Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ku9dF3aBN6kHV-lfgGFw2e53gCQ.roa
File: ku9dF3aBN6kHV-lfgGFw2e53gCQ.roa (raw, json)
Hash identifier: rR9E4M0c55mzh1E27PQj5tRrB17JpIKXYdptpHINMi4=
Subject key identifier: 92:EF:5D:17:76:81:37:A9:07:57:E9:5F:80:61:70:D9:EE:77:80:24
Certificate issuer: /CN=6596f0dc165b7cd209022b2964834c45e74d212c
Certificate serial: 019423D6EEDC43D474BC0A1E4C8AD75B3E79
Authority key identifier: 65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ku9dF3aBN6kHV-lfgGFw2e53gCQ.roa
Signing time: Wed 01 Jan 2025 21:47:55 +0000
ROA not before: Wed 01 Jan 2025 21:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35372
IP address blocks: 37.152.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 04 Jan 2025 13:22:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:ee:dc:43:d4:74:bc:0a:1e:4c:8a:d7:5b:3e:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596f0dc165b7cd209022b2964834c45e74d212c
Validity
Not Before: Jan 1 21:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92ef5d17768137a90757e95f806170d9ee778024
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:9d:77:77:06:f8:87:0a:a9:11:0d:3a:2a:6c:
50:1a:77:11:a3:47:d2:25:a6:2e:1d:df:e1:63:96:
b3:0a:33:a3:d3:3e:81:9a:37:92:12:62:92:a6:02:
b2:b8:99:06:58:83:f9:6b:35:ca:f0:09:3c:3a:d7:
ec:9c:4c:c9:0e:cc:77:df:3e:64:aa:9f:32:54:9e:
6c:73:d6:6c:5d:6d:9b:9f:e5:b6:bb:b6:f1:5f:92:
e6:8e:dd:43:12:ee:8b:e0:e3:6a:55:a4:7b:89:c3:
69:05:95:e6:ea:4f:3c:ee:9e:85:6d:16:27:ef:5a:
97:b6:54:38:08:54:a3:d6:0b:52:0b:95:e1:ad:1d:
65:a2:e8:6c:5b:e1:15:47:d4:7f:b3:95:4e:da:9a:
c1:9d:33:52:00:67:c5:fe:ee:2e:a9:88:af:58:21:
5b:a2:ce:57:b6:0f:c2:f8:0f:19:0a:c2:40:25:7e:
92:68:82:d8:6d:7b:2a:3e:9b:75:ed:29:cc:05:b2:
78:65:6a:d8:b2:77:69:5d:47:e7:b5:75:fd:55:90:
52:df:e6:98:de:fd:79:ae:e6:17:11:0a:ee:bc:38:
92:d3:49:d6:7c:91:24:47:b5:71:ab:e8:ee:d2:43:
13:be:c7:1b:a5:82:e2:dc:06:4a:b1:04:a1:27:82:
54:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:EF:5D:17:76:81:37:A9:07:57:E9:5F:80:61:70:D9:EE:77:80:24
X509v3 Authority Key Identifier:
keyid:65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ku9dF3aBN6kHV-lfgGFw2e53gCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ZZbw3BZbfNIJAispZINMRedNISw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.173.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:71:eb:be:9d:06:fb:15:05:44:bd:23:cb:66:65:df:e6:f6:
80:e4:ed:bb:9b:e0:18:96:bb:6b:21:f4:20:3d:f0:2b:43:85:
12:e4:11:3f:e9:22:29:4d:9f:c4:95:f6:b4:47:10:bf:2b:4a:
3d:68:0a:e7:01:5c:24:6d:9c:2f:e2:70:57:0f:06:4a:9a:55:
40:43:5b:f3:2d:fd:a9:49:e7:01:5b:42:ac:b0:1b:d1:3b:f0:
f5:fd:45:e9:3e:45:72:e8:c4:8d:82:35:6d:2f:47:63:36:59:
9a:89:6a:35:93:54:fa:d1:b6:80:4d:ec:c2:a7:85:8d:03:e7:
49:bd:ee:af:23:c6:f1:ed:33:01:78:8f:22:02:6f:ee:41:65:
59:b9:a1:59:a6:53:a1:fe:9a:a5:33:53:ea:96:9a:e4:7d:03:
4b:b2:f1:e2:fb:28:8f:61:20:4a:ab:d4:12:a5:8d:6e:66:1e:
c5:7e:f1:27:6d:c5:d7:82:c7:75:71:76:f9:26:6d:a0:6a:4e:
9d:59:7e:65:8f:af:a2:9c:be:11:de:e5:0b:24:51:2f:39:6c:
c9:fb:31:f2:56:6c:91:a3:7f:f7:1b:e8:28:6e:e7:f9:6f:d9:
3a:7c:16:38:aa:c1:a8:8a:7a:ac:b7:16:da:06:db:ca:48:0f:
0f:ef:19:e6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj1u7cQ9R0vAoeTIrXWz55MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmMGRjMTY1YjdjZDIwOTAyMmIyOTY0ODM0YzQ1ZTc0
ZDIxMmMwHhcNMjUwMTAxMjE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmVmNWQxNzc2ODEzN2E5MDc1N2U5NWY4MDYxNzBkOWVlNzc4MDI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtp13dwb4hwqpEQ06KmxQGncRo0fS
JaYuHd/hY5azCjOj0z6BmjeSEmKSpgKyuJkGWIP5azXK8Ak8OtfsnEzJDsx33z5k
qp8yVJ5sc9ZsXW2bn+W2u7bxX5Lmjt1DEu6L4ONqVaR7icNpBZXm6k887p6FbRYn
71qXtlQ4CFSj1gtSC5XhrR1louhsW+EVR9R/s5VO2prBnTNSAGfF/u4uqYivWCFb
os5Xtg/C+A8ZCsJAJX6SaILYbXsqPpt17SnMBbJ4ZWrYsndpXUfntXX9VZBS3+aY
3v15ruYXEQruvDiS00nWfJEkR7Vxq+ju0kMTvscbpYLi3AZKsQShJ4JUIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJLvXRd2gTepB1fpX4BhcNnud4AkMB8GA1UdIwQY
MBaAFGWW8NwWW3zSCQIrKWSDTEXnTSEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYt
MmQxM2NmOWI0NWMwLzEva3U5ZEYzYUJONmtIVi1sZmdHRncyZTUzZ0NRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYtMmQxM2NmOWI0NWMw
LzEvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZitMA0G
CSqGSIb3DQEBCwUAA4IBAQAsceu+nQb7FQVEvSPLZmXf5vaA5O27m+AYlrtrIfQg
PfArQ4US5BE/6SIpTZ/Elfa0RxC/K0o9aArnAVwkbZwv4nBXDwZKmlVAQ1vzLf2p
SecBW0KssBvRO/D1/UXpPkVy6MSNgjVtL0djNlmaiWo1k1T60baATezCp4WNA+dJ
ve6vI8bx7TMBeI8iAm/uQWVZuaFZplOh/pqlM1PqlprkfQNLsvHi+yiPYSBKq9QS
pY1uZh7FfvEnbcXXgsd1cXb5Jm2gak6dWX5lj6+inL4R3uULJFEvOWzJ+zHyVmyR
o3/3G+gobuf5b9k6fBY4qsGoinqstxbaBtvKSA8P7xnm
-----END CERTIFICATE-----
Generated at Tue Apr 22 01:05:33 2025 by rpki-client