Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DfMnh4Rjmy0_TJODnzQdM3YkMVQ.roa
File: DfMnh4Rjmy0_TJODnzQdM3YkMVQ.roa (raw, json)
Hash identifier: XEEvfy+WRDC2//XcSmoSwuH5j7YydnFk/JRK8yqLMnk=
Subject key identifier: 0D:F3:27:87:84:63:9B:2D:3F:4C:93:83:9F:34:1D:33:76:24:31:54
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019423D8010998DDB8B89C37DDB877A2BAD7
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DfMnh4Rjmy0_TJODnzQdM3YkMVQ.roa
Signing time: Wed 01 Jan 2025 21:49:05 +0000
ROA not before: Wed 01 Jan 2025 21:49:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215590
IP address blocks: 37.46.20.0/22 maxlen: 24
150.241.106.0/23 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
150.241.123.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 07 Jan 2025 22:53:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d8:01:09:98:dd:b8:b8:9c:37:dd:b8:77:a2:ba:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Jan 1 21:49:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0df3278784639b2d3f4c93839f341d3376243154
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:40:c7:d1:6a:15:57:a6:b0:18:92:9a:be:72:
10:8d:ec:5c:d4:56:4c:56:c8:ef:b9:cc:11:b5:ca:
4a:50:dc:73:87:0b:1e:72:45:c2:7e:be:51:91:67:
ea:8e:59:9f:bd:13:86:e2:fd:fe:be:2e:5b:61:89:
2f:1f:f2:c9:49:ee:c2:2e:a4:7c:6a:be:df:fb:df:
04:f1:65:df:56:da:80:5e:a0:c4:3d:d1:9f:1c:d6:
46:8d:06:c3:f6:e0:f6:e1:7e:cc:b2:65:0d:3a:bb:
8b:b6:58:35:ec:cf:a4:9e:06:0f:34:b0:37:11:b4:
f7:a2:73:a3:40:b7:5b:4a:28:23:42:4a:43:13:6e:
76:19:d2:ac:32:d8:66:57:51:81:39:7d:69:41:e5:
25:6a:e6:d1:8a:3e:68:ef:4c:5a:8e:20:b4:5b:0f:
ac:83:5d:f4:37:ce:a9:23:5c:1b:b6:cd:54:20:9a:
88:ed:70:48:0a:ef:26:8e:a1:14:b0:86:83:14:01:
2d:36:0b:2f:82:c1:14:0a:38:5a:fd:96:08:ee:6a:
e8:24:1e:07:96:32:81:f6:94:61:11:76:a9:9b:fc:
b6:f6:c5:95:3d:86:be:3d:7a:02:eb:25:58:b9:3c:
7b:b7:93:70:e0:83:4a:b4:e3:9e:85:58:76:5d:64:
fb:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F3:27:87:84:63:9B:2D:3F:4C:93:83:9F:34:1D:33:76:24:31:54
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/DfMnh4Rjmy0_TJODnzQdM3YkMVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.20.0/22
150.241.106.0/23
150.241.115.0-150.241.116.255
150.241.123.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:72:af:31:9c:7a:67:27:d3:9b:e2:74:f3:2a:94:6a:d0:da:
68:6b:3e:f4:5c:b3:98:85:26:24:c2:47:32:4d:8e:30:52:be:
1f:26:87:32:f0:43:02:12:6e:ba:ea:a8:8f:ef:91:84:83:96:
c6:31:73:d9:72:98:61:b5:38:91:83:3f:bc:7f:de:42:44:4d:
7a:3d:2c:4b:22:7c:c5:6d:cb:66:11:4c:23:ce:62:05:26:f6:
84:17:09:7d:b5:23:09:be:08:e1:c0:50:c8:fd:da:19:2c:2e:
29:57:98:4d:54:84:3c:ec:6e:ea:88:c1:3b:1c:06:55:d6:10:
d3:98:4e:bb:1e:eb:f9:3c:8d:9d:44:26:49:52:63:b2:92:ad:
e4:95:54:07:80:95:a4:50:a0:1a:c5:af:9c:c1:aa:7b:21:4c:
56:06:93:99:69:e4:82:b6:e3:81:6f:dd:a7:1c:b8:5c:6b:a3:
2e:c6:10:f4:c5:e5:01:a9:03:2a:84:59:46:75:29:40:47:bc:
9a:26:4a:01:6c:50:fd:12:aa:6c:11:c1:13:dd:ae:32:0f:06:
38:9b:80:2e:6b:bf:d2:29:32:40:18:4e:e2:da:c9:1c:3c:6b:
4a:97:f7:2a:81:83:e1:c5:d1:84:79:14:bc:3c:7a:92:55:21:
e2:57:49:af
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQj2AEJmN24uJw33bh3orrXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjUwMTAxMjE0OTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGYzMjc4Nzg0NjM5YjJkM2Y0YzkzODM5ZjM0MWQzMzc2MjQzMTU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoEDH0WoVV6awGJKavnIQjexc1FZM
VsjvucwRtcpKUNxzhwseckXCfr5RkWfqjlmfvROG4v3+vi5bYYkvH/LJSe7CLqR8
ar7f+98E8WXfVtqAXqDEPdGfHNZGjQbD9uD24X7MsmUNOruLtlg17M+kngYPNLA3
EbT3onOjQLdbSigjQkpDE252GdKsMthmV1GBOX1pQeUlaubRij5o70xajiC0Ww+s
g130N86pI1wbts1UIJqI7XBICu8mjqEUsIaDFAEtNgsvgsEUCjha/ZYI7mroJB4H
ljKB9pRhEXapm/y29sWVPYa+PXoC6yVYuTx7t5Nw4INKtOOehVh2XWT7NQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFA3zJ4eEY5stP0yTg580HTN2JDFUMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvRGZNbmg0UmpteTBfVEpPRG56UWRNM1lrTVZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCJS4UAwQB
lvFqMAwDBACW8XMDBACW8XQDBACW8XswDQYJKoZIhvcNAQELBQADggEBAGtyrzGc
emcn05vidPMqlGrQ2mhrPvRcs5iFJiTCRzJNjjBSvh8mhzLwQwISbrrqqI/vkYSD
lsYxc9lymGG1OJGDP7x/3kJETXo9LEsifMVty2YRTCPOYgUm9oQXCX21Iwm+COHA
UMj92hksLilXmE1UhDzsbuqIwTscBlXWENOYTrse6/k8jZ1EJklSY7KSreSVVAeA
laRQoBrFr5zBqnshTFYGk5lp5IK244Fv3accuFxroy7GEPTF5QGpAyqEWUZ1KUBH
vJomSgFsUP0SqmwRwRPdrjIPBjibgC5rv9IpMkAYTuLayRw8a0qX9yqBg+HF0YR5
FLw8epJVIeJXSa8=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:27:49 2025 by rpki-client