Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-035ZhR7SwDvTDbijiau4imeqAI.roa
File: 1-035ZhR7SwDvTDbijiau4imeqAI.roa (raw, json)
Hash identifier: 1lklNhLBr7hgMmn1+pjuHhMivOSoktso3zsbSGhUTjA=
Subject key identifier: FB:4D:F9:66:14:7B:4B:00:EF:4C:36:E2:8E:26:AE:E2:29:9E:A8:02
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01948270A008D8B20F11CA7D7934311DA76B
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-035ZhR7SwDvTDbijiau4imeqAI.roa
Signing time: Mon 20 Jan 2025 06:40:06 +0000
ROA not before: Mon 20 Jan 2025 06:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 37.97.112.0/22 maxlen: 24
46.173.252.0/23 maxlen: 23
81.161.52.0/22 maxlen: 24
91.237.92.0/23 maxlen: 23
94.232.100.0/22 maxlen: 24
109.197.236.0/22 maxlen: 22
176.96.88.0/22 maxlen: 22
176.110.216.0/22 maxlen: 22
193.36.220.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 22 Jan 2025 13:44:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:82:70:a0:08:d8:b2:0f:11:ca:7d:79:34:31:1d:a7:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 20 06:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb4df966147b4b00ef4c36e28e26aee2299ea802
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:a3:ef:f2:49:8a:84:eb:ef:d8:67:19:bb:82:
0a:c2:f6:b5:3e:e0:0b:47:ee:f2:80:3a:ab:5d:62:
02:20:39:40:fb:ea:bb:0a:6b:6f:f1:8a:dd:da:d0:
19:d9:1a:93:3b:b6:e2:16:c5:55:b1:18:cf:38:91:
e0:8c:e9:48:a7:92:43:b4:98:de:fb:e7:58:f8:58:
35:5b:99:c1:f5:d0:81:68:be:35:df:ad:f3:4d:c5:
3e:05:19:4a:97:9d:b5:1e:3d:d1:ec:43:6c:8a:cd:
c5:46:88:e4:e5:5a:2b:45:14:d8:38:b5:a7:64:b1:
ca:93:1d:90:f1:75:2e:c4:44:88:60:57:8c:67:82:
b7:7f:d6:fb:5e:f3:12:88:3e:41:ff:4b:26:ad:bd:
e3:15:1c:6e:55:57:de:93:5a:95:ec:32:e0:a0:0a:
5c:32:d6:0a:ac:cc:f3:e3:ae:5f:f2:2d:cb:3a:ee:
c3:ce:c7:16:ae:3b:2a:f0:ab:c4:ae:b2:95:ad:30:
3c:58:a2:d7:2f:73:45:7b:50:d5:61:06:38:8c:fb:
63:5f:e3:a6:fd:5d:aa:02:ec:33:e3:0a:20:0f:d5:
27:dc:8d:e3:0d:76:c9:6f:34:2c:dc:8e:3a:d9:87:
51:e1:0d:63:c9:41:7a:ee:ce:1f:ac:2b:1b:af:7c:
2b:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:4D:F9:66:14:7B:4B:00:EF:4C:36:E2:8E:26:AE:E2:29:9E:A8:02
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/1-035ZhR7SwDvTDbijiau4imeqAI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.112.0/22
46.173.252.0/23
81.161.52.0/22
91.237.92.0/23
94.232.100.0/22
109.197.236.0/22
176.96.88.0/22
176.110.216.0/22
193.36.220.0/23
Signature Algorithm: sha256WithRSAEncryption
60:d8:40:71:b5:e1:68:6f:b9:84:31:85:d0:df:b2:7d:f8:68:
42:43:70:1a:28:85:8d:f0:4b:8b:98:26:ba:43:36:27:8e:cd:
8c:73:c9:a3:bd:1b:62:7f:a8:61:3a:68:8c:38:9c:0a:b3:bf:
19:6c:24:3d:36:97:1d:52:fe:b5:99:93:1e:6d:4c:b7:cd:0a:
ec:af:ac:a1:1b:bf:e1:04:2c:53:68:64:2a:7e:80:08:53:9b:
33:3e:66:b2:75:66:58:dd:43:9e:e9:42:e4:6e:46:47:e3:d6:
59:27:54:d1:2a:57:64:4f:b7:21:6d:fa:16:ff:d6:ba:bf:e2:
ac:cd:e0:7a:64:8e:5d:7b:46:8f:8f:a5:cd:b6:a9:8c:59:e1:
11:ff:7c:3d:24:a5:c9:09:22:76:ac:bd:8f:f9:2b:e2:82:59:
f2:d4:c7:b8:77:f8:44:97:93:47:59:18:82:a6:5e:5c:a0:16:
f6:13:2e:4a:fa:8c:df:86:b9:a4:3e:60:2b:8c:fe:94:12:37:
cd:8c:14:37:1c:cf:14:f5:1a:b5:79:27:3f:77:63:93:74:be:
4d:54:bb:26:7f:cd:a8:63:1f:44:80:04:83:34:70:49:95:61:
8a:8c:26:24:70:55:69:fa:c6:3b:c2:74:4d:02:1b:97:d5:16:
cd:75:77:49
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZSCcKAI2LIPEcp9eTQxHadrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwMTIwMDY0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjRkZjk2NjE0N2I0YjAwZWY0YzM2ZTI4ZTI2YWVlMjI5OWVhODAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5qPv8kmKhOvv2GcZu4IKwva1PuAL
R+7ygDqrXWICIDlA++q7Cmtv8Yrd2tAZ2RqTO7biFsVVsRjPOJHgjOlIp5JDtJje
++dY+Fg1W5nB9dCBaL41363zTcU+BRlKl521Hj3R7ENsis3FRojk5VorRRTYOLWn
ZLHKkx2Q8XUuxESIYFeMZ4K3f9b7XvMSiD5B/0smrb3jFRxuVVfek1qV7DLgoApc
MtYKrMzz465f8i3LOu7DzscWrjsq8KvErrKVrTA8WKLXL3NFe1DVYQY4jPtjX+Om
/V2qAuwz4wogD9Un3I3jDXbJbzQs3I462YdR4Q1jyUF67s4frCsbr3wr+wIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFPtN+WYUe0sA70w24o4mruIpnqgCMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvMS0wMzVaaFI3U3dEdlREYmlqaWF1NGltZXFBSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmQvY2RmNWY2LTJmMTgtNDJjNy05MzBlLWRjMDZkZDgwNTk2
MC8xL05KeTcxY0xQUVpYTWJzZnlIMkIxZ2FBaVRhby5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBPBggrBgEFBQcBBwEB/wRAMD4wPAQCAAEwNgMEAiVhcAME
AS6t/AMEAlGhNAMEAVvtXAMEAl7oZAMEAm3F7AMEArBgWAMEArBu2AMEAcEk3DAN
BgkqhkiG9w0BAQsFAAOCAQEAYNhAcbXhaG+5hDGF0N+yffhoQkNwGiiFjfBLi5gm
ukM2J47NjHPJo70bYn+oYTpojDicCrO/GWwkPTaXHVL+tZmTHm1Mt80K7K+soRu/
4QQsU2hkKn6ACFObMz5msnVmWN1DnulC5G5GR+PWWSdU0SpXZE+3IW36Fv/Wur/i
rM3gemSOXXtGj4+lzbapjFnhEf98PSSlyQkidqy9j/kr4oJZ8tTHuHf4RJeTR1kY
gqZeXKAW9hMuSvqM34a5pD5gK4z+lBI3zYwUNxzPFPUatXknP3djk3S+TVS7Jn/N
qGMfRIAEgzRwSZVhiowmJHBVafrGO8J0TQIbl9UWzXV3SQ==
-----END CERTIFICATE-----
Generated at Sun Apr 6 04:37:48 2025 by rpki-client