Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/_VphRV-4j-xqHOPpkIQ62KQ_3Fs.roa
File: _VphRV-4j-xqHOPpkIQ62KQ_3Fs.roa (raw, json)
Hash identifier: BsullCc4AedmFMtLtq1Lv6mKTCIq5t4ivO5UI/yIvjE=
Subject key identifier: FD:5A:61:45:5F:B8:8F:EC:6A:1C:E3:E9:90:84:3A:D8:A4:3F:DC:5B
Certificate issuer: /CN=6596f0dc165b7cd209022b2964834c45e74d212c
Certificate serial: 0194317B1B74FF82FE15894ECB9D4FCBC5B1
Authority key identifier: 65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/_VphRV-4j-xqHOPpkIQ62KQ_3Fs.roa
Signing time: Sat 04 Jan 2025 13:22:18 +0000
ROA not before: Sat 04 Jan 2025 13:22:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35372
IP address blocks: 37.152.173.0/24 maxlen: 24
37.152.174.0/23 maxlen: 23
Validation: Failed, certificate revoked on Wed 08 Jan 2025 14:11:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:31:7b:1b:74:ff:82:fe:15:89:4e:cb:9d:4f:cb:c5:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596f0dc165b7cd209022b2964834c45e74d212c
Validity
Not Before: Jan 4 13:22:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd5a61455fb88fec6a1ce3e990843ad8a43fdc5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:c7:d3:f0:50:69:72:2f:52:c2:f9:56:64:81:
60:ef:f9:53:92:c1:ae:22:88:5e:07:be:7f:64:1a:
b0:92:90:64:95:f2:b5:6a:e9:f1:d3:9d:3c:db:9c:
75:b6:dc:10:40:cb:a1:24:d4:76:39:a9:5a:c9:6e:
5d:e3:d5:a2:cf:7e:ce:12:e7:a8:d4:36:ae:ff:cb:
d7:d5:c7:12:16:db:61:04:2e:e9:76:3a:28:31:78:
98:12:bc:96:98:0a:f7:a4:39:34:08:7a:7e:2d:9b:
64:03:a6:de:eb:7e:52:d8:cf:3c:b8:85:e0:42:0d:
1a:49:0d:88:c4:46:c8:6c:55:3d:44:00:db:26:36:
42:8f:65:0a:93:44:6b:d2:11:2d:e7:c9:1d:cc:a3:
2d:57:9b:36:90:e1:f6:3e:90:93:09:3e:ef:25:c3:
90:53:41:6b:2f:ef:7e:7a:24:c8:28:4e:38:97:07:
51:b0:98:2f:7b:2e:05:73:27:8c:32:e6:70:92:7e:
37:16:a5:52:8f:72:87:fe:8f:7a:f2:b2:9d:47:c6:
3f:41:3c:14:17:8b:db:d7:38:f9:2f:49:65:e1:c5:
14:0a:41:67:66:0b:13:fd:4d:7d:d8:ad:11:60:fd:
60:bc:0f:97:7f:ea:1d:5f:79:99:9a:02:7a:24:3b:
6d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:5A:61:45:5F:B8:8F:EC:6A:1C:E3:E9:90:84:3A:D8:A4:3F:DC:5B
X509v3 Authority Key Identifier:
keyid:65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/_VphRV-4j-xqHOPpkIQ62KQ_3Fs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ZZbw3BZbfNIJAispZINMRedNISw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.173.0-37.152.175.255
Signature Algorithm: sha256WithRSAEncryption
41:be:bb:e6:8c:5f:ae:c5:f5:f9:16:58:63:78:72:33:cb:20:
77:c7:0e:4c:da:16:04:46:81:1b:cd:8f:18:38:d6:dc:99:63:
11:ff:27:cd:3d:bd:c9:d1:eb:ab:a6:fc:18:fc:74:8c:af:9c:
52:12:b4:1b:b2:d8:85:9a:ed:74:9f:50:30:1f:09:c3:83:4a:
57:11:5a:b6:40:60:3e:7c:11:43:59:03:7d:36:d9:8a:eb:14:
b9:7e:79:d0:83:4a:ab:5e:c0:b6:de:b5:5a:eb:81:bc:6b:ec:
27:50:95:59:19:da:bd:a3:d8:4f:f6:94:5c:c5:d8:b7:d8:47:
35:4d:67:4a:ca:9e:75:a0:6a:d1:57:47:c5:ac:e3:58:05:63:
ad:c1:63:45:20:67:0d:2c:55:8e:38:96:4f:d2:55:66:77:93:
b6:8b:ad:b1:25:6b:25:44:b7:c6:21:4f:81:3e:96:3d:4f:e3:
65:b0:f9:e3:58:22:ef:4c:9c:39:bc:d0:c6:55:36:8a:66:78:
03:9b:20:18:82:5a:47:6f:27:a3:93:76:4d:ad:f1:7e:c0:13:
e6:03:4a:75:93:15:b8:8d:32:b4:ed:ca:7e:af:77:4f:9f:5c:
37:54:ab:86:a3:87:ed:76:c5:e1:c8:50:65:63:cd:81:a7:fe:
cf:10:38:31
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZQxext0/4L+FYlOy51Py8WxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmMGRjMTY1YjdjZDIwOTAyMmIyOTY0ODM0YzQ1ZTc0
ZDIxMmMwHhcNMjUwMTA0MTMyMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDVhNjE0NTVmYjg4ZmVjNmExY2UzZTk5MDg0M2FkOGE0M2ZkYzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8MfT8FBpci9SwvlWZIFg7/lTksGu
IoheB75/ZBqwkpBklfK1aunx050825x1ttwQQMuhJNR2OalayW5d49Wiz37OEueo
1Dau/8vX1ccSFtthBC7pdjooMXiYEryWmAr3pDk0CHp+LZtkA6be635S2M88uIXg
Qg0aSQ2IxEbIbFU9RADbJjZCj2UKk0Rr0hEt58kdzKMtV5s2kOH2PpCTCT7vJcOQ
U0FrL+9+eiTIKE44lwdRsJgvey4FcyeMMuZwkn43FqVSj3KH/o968rKdR8Y/QTwU
F4vb1zj5L0ll4cUUCkFnZgsT/U192K0RYP1gvA+Xf+odX3mZmgJ6JDttRQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFP1aYUVfuI/sahzj6ZCEOtikP9xbMB8GA1UdIwQY
MBaAFGWW8NwWW3zSCQIrKWSDTEXnTSEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYt
MmQxM2NmOWI0NWMwLzEvX1ZwaFJWLTRqLXhxSE9QcGtJUTYyS1FfM0ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYtMmQxM2NmOWI0NWMw
LzEvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAlmK0D
BAQlmKAwDQYJKoZIhvcNAQELBQADggEBAEG+u+aMX67F9fkWWGN4cjPLIHfHDkza
FgRGgRvNjxg41tyZYxH/J809vcnR66um/Bj8dIyvnFIStBuy2IWa7XSfUDAfCcOD
SlcRWrZAYD58EUNZA3022YrrFLl+edCDSqtewLbetVrrgbxr7CdQlVkZ2r2j2E/2
lFzF2LfYRzVNZ0rKnnWgatFXR8Ws41gFY63BY0UgZw0sVY44lk/SVWZ3k7aLrbEl
ayVEt8YhT4E+lj1P42Ww+eNYIu9MnDm80MZVNopmeAObIBiCWkdvJ6OTdk2t8X7A
E+YDSnWTFbiNMrTtyn6vd0+fXDdUq4ajh+12xeHIUGVjzYGn/s8QODE=
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:50:06 2025 by rpki-client