Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/H6GudZ9AS4G9VxiYIl9vFfuvwcM.roa
File: H6GudZ9AS4G9VxiYIl9vFfuvwcM.roa (raw, json)
Hash identifier: dp3EccUJidrKIKPa6n4wHNi471w/QAvSJIMfc/eiEG8=
Subject key identifier: 1F:A1:AE:75:9F:40:4B:81:BD:57:18:98:22:5F:6F:15:FB:AF:C1:C3
Certificate issuer: /CN=1c963e3d22847d466c262c20878c2780d8840003
Certificate serial: 019408C02B7D144ED1A0BA5053C0CA37B749
Authority key identifier: 1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/H6GudZ9AS4G9VxiYIl9vFfuvwcM.roa
Signing time: Fri 27 Dec 2024 15:33:19 +0000
ROA not before: Fri 27 Dec 2024 15:33:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199785
IP address blocks: 37.46.16.0/24 maxlen: 24
37.46.17.0/24 maxlen: 24
37.46.18.0/24 maxlen: 24
37.46.19.0/24 maxlen: 24
150.241.113.0/24 maxlen: 24
150.241.114.0/24 maxlen: 24
150.241.115.0/24 maxlen: 24
150.241.116.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:49:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:08:c0:2b:7d:14:4e:d1:a0:ba:50:53:c0:ca:37:b7:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c963e3d22847d466c262c20878c2780d8840003
Validity
Not Before: Dec 27 15:33:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1fa1ae759f404b81bd571898225f6f15fbafc1c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:93:3f:7a:79:de:d4:28:ac:ae:fb:5f:7d:56:
2e:40:e2:23:5d:80:20:dc:ae:a6:f4:1f:56:01:97:
3b:c9:20:a5:47:96:56:9d:f9:cc:c9:80:75:3f:26:
b6:77:36:0b:6f:e9:d3:03:03:c2:ca:d7:9a:16:b3:
f0:e9:aa:e7:0a:55:ea:cc:b7:88:d6:dc:75:75:b7:
1f:6f:fe:12:6b:44:bb:85:ef:d0:9a:8c:72:d1:1d:
c3:3c:03:92:6f:f6:fa:02:89:05:dd:40:cf:81:b3:
c2:a6:8c:e3:a2:40:6c:50:6f:ea:98:8b:fe:37:29:
bd:36:9a:95:0c:e5:31:64:97:d0:9c:3d:51:30:55:
9e:65:a1:8f:b3:c0:8f:06:35:44:f2:ed:9a:5d:a2:
02:c0:17:3b:4c:1e:3b:f1:cb:f0:d3:7d:97:00:25:
4f:77:57:7b:5c:08:4e:78:1c:b7:27:f6:c5:30:59:
1f:25:51:51:a7:43:64:22:18:60:46:8c:62:91:67:
cb:79:43:74:da:d7:ca:92:56:c3:27:9a:8f:ce:46:
ba:3c:12:27:38:02:5d:ea:17:13:e5:ea:ae:5a:21:
e8:27:05:e9:1f:2b:e0:f9:56:83:c2:9c:8f:d9:83:
30:8b:66:a2:31:7a:5f:b7:53:8e:af:47:c6:f3:7f:
fc:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:A1:AE:75:9F:40:4B:81:BD:57:18:98:22:5F:6F:15:FB:AF:C1:C3
X509v3 Authority Key Identifier:
keyid:1C:96:3E:3D:22:84:7D:46:6C:26:2C:20:87:8C:27:80:D8:84:00:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HJY-PSKEfUZsJiwgh4wngNiEAAM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/H6GudZ9AS4G9VxiYIl9vFfuvwcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/38f128-ea82-4555-b514-143967a8fe08/1/HJY-PSKEfUZsJiwgh4wngNiEAAM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.16.0/22
150.241.113.0-150.241.116.255
Signature Algorithm: sha256WithRSAEncryption
4f:8b:08:a9:a7:ae:8f:3e:7d:8c:ad:ad:6c:4a:2f:a1:39:5a:
f8:37:35:05:d5:fb:04:4d:6f:0f:80:56:ee:56:62:d4:b7:a9:
73:19:ab:8c:c8:e3:bd:49:fe:26:9d:41:c2:6e:44:88:5e:57:
f1:12:2b:81:d8:32:12:1a:f4:79:24:08:5e:c6:cf:15:ee:c0:
99:3a:25:ec:b7:2b:f6:21:b9:88:72:ee:1e:9b:d5:ed:ba:17:
ae:df:1d:03:1d:4d:8e:c7:67:fc:06:a9:a6:40:7a:7d:51:3c:
30:12:82:f0:14:f4:c8:69:ef:ac:df:9a:d4:e7:22:ca:1c:58:
97:35:48:cd:75:2a:f0:53:df:31:79:20:68:fa:fd:85:72:82:
33:65:80:e2:43:8d:35:22:24:50:59:74:33:20:78:58:2f:9d:
f7:3b:db:2c:51:c2:dd:09:43:12:70:57:ea:f3:39:69:ba:29:
29:d6:bc:0c:a5:17:cd:5a:75:51:3c:56:ca:2d:eb:88:90:44:
19:9f:38:3f:ad:9f:af:dc:d8:67:5e:37:f1:0b:c8:75:76:bc:
b6:a8:57:ec:c6:fd:4f:8c:12:b9:91:67:69:be:e2:bc:e3:80:
02:2b:46:26:7d:b7:fc:c8:89:84:7d:b5:1e:66:ee:bf:97:52:
e2:ad:6f:e0
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQIwCt9FE7RoLpQU8DKN7dJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjOTYzZTNkMjI4NDdkNDY2YzI2MmMyMDg3OGMyNzgwZDg4
NDAwMDMwHhcNMjQxMjI3MTUzMzE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZmExYWU3NTlmNDA0YjgxYmQ1NzE4OTgyMjVmNmYxNWZiYWZjMWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5M/enne1CisrvtffVYuQOIjXYAg
3K6m9B9WAZc7ySClR5ZWnfnMyYB1Pya2dzYLb+nTAwPCyteaFrPw6arnClXqzLeI
1tx1dbcfb/4Sa0S7he/Qmoxy0R3DPAOSb/b6AokF3UDPgbPCpozjokBsUG/qmIv+
Nym9NpqVDOUxZJfQnD1RMFWeZaGPs8CPBjVE8u2aXaICwBc7TB478cvw032XACVP
d1d7XAhOeBy3J/bFMFkfJVFRp0NkIhhgRoxikWfLeUN02tfKklbDJ5qPzka6PBIn
OAJd6hcT5equWiHoJwXpHyvg+VaDwpyP2YMwi2aiMXpft1OOr0fG83/88QIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFB+hrnWfQEuBvVcYmCJfbxX7r8HDMB8GA1UdIwQY
MBaAFByWPj0ihH1GbCYsIIeMJ4DYhAADMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQt
MTQzOTY3YThmZTA4LzEvSDZHdWRaOUFTNEc5VnhpWUlsOXZGZnV2d2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8zOGYxMjgtZWE4Mi00NTU1LWI1MTQtMTQzOTY3YThmZTA4
LzEvSEpZLVBTS0VmVVpzSml3Z2g0d25nTmlFQUFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQCJS4QMAwD
BACW8XEDBACW8XQwDQYJKoZIhvcNAQELBQADggEBAE+LCKmnro8+fYytrWxKL6E5
Wvg3NQXV+wRNbw+AVu5WYtS3qXMZq4zI471J/iadQcJuRIheV/ESK4HYMhIa9Hkk
CF7GzxXuwJk6Jey3K/YhuYhy7h6b1e26F67fHQMdTY7HZ/wGqaZAen1RPDASgvAU
9Mhp76zfmtTnIsocWJc1SM11KvBT3zF5IGj6/YVygjNlgOJDjTUiJFBZdDMgeFgv
nfc72yxRwt0JQxJwV+rzOWm6KSnWvAylF81adVE8Vsot64iQRBmfOD+tn6/c2Gde
N/ELyHV2vLaoV+zG/U+MErmRZ2m+4rzjgAIrRiZ9t/zIiYR9tR5m7r+XUuKtb+A=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:28:09 2025 by rpki-client