Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RFc79XAuqM4Yo_UdIx6WUvbrqlI.roa
File: RFc79XAuqM4Yo_UdIx6WUvbrqlI.roa (raw, json)
Hash identifier: 40m33svNc3N1qh2ktzJhegOeQMwWtEe807tOxl205w8=
Subject key identifier: 44:57:3B:F5:70:2E:A8:CE:18:A3:F5:1D:23:1E:96:52:F6:EB:AA:52
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 018FD9A7DBA7804B35EBAA679782E10DF09F
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RFc79XAuqM4Yo_UdIx6WUvbrqlI.roa
Signing time: Sun 02 Jun 2024 15:53:27 +0000
ROA not before: Sun 02 Jun 2024 15:53:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198154
IP address blocks: 37.32.47.0/24 maxlen: 24
178.239.145.0/24 maxlen: 24
185.215.231.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 22 Dec 2024 20:40:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d9:a7:db:a7:80:4b:35:eb:aa:67:97:82:e1:0d:f0:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Jun 2 15:53:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44573bf5702ea8ce18a3f51d231e9652f6ebaa52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:29:12:93:41:0d:00:81:18:6b:c9:e0:bc:7f:
9b:a7:34:3b:c3:47:4c:49:30:a5:31:90:3d:7f:db:
8e:f0:7f:cd:06:8f:6b:cb:bb:f0:08:74:a7:f1:ba:
9c:64:05:3c:5f:04:f4:a2:65:b7:62:5f:60:94:33:
1d:f7:6b:0a:1f:5b:d5:23:75:1d:57:94:4d:48:19:
8a:59:73:09:1d:02:e3:f9:76:4d:11:0d:c9:8a:c1:
da:3e:4b:b3:f7:6d:4e:fb:53:0c:39:83:c7:53:65:
ef:54:7e:11:98:61:f6:ef:c3:54:ef:ce:26:a3:17:
41:53:00:71:c5:ee:f3:f8:72:65:32:7f:08:0f:ca:
5a:bf:0d:56:47:17:7e:c7:6d:15:73:00:43:1a:87:
8f:e7:f7:4f:e2:3a:7f:73:77:82:2b:89:f3:9b:89:
5b:10:db:d7:da:79:fb:37:ac:71:69:57:85:1a:c9:
1c:ca:cf:04:f3:85:c1:0b:d7:92:5f:2f:39:46:97:
68:15:17:e8:48:62:94:ad:b0:7b:55:44:74:09:63:
2c:1c:61:8c:9b:4c:8e:7c:75:d3:b4:42:09:18:7e:
83:4f:7e:b5:fd:c4:32:c9:9b:1a:7d:33:2d:13:72:
3e:66:00:9b:5c:26:9d:26:95:45:8d:35:78:6c:d9:
0d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:57:3B:F5:70:2E:A8:CE:18:A3:F5:1D:23:1E:96:52:F6:EB:AA:52
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/RFc79XAuqM4Yo_UdIx6WUvbrqlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.47.0/24
178.239.145.0/24
185.215.231.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:f3:52:eb:ca:2d:87:0e:e0:aa:d1:18:8c:28:6b:2d:4d:c7:
77:52:b9:b1:9d:37:a7:3a:1f:d3:89:2c:a0:6e:61:0e:43:2b:
89:44:97:fd:7d:fc:03:27:4c:bb:61:d0:a2:c2:40:12:95:e9:
78:9e:8d:80:92:fd:68:a9:f6:94:43:7e:e0:18:31:03:99:7d:
dc:df:45:0d:35:8a:0a:7a:fd:55:0d:2b:2f:27:40:3f:10:9f:
9e:9f:ee:9f:71:f3:6a:98:60:bd:59:97:70:11:aa:d8:2f:55:
22:55:3b:fb:ac:f6:b6:00:da:a7:f6:81:a7:bc:20:13:28:ad:
ab:ae:78:fb:24:d3:47:43:5b:15:1a:cb:6d:ab:0f:36:c4:09:
0c:5c:a3:c8:75:bb:be:91:65:b8:e0:c3:41:ce:ab:4b:f7:7f:
99:75:12:d7:58:ca:d0:12:32:fc:c0:a8:45:c4:ad:db:41:35:
82:52:92:81:37:da:79:38:d4:3e:86:da:26:1a:af:29:5a:09:
71:3e:93:58:d2:1a:45:d7:22:48:1f:2e:dc:eb:45:87:83:41:
c3:0a:26:f2:dd:18:54:2f:c9:bf:01:8a:f7:4c:89:70:bd:e1:
0e:0d:72:b9:50:b0:59:9f:23:3b:b3:f2:7f:82:a1:e1:07:b2:
32:97:15:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/Zp9ungEs166pnl4LhDfCfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwNjAyMTU1MzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDU3M2JmNTcwMmVhOGNlMThhM2Y1MWQyMzFlOTY1MmY2ZWJhYTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzSkSk0ENAIEYa8ngvH+bpzQ7w0dM
STClMZA9f9uO8H/NBo9ry7vwCHSn8bqcZAU8XwT0omW3Yl9glDMd92sKH1vVI3Ud
V5RNSBmKWXMJHQLj+XZNEQ3JisHaPkuz921O+1MMOYPHU2XvVH4RmGH278NU784m
oxdBUwBxxe7z+HJlMn8ID8pavw1WRxd+x20VcwBDGoeP5/dP4jp/c3eCK4nzm4lb
ENvX2nn7N6xxaVeFGskcys8E84XBC9eSXy85RpdoFRfoSGKUrbB7VUR0CWMsHGGM
m0yOfHXTtEIJGH6DT361/cQyyZsafTMtE3I+ZgCbXCadJpVFjTV4bNkNhQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFERXO/VwLqjOGKP1HSMellL266pSMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvUkZjNzlYQXVxTTRZb19VZEl4NldVdmJycWxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJSAvAwQA
su+RAwQAudfnMA0GCSqGSIb3DQEBCwUAA4IBAQCy81Lryi2HDuCq0RiMKGstTcd3
UrmxnTenOh/TiSygbmEOQyuJRJf9ffwDJ0y7YdCiwkASlel4no2Akv1oqfaUQ37g
GDEDmX3c30UNNYoKev1VDSsvJ0A/EJ+en+6fcfNqmGC9WZdwEarYL1UiVTv7rPa2
ANqn9oGnvCATKK2rrnj7JNNHQ1sVGsttqw82xAkMXKPIdbu+kWW44MNBzqtL93+Z
dRLXWMrQEjL8wKhFxK3bQTWCUpKBN9p5ONQ+htomGq8pWglxPpNY0hpF1yJIHy7c
60WHg0HDCiby3RhUL8m/AYr3TIlwveEODXK5ULBZnyM7s/J/gqHhB7IylxXC
-----END CERTIFICATE-----
Generated at Sun Feb 16 22:04:43 2025 by rpki-client