Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/R36ZlszKC1P15gwHA8TLeRDnLDY.roa
File: R36ZlszKC1P15gwHA8TLeRDnLDY.roa (raw, json)
Hash identifier: 1muLxkJ4R6noz9sCCTAsxUgOnK4LHCcX9fdWZs7szng=
Subject key identifier: 47:7E:99:96:CC:CA:0B:53:F5:E6:0C:07:03:C4:CB:79:10:E7:2C:36
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 0192C34B7E28FB8F80DC35C7B23B1D49CEB4
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/R36ZlszKC1P15gwHA8TLeRDnLDY.roa
Signing time: Fri 25 Oct 2024 10:49:17 +0000
ROA not before: Fri 25 Oct 2024 10:49:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12389
IP address blocks: 92.253.232.0/24 maxlen: 24
95.47.152.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 28 Oct 2024 11:14:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:4b:7e:28:fb:8f:80:dc:35:c7:b2:3b:1d:49:ce:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Oct 25 10:49:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=477e9996ccca0b53f5e60c0703c4cb7910e72c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:f3:e0:76:80:18:25:8e:ab:47:f4:5f:40:0f:
da:03:09:1a:95:7f:25:a0:67:d9:71:a3:a7:08:8d:
5b:74:54:3b:c8:da:8c:4e:1e:bd:40:b4:b2:c2:53:
b3:d2:d4:5a:a2:70:6e:39:01:3b:8f:0d:6c:69:ef:
fc:3b:cb:ca:be:2e:05:af:a3:47:05:ca:41:28:93:
af:7c:f1:35:0d:3f:06:22:d7:d2:b7:17:6c:0b:62:
f7:dc:5e:d2:6a:6d:1f:f1:a2:76:4c:c0:69:af:6b:
1f:56:f9:dd:ce:b3:d8:12:68:e5:6d:4e:72:53:44:
cc:37:f9:3e:9f:5a:d8:6c:3e:6a:9d:48:ef:2b:da:
44:97:a3:b8:1b:fe:5b:7e:9d:6b:6c:07:8e:21:3b:
5a:6f:bc:36:80:58:34:80:0e:6c:1b:23:90:14:c6:
dc:0c:f0:0c:df:24:9c:d9:6a:71:fb:9c:43:46:49:
0d:b6:e9:30:37:44:35:f8:a6:2e:f9:d0:c2:9a:dd:
5a:b3:60:68:fa:8d:48:ef:66:fe:d8:b1:d3:ee:5a:
29:d7:43:32:23:ef:1d:2e:99:98:14:9f:56:7b:49:
3d:5a:1a:ba:e9:6a:b2:9f:00:03:b9:7b:53:40:4c:
e9:f6:fe:5b:b8:66:6e:71:8a:6c:6b:e9:8f:2e:60:
8d:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7E:99:96:CC:CA:0B:53:F5:E6:0C:07:03:C4:CB:79:10:E7:2C:36
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/R36ZlszKC1P15gwHA8TLeRDnLDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.253.232.0/24
95.47.152.0/24
Signature Algorithm: sha256WithRSAEncryption
07:36:87:82:95:53:a1:c5:32:9d:f4:11:e6:94:91:5b:0c:6e:
47:fd:c7:bc:a1:05:12:36:d9:d3:77:49:55:8a:b6:7c:da:67:
99:c1:6f:bb:4f:09:2d:81:01:01:a0:a0:a9:17:9e:ee:6f:76:
92:4f:89:a2:7d:27:2b:24:8e:86:32:fc:10:dd:96:80:a3:73:
fc:9c:36:24:ed:49:60:e2:82:22:42:a7:f3:db:2c:0f:db:e8:
a2:0d:80:c0:f9:cf:a0:cd:de:72:96:12:dd:32:a4:32:b4:60:
bf:7c:23:20:f2:a1:18:eb:7a:88:a8:ac:3b:4e:90:91:23:4e:
01:4f:49:01:d8:5c:aa:df:7a:a7:e3:ec:47:b0:72:d8:26:f4:
00:4a:15:e0:05:30:b6:c2:0e:ac:73:04:14:a3:a9:43:13:56:
96:bf:11:39:3e:cc:da:5d:30:b9:02:ac:6f:8b:96:fc:75:8b:
d8:97:00:6a:32:52:21:cb:2e:8c:f8:a1:5e:94:be:0a:dc:1e:
5e:0f:5a:86:f2:7c:94:ee:61:a5:26:6b:6c:12:a9:44:5f:cf:
1e:57:8b:a2:6b:57:7f:28:82:33:2e:77:4d:e8:04:2d:60:0f:
a7:17:70:96:55:e3:c0:6b:33:0d:ae:ec:f0:0a:1e:d9:20:db:
2e:e3:f6:70
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZLDS34o+4+A3DXHsjsdSc60MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQxMDI1MTA0OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzdlOTk5NmNjY2EwYjUzZjVlNjBjMDcwM2M0Y2I3OTEwZTcyYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0/PgdoAYJY6rR/RfQA/aAwkalX8l
oGfZcaOnCI1bdFQ7yNqMTh69QLSywlOz0tRaonBuOQE7jw1sae/8O8vKvi4Fr6NH
BcpBKJOvfPE1DT8GItfStxdsC2L33F7Sam0f8aJ2TMBpr2sfVvndzrPYEmjlbU5y
U0TMN/k+n1rYbD5qnUjvK9pEl6O4G/5bfp1rbAeOITtab7w2gFg0gA5sGyOQFMbc
DPAM3ySc2Wpx+5xDRkkNtukwN0Q1+KYu+dDCmt1as2Bo+o1I72b+2LHT7lop10My
I+8dLpmYFJ9We0k9Whq66WqynwADuXtTQEzp9v5buGZucYpsa+mPLmCNBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEd+mZbMygtT9eYMBwPEy3kQ5yw2MB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvUjM2WmxzektDMVAxNWd3SEE4VExlUkRuTERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXP3oAwQA
Xy+YMA0GCSqGSIb3DQEBCwUAA4IBAQAHNoeClVOhxTKd9BHmlJFbDG5H/ce8oQUS
NtnTd0lVirZ82meZwW+7TwktgQEBoKCpF57ub3aST4mifScrJI6GMvwQ3ZaAo3P8
nDYk7Ulg4oIiQqfz2ywP2+iiDYDA+c+gzd5ylhLdMqQytGC/fCMg8qEY63qIqKw7
TpCRI04BT0kB2Fyq33qn4+xHsHLYJvQAShXgBTC2wg6scwQUo6lDE1aWvxE5Psza
XTC5Aqxvi5b8dYvYlwBqMlIhyy6M+KFelL4K3B5eD1qG8nyU7mGlJmtsEqlEX88e
V4uia1d/KIIzLndN6AQtYA+nF3CWVePAazMNruzwCh7ZINsu4/Zw
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:15:27 2025 by rpki-client