Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/Shiy5ySzilxo0w3HKBDkPs7eVbk.roa
File: Shiy5ySzilxo0w3HKBDkPs7eVbk.roa (raw, json)
Hash identifier: bfG9MLzvRV8PGr0G2LCvycVVLuliVk2PiXzwhwD+XRo=
Subject key identifier: 4A:18:B2:E7:24:B3:8A:5C:68:D3:0D:C7:28:10:E4:3E:CE:DE:55:B9
Certificate issuer: /CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Certificate serial: 0194D6248A7C6ED2FBA2F09008FE00E6E960
Authority key identifier: 24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/Shiy5ySzilxo0w3HKBDkPs7eVbk.roa
Signing time: Wed 05 Feb 2025 12:45:06 +0000
ROA not before: Wed 05 Feb 2025 12:45:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.153.152.0/24 maxlen: 24
37.153.153.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Feb 2025 17:52:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:d6:24:8a:7c:6e:d2:fb:a2:f0:90:08:fe:00:e6:e9:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Validity
Not Before: Feb 5 12:45:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a18b2e724b38a5c68d30dc72810e43ecede55b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7d:f8:5d:8d:fc:13:ec:47:ad:9b:cc:b8:7d:
57:63:d7:d3:b4:ce:53:be:5f:2b:c1:d1:b2:24:c7:
98:08:56:84:77:5e:37:23:ab:51:85:a1:ba:6f:31:
c5:60:dd:7e:c1:25:0a:83:1d:37:ee:59:6a:73:c9:
32:2c:91:51:07:6c:2a:9b:03:3f:53:14:cd:8b:c8:
9a:7b:e3:76:cd:eb:af:fe:de:dd:a9:3e:29:8c:cb:
3a:cc:29:92:50:9e:a7:e0:37:5a:8a:82:d2:2a:5a:
60:0a:63:67:92:d2:fa:9e:93:1f:ab:c8:68:8a:31:
81:46:e5:d8:c3:55:9e:64:b1:b4:af:f6:d8:61:52:
fc:cb:07:f3:d2:7e:de:95:12:71:7d:b6:a4:3e:8e:
79:cd:fd:b9:89:47:92:52:46:21:28:c9:c3:14:ac:
f0:6f:60:e7:60:bc:7c:91:f6:95:69:27:3d:fc:5d:
50:9d:55:43:4e:24:dd:19:44:50:33:32:59:36:84:
1c:0d:03:58:b7:40:ac:8f:31:69:22:09:d1:ca:db:
d7:49:f5:b4:5c:e8:f3:1c:99:9f:bb:c5:53:81:d6:
cb:fc:d5:2e:eb:d6:67:ee:b9:12:93:b7:dc:73:9d:
7f:60:c7:de:85:4e:58:2a:c8:08:ff:99:df:0a:68:
d1:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:18:B2:E7:24:B3:8A:5C:68:D3:0D:C7:28:10:E4:3E:CE:DE:55:B9
X509v3 Authority Key Identifier:
keyid:24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/Shiy5ySzilxo0w3HKBDkPs7eVbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.152.0/23
Signature Algorithm: sha256WithRSAEncryption
65:b8:87:5a:eb:95:7e:60:26:bd:8f:f1:15:02:d6:f7:80:17:
2a:54:3b:94:ba:1a:a7:d7:16:cb:9e:33:66:a0:7d:e2:ef:f7:
5f:f5:ff:a7:05:9d:55:e8:e1:4e:ce:89:6a:0c:96:ff:6e:d7:
63:66:40:f7:cf:80:5c:39:3b:50:f0:fa:50:16:4f:4e:08:15:
df:7e:22:2d:c7:aa:17:b4:ec:6a:5c:ae:f7:ea:14:f6:c2:50:
54:22:4c:f7:ab:b1:7e:9a:a0:41:28:7f:64:80:d9:e8:29:cd:
6b:09:4b:77:44:9f:f0:e1:7f:12:3a:83:5a:77:68:47:dd:e9:
d5:ce:12:da:64:50:50:50:a8:cb:d8:2e:0f:88:cd:77:c7:df:
50:dc:7a:d5:bc:74:09:92:6e:5a:8f:86:37:a4:19:fb:58:af:
8d:4d:1c:8e:64:84:df:97:b7:ac:ae:71:11:4f:16:80:74:02:
c6:46:58:f0:15:67:85:df:31:a6:69:5f:09:34:43:50:b2:14:
fb:b0:e8:6d:25:09:b4:4a:ea:a6:d0:56:96:fc:74:20:bb:5d:
37:0e:09:cf:55:9a:ec:94:d5:d3:6c:c4:66:46:5f:6c:6a:09:
30:b5:67:10:65:42:87:e0:37:44:c3:6b:c0:b3:9d:f8:d3:9a:
37:5e:f9:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZTWJIp8btL7ovCQCP4A5ulgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTViZjljNjFjODVkYjdjOTlhYzRjZGY3OTI1N2U3OTk3
YWI3N2MwHhcNMjUwMjA1MTI0NTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTE4YjJlNzI0YjM4YTVjNjhkMzBkYzcyODEwZTQzZWNlZGU1NWI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm334XY38E+xHrZvMuH1XY9fTtM5T
vl8rwdGyJMeYCFaEd143I6tRhaG6bzHFYN1+wSUKgx037llqc8kyLJFRB2wqmwM/
UxTNi8iae+N2zeuv/t7dqT4pjMs6zCmSUJ6n4DdaioLSKlpgCmNnktL6npMfq8ho
ijGBRuXYw1WeZLG0r/bYYVL8ywfz0n7elRJxfbakPo55zf25iUeSUkYhKMnDFKzw
b2DnYLx8kfaVaSc9/F1QnVVDTiTdGURQMzJZNoQcDQNYt0CsjzFpIgnRytvXSfW0
XOjzHJmfu8VTgdbL/NUu69Zn7rkSk7fcc51/YMfehU5YKsgI/5nfCmjRcwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEoYsucks4pcaNMNxygQ5D7O3lW5MB8GA1UdIwQY
MBaAFCQVv5xhyF23yZrEzfeSV+eZerd8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMt
NmExOGRjODgxNmRiLzEvU2hpeTV5U3ppbHhvMHczSEtCRGtQczdlVmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMtNmExOGRjODgxNmRi
LzEvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJZmYMA0G
CSqGSIb3DQEBCwUAA4IBAQBluIda65V+YCa9j/EVAtb3gBcqVDuUuhqn1xbLnjNm
oH3i7/df9f+nBZ1V6OFOzolqDJb/btdjZkD3z4BcOTtQ8PpQFk9OCBXffiItx6oX
tOxqXK736hT2wlBUIkz3q7F+mqBBKH9kgNnoKc1rCUt3RJ/w4X8SOoNad2hH3enV
zhLaZFBQUKjL2C4PiM13x99Q3HrVvHQJkm5aj4Y3pBn7WK+NTRyOZITfl7esrnER
TxaAdALGRljwFWeF3zGmaV8JNENQshT7sOhtJQm0Suqm0FaW/HQgu103DgnPVZrs
lNXTbMRmRl9sagkwtWcQZUKH4DdEw2vAs53405o3XvlS
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:05:47 2025 by rpki-client