Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/CkNtU0cTzT0l_oP8v4OvZd2qT-I.roa
File: CkNtU0cTzT0l_oP8v4OvZd2qT-I.roa (raw, json)
Hash identifier: PDLzJa5laZ5MxaSRV8Dp/R6/hY6Umvzr1IH0uQHcAGE=
Subject key identifier: 0A:43:6D:53:47:13:CD:3D:25:FE:83:FC:BF:83:AF:65:DD:AA:4F:E2
Certificate issuer: /CN=6596f0dc165b7cd209022b2964834c45e74d212c
Certificate serial: 01940D09E2767813007975835E86E41BFF8C
Authority key identifier: 65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/CkNtU0cTzT0l_oP8v4OvZd2qT-I.roa
Signing time: Sat 28 Dec 2024 11:32:19 +0000
ROA not before: Sat 28 Dec 2024 11:32:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198569
IP address blocks: 37.152.160.0/24 maxlen: 24
37.152.161.0/24 maxlen: 24
37.152.162.0/24 maxlen: 24
37.152.163.0/24 maxlen: 24
37.152.164.0/24 maxlen: 24
37.152.167.0/24 maxlen: 24
37.152.168.0/24 maxlen: 24
37.152.169.0/24 maxlen: 24
37.152.170.0/24 maxlen: 24
37.152.171.0/24 maxlen: 24
37.152.172.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0d:09:e2:76:78:13:00:79:75:83:5e:86:e4:1b:ff:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596f0dc165b7cd209022b2964834c45e74d212c
Validity
Not Before: Dec 28 11:32:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0a436d534713cd3d25fe83fcbf83af65ddaa4fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:39:7f:26:26:16:db:53:77:5a:65:04:c2:32:
5e:0f:f5:63:44:b1:6c:a1:1e:2e:41:ba:eb:2f:8d:
3c:6c:c3:be:c1:eb:42:cd:c8:9a:dd:bd:6c:33:8b:
e8:21:84:ab:81:58:7f:65:e1:e7:1a:8d:a3:da:63:
ae:3c:19:d2:3e:61:38:54:07:75:d3:38:48:7e:c9:
c4:65:18:bf:5e:77:17:8c:cb:d9:2a:f8:7d:f0:0f:
a9:6d:1f:47:66:4a:1f:c1:30:01:f6:9f:d6:c5:03:
51:e9:eb:71:b9:1f:3f:60:98:c7:b1:88:e5:9d:90:
38:a1:3c:11:89:c4:9f:93:66:6b:51:86:07:c7:76:
ef:a5:0b:91:81:54:f6:26:50:42:16:e5:91:4e:aa:
c3:84:d2:0b:12:e5:44:44:fa:5b:f3:6c:b2:90:d5:
d4:2a:ad:44:20:1f:d6:3d:b5:4e:8b:f9:ac:e7:b2:
f7:10:72:b9:a5:ae:fc:1e:3e:bd:27:a9:47:d3:5f:
72:36:24:cf:90:d3:ba:87:c1:ff:ad:dc:95:2e:f0:
ef:54:15:64:60:c6:59:e8:36:12:82:23:38:d7:5d:
78:88:26:9d:81:83:b5:58:69:00:e6:11:02:e2:8f:
a1:f5:f1:1d:5e:1c:94:d5:2e:29:40:6b:88:a6:ad:
fe:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:43:6D:53:47:13:CD:3D:25:FE:83:FC:BF:83:AF:65:DD:AA:4F:E2
X509v3 Authority Key Identifier:
keyid:65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/CkNtU0cTzT0l_oP8v4OvZd2qT-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ZZbw3BZbfNIJAispZINMRedNISw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.160.0-37.152.164.255
37.152.167.0-37.152.172.255
Signature Algorithm: sha256WithRSAEncryption
4e:0c:e8:a9:94:c5:fb:4e:60:17:22:4c:57:82:db:22:64:3e:
d6:e1:08:a9:fd:5a:b9:2a:ca:80:90:93:40:72:b0:e8:86:fb:
57:28:f5:a1:9a:a6:3e:68:44:03:8e:cf:8b:e0:8a:1b:ee:dc:
3a:98:a2:8f:79:86:bc:e6:ee:30:4e:47:ec:6e:72:fd:34:03:
28:eb:09:67:e0:d0:b2:f3:f9:d4:20:13:5d:9b:5d:a2:71:0c:
bb:42:ee:f6:3e:05:0a:b7:21:33:3b:69:1a:ad:5a:43:95:70:
bb:9f:3b:e6:23:4e:41:c6:c6:c9:82:e4:b8:52:48:aa:57:77:
5c:f1:62:45:fa:62:27:b2:12:9c:5d:97:b5:4e:3f:7c:79:39:
aa:9c:5f:73:5a:03:45:9c:54:e3:36:70:b7:95:bc:8b:29:c8:
2a:8c:aa:40:7b:58:f2:36:22:69:c2:c9:b2:f3:e2:05:81:5e:
af:36:e0:da:fa:20:19:c4:2b:c1:4a:ec:3e:f3:8f:12:c3:cd:
e5:36:50:dc:ef:4c:0f:5e:83:e7:05:8e:9d:19:44:95:fc:45:
10:a6:97:c7:3e:f1:e0:8c:61:99:f8:f2:a5:3e:31:91:63:25:
54:58:56:51:a2:58:3c:71:c9:84:b9:c7:4d:3e:67:5f:25:03:
8b:fb:6f:16
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQNCeJ2eBMAeXWDXobkG/+MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmMGRjMTY1YjdjZDIwOTAyMmIyOTY0ODM0YzQ1ZTc0
ZDIxMmMwHhcNMjQxMjI4MTEzMjE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTQzNmQ1MzQ3MTNjZDNkMjVmZTgzZmNiZjgzYWY2NWRkYWE0ZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozl/JiYW21N3WmUEwjJeD/VjRLFs
oR4uQbrrL408bMO+wetCzcia3b1sM4voIYSrgVh/ZeHnGo2j2mOuPBnSPmE4VAd1
0zhIfsnEZRi/XncXjMvZKvh98A+pbR9HZkofwTAB9p/WxQNR6etxuR8/YJjHsYjl
nZA4oTwRicSfk2ZrUYYHx3bvpQuRgVT2JlBCFuWRTqrDhNILEuVERPpb82yykNXU
Kq1EIB/WPbVOi/ms57L3EHK5pa78Hj69J6lH019yNiTPkNO6h8H/rdyVLvDvVBVk
YMZZ6DYSgiM41114iCadgYO1WGkA5hEC4o+h9fEdXhyU1S4pQGuIpq3+rQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFApDbVNHE809Jf6D/L+Dr2Xdqk/iMB8GA1UdIwQY
MBaAFGWW8NwWW3zSCQIrKWSDTEXnTSEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYt
MmQxM2NmOWI0NWMwLzEvQ2tOdFUwY1R6VDBsX29QOHY0T3ZaZDJxVC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYtMmQxM2NmOWI0NWMw
LzEvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBAUlmKAD
BAAlmKQwDAMEACWYpwMEACWYrDANBgkqhkiG9w0BAQsFAAOCAQEATgzoqZTF+05g
FyJMV4LbImQ+1uEIqf1auSrKgJCTQHKw6Ib7Vyj1oZqmPmhEA47Pi+CKG+7cOpii
j3mGvObuME5H7G5y/TQDKOsJZ+DQsvP51CATXZtdonEMu0Lu9j4FCrchMztpGq1a
Q5Vwu5875iNOQcbGyYLkuFJIqld3XPFiRfpiJ7ISnF2XtU4/fHk5qpxfc1oDRZxU
4zZwt5W8iynIKoyqQHtY8jYiacLJsvPiBYFerzbg2vogGcQrwUrsPvOPEsPN5TZQ
3O9MD16D5wWOnRlElfxFEKaXxz7x4IxhmfjypT4xkWMlVFhWUaJYPHHJhLnHTT5n
XyUDi/tvFg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 00:13:36 2025 by rpki-client