:2b:15:16:0b:ce:03:1d:04:7c:e6:1c:e1:
04:6c:9e:56:10:14:d9:04:d9:7b:5b:85:7a:b9:1f:d7:3f:a1:
9e:32:85:5a:c1:66:76:56:a1:47:6a:a0:bc:7a:a9:66:9f:8a:
17:f9:21:f2:03:67:71:d7:10:8e:dd:dc:da:49:a5:ab:51:a3:
82:b6:c9:61:f7:e3:1c:ee:35:f1:87:2c:20:df:71:e9:43:b3:
20:0d:77:c2:0a:83:98:dd:62:63:19:9f:64:0b:6a:c9:c1:25:
63:98:d5:46:3e:2d:f4:94:66:44:8d:a5:01:b7:69:6e:9b:b0:
e7:4f:6a:56:f6:fe:d4:57:40:71:9e:0e:00:81:60:ce:86:4e:
a7:88:ca:06
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZKKMhlzDKrmkKIQ05SfO8cuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjQxMDE0MDg0MzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMjc3ZTEwNGIxNTk0NTVjODdiNzkwNWQzYWVkM2EzN2U3YzU3YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8W0KwxQNFiIqIuJdK0IN3jq5+0yR
tr6dVQCtLPtTmNzqd5c+ShhVcAVxOU0YLWpyvAyg88gdZ3WVJWiNdltJeqR3CrU8
B7op/c3iZO/Twv4qTB8vs49LZox9zcki8a0w0b8+id4qNf3g3onHVwZ4eUJ0rwv7
CPpkOBt1L3x39Yj21TLTWCYavFDa4InKjuu2Qbk57j0F1uO6+GSBJ/NbBNd5sYK4
DGv49uZauuxNplMkGCD0MjdL6Sdjbui6aWtlKpY5k6DfcpLX/HE31N9eQZUSx1+c
uhj4kDqAcFIE4MysmQC3Ryweg7fMNcWhu7sYtNl00IALuvK1SvsCygOHxwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLJ34QSxWUVch7eQXTrtOjfnxXtkMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvc25maEJMRlpSVnlIdDVCZE91MDZOLWZGZTJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAJTGQAwQC
XkqYAwQAbcumMAwDBANty6gDBAZty4AwDQYJKoZIhvcNAQELBQADggEBAIq456SE
EJG53IB/0v8S1xwX3VQ7U87D8jHkt3qkzVSbgB7QWkiKUjXutuo0occjQBSeTu0B
X6CihfmEIyhN2IIIzkv8V3/rPE7HnRVD9c12uImx35JHAFbpk7m8x1MfXV/NzgPj
Jucu62gCwsOsKVbu9CsVFgvOAx0EfOYc4QRsnlYQFNkE2XtbhXq5H9c/oZ4yhVrB
ZnZWoUdqoLx6qWafihf5IfIDZ3HXEI7d3NpJpatRo4K2yWH34xzuNfGHLCDfcelD
syANd8IKg5jdYmMZn2QLasnBJWOY1UY+LfSUZkSNpQG3aW6bsOdPalb2/tRXQHGe
DgCBYM6GTqeIygY=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:56 2025 by rpki-client