Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/rhhsLoW8Jbq8xfUR2HrJCSrMKVI.roa
File: rhhsLoW8Jbq8xfUR2HrJCSrMKVI.roa (raw, json)
Hash identifier: Kkesz88Oj94sAcqbKLd461txST6fU99DjMMt7nqcN6I=
Subject key identifier: AE:18:6C:2E:85:BC:25:BA:BC:C5:F5:11:D8:7A:C9:09:2A:CC:29:52
Certificate issuer: /CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Certificate serial: 0191CC54E9D5B8D6241991B725812E31BD35
Authority key identifier: 24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/rhhsLoW8Jbq8xfUR2HrJCSrMKVI.roa
Signing time: Sat 07 Sep 2024 11:53:22 +0000
ROA not before: Sat 07 Sep 2024 11:53:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 37.153.153.0/24 maxlen: 24
37.153.154.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 15:47:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cc:54:e9:d5:b8:d6:24:19:91:b7:25:81:2e:31:bd:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2415bf9c61c85db7c99ac4cdf79257e7997ab77c
Validity
Not Before: Sep 7 11:53:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ae186c2e85bc25babcc5f511d87ac9092acc2952
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8f:6c:09:76:8a:ac:2d:3f:f7:3b:fc:47:03:
de:62:1a:bc:ee:fe:b4:96:ec:7b:a0:8d:18:ac:32:
08:e0:f5:88:e9:2a:be:80:9f:93:93:b1:2a:8c:52:
bd:98:73:23:2b:e6:b4:97:08:79:d0:bb:af:db:a5:
93:c3:54:7f:32:72:80:1f:fb:7f:ae:aa:71:83:63:
4f:1b:44:a3:a5:55:24:78:c6:78:7f:aa:00:b3:cf:
0b:b7:1b:a0:24:77:e0:05:24:73:94:d3:2f:71:0c:
94:86:7f:27:2d:44:56:ac:0f:a1:59:1e:b0:6d:0c:
62:9c:57:99:e5:ab:c3:2b:5b:69:e2:ee:e7:69:2b:
22:15:a4:9b:95:ca:7c:15:01:c6:a8:4c:d2:6a:e1:
8e:af:cd:40:64:d2:05:e8:a8:b2:be:1e:89:65:07:
d4:1d:51:90:57:6b:86:16:8b:40:a0:e0:58:0a:8b:
f3:af:3e:ee:b6:cc:d6:1a:7c:ad:ac:4e:e1:82:cc:
37:38:3d:81:53:0b:5a:5c:9b:dc:bd:4e:f8:80:46:
50:99:ad:80:df:6e:99:de:75:c9:a8:56:e4:ee:9f:
d2:7b:5b:77:85:c2:67:79:d3:bf:35:8c:7f:d3:37:
77:86:21:71:64:1d:79:2a:53:08:cc:1c:d5:06:68:
b1:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:18:6C:2E:85:BC:25:BA:BC:C5:F5:11:D8:7A:C9:09:2A:CC:29:52
X509v3 Authority Key Identifier:
keyid:24:15:BF:9C:61:C8:5D:B7:C9:9A:C4:CD:F7:92:57:E7:99:7A:B7:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBW_nGHIXbfJmsTN95JX55l6t3w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/rhhsLoW8Jbq8xfUR2HrJCSrMKVI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/3389eb-1857-49d2-841c-6a18dc8816db/1/JBW_nGHIXbfJmsTN95JX55l6t3w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.153.0-37.153.154.255
Signature Algorithm: sha256WithRSAEncryption
79:a3:71:78:ad:71:7d:da:70:b0:9f:c3:f5:8a:f8:e1:01:36:
2c:30:e3:be:80:2b:98:1c:12:8a:69:d7:c0:fb:54:2c:9b:2f:
9b:4b:2f:d0:c7:6c:67:33:cc:7d:fd:24:4c:a6:fa:02:06:8a:
a1:35:08:25:29:71:af:da:12:f3:b4:91:0e:69:e7:ff:04:c8:
1b:1b:c1:8d:d0:01:03:0a:53:fa:bf:26:5a:9a:c8:29:b9:0a:
ea:ac:d3:99:f7:e9:86:42:cb:1a:6c:2d:6f:3a:25:84:01:46:
3c:41:58:63:55:f1:49:41:ba:e8:92:3e:32:d7:f1:f9:b6:13:
44:c6:17:00:93:ad:cc:94:24:da:ee:23:35:29:f5:8f:46:38:
80:d9:4a:b9:bf:3e:28:4c:ff:5d:d1:06:d6:7f:af:ee:e4:7c:
1f:08:29:80:f7:bb:e8:0e:c3:63:ba:ec:2b:8f:53:b8:57:d9:
5c:ff:8c:85:8a:73:ac:a4:b3:44:84:95:90:93:da:ee:49:49:
ab:73:9c:38:9d:2a:9c:f3:e2:d7:98:8a:e4:99:ff:e5:17:ad:
c6:24:da:b0:26:ab:68:c3:51:37:6e:ed:39:e8:15:47:92:86:
97:3a:94:3f:bd:d6:ee:9c:36:c2:c2:72:4c:42:7d:a2:14:55:
89:13:af:be
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZHMVOnVuNYkGZG3JYEuMb01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTViZjljNjFjODVkYjdjOTlhYzRjZGY3OTI1N2U3OTk3
YWI3N2MwHhcNMjQwOTA3MTE1MzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTE4NmMyZTg1YmMyNWJhYmNjNWY1MTFkODdhYzkwOTJhY2MyOTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwI9sCXaKrC0/9zv8RwPeYhq87v60
lux7oI0YrDII4PWI6Sq+gJ+Tk7EqjFK9mHMjK+a0lwh50Luv26WTw1R/MnKAH/t/
rqpxg2NPG0SjpVUkeMZ4f6oAs88LtxugJHfgBSRzlNMvcQyUhn8nLURWrA+hWR6w
bQxinFeZ5avDK1tp4u7naSsiFaSblcp8FQHGqEzSauGOr81AZNIF6Kiyvh6JZQfU
HVGQV2uGFotAoOBYCovzrz7utszWGnytrE7hgsw3OD2BUwtaXJvcvU74gEZQma2A
326Z3nXJqFbk7p/Se1t3hcJnedO/NYx/0zd3hiFxZB15KlMIzBzVBmixdwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFK4YbC6FvCW6vMX1Edh6yQkqzClSMB8GA1UdIwQY
MBaAFCQVv5xhyF23yZrEzfeSV+eZerd8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMt
NmExOGRjODgxNmRiLzEvcmhoc0xvVzhKYnE4eGZVUjJIckpDU3JNS1ZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8zMzg5ZWItMTg1Ny00OWQyLTg0MWMtNmExOGRjODgxNmRi
LzEvSkJXX25HSElYYmZKbXNUTjk1Slg1NWw2dDN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlmZkD
BAAlmZowDQYJKoZIhvcNAQELBQADggEBAHmjcXitcX3acLCfw/WK+OEBNiww476A
K5gcEopp18D7VCybL5tLL9DHbGczzH39JEym+gIGiqE1CCUpca/aEvO0kQ5p5/8E
yBsbwY3QAQMKU/q/JlqayCm5Cuqs05n36YZCyxpsLW86JYQBRjxBWGNV8UlBuuiS
PjLX8fm2E0TGFwCTrcyUJNruIzUp9Y9GOIDZSrm/PihM/13RBtZ/r+7kfB8IKYD3
u+gOw2O67CuPU7hX2Vz/jIWKc6yks0SElZCT2u5JSatznDidKpzz4teYiuSZ/+UX
rcYk2rAmq2jDUTdu7TnoFUeShpc6lD+91u6cNsLCckxCfaIUVYkTr74=
-----END CERTIFICATE-----
Generated at Thu Mar 13 21:27:03 2025 by rpki-client