Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/luWQXFIjWpwFnukOmVOvwDv3aE4.roa
File: luWQXFIjWpwFnukOmVOvwDv3aE4.roa (raw, json)
Hash identifier: gNLNyTQNFfXM8vIGvqC1m5UpndmZmH6lCRYfmIyt9uo=
Subject key identifier: 96:E5:90:5C:52:23:5A:9C:05:9E:E9:0E:99:53:AF:C0:3B:F7:68:4E
Certificate issuer: /CN=6596f0dc165b7cd209022b2964834c45e74d212c
Certificate serial: 01940D09E1C26656AF36FC82D45B172E5766
Authority key identifier: 65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/luWQXFIjWpwFnukOmVOvwDv3aE4.roa
Signing time: Sat 28 Dec 2024 11:32:18 +0000
ROA not before: Sat 28 Dec 2024 11:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35372
IP address blocks: 37.152.173.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 01 Jan 2025 21:47:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:0d:09:e1:c2:66:56:af:36:fc:82:d4:5b:17:2e:57:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6596f0dc165b7cd209022b2964834c45e74d212c
Validity
Not Before: Dec 28 11:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=96e5905c52235a9c059ee90e9953afc03bf7684e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:db:5c:59:a5:91:7a:48:c1:fc:06:32:0e:68:
34:da:ef:bd:64:99:72:0d:34:97:da:68:3b:18:c1:
6c:e4:52:b0:5e:dd:bb:c6:6a:7c:e8:a7:cb:ea:2c:
40:c6:b4:d7:e5:db:5b:13:71:b9:47:06:45:65:d4:
8d:18:5e:45:ba:bb:c5:13:af:2a:bc:6b:f4:2f:6f:
2c:97:cd:c9:82:c6:33:40:64:1c:8e:76:b8:83:e0:
35:db:7a:e8:ce:61:5f:53:12:2a:9b:9c:b9:3d:62:
00:81:ff:00:a2:9c:7c:a5:a6:e0:e8:89:8e:3a:4f:
4c:55:08:08:b1:79:88:0e:4b:11:50:b6:a2:17:23:
2f:3e:6b:d0:12:9b:5b:45:ce:1a:2d:5c:77:c4:41:
c8:e5:3a:64:2b:be:81:2a:26:de:cc:9d:4a:2c:fd:
d7:e5:5c:54:3a:e4:08:73:69:a6:3c:7d:2a:03:37:
f3:79:0b:c1:57:a3:30:08:7c:a4:19:50:1b:13:af:
09:cf:0f:20:8e:a0:83:c9:33:0f:2e:93:b0:42:2d:
54:6f:cd:ea:fc:2d:68:f6:76:a2:13:d8:4f:74:a1:
86:b8:60:af:31:6b:6a:c8:9b:85:dc:60:54:5e:83:
07:b0:d3:e3:ee:a7:81:60:6d:59:48:0e:df:0e:71:
3f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:E5:90:5C:52:23:5A:9C:05:9E:E9:0E:99:53:AF:C0:3B:F7:68:4E
X509v3 Authority Key Identifier:
keyid:65:96:F0:DC:16:5B:7C:D2:09:02:2B:29:64:83:4C:45:E7:4D:21:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZbw3BZbfNIJAispZINMRedNISw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/luWQXFIjWpwFnukOmVOvwDv3aE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/9904b3-8ca0-4946-8766-2d13cf9b45c0/1/ZZbw3BZbfNIJAispZINMRedNISw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.152.173.0/24
Signature Algorithm: sha256WithRSAEncryption
39:4a:49:1b:1d:7f:21:9c:13:de:9d:74:bb:8b:0c:df:30:0f:
69:46:97:f2:80:b3:24:84:35:0c:b6:0c:82:32:bc:ec:40:89:
8e:c3:17:7e:fa:57:7e:39:fe:79:e5:50:e8:8a:fc:8a:6e:0d:
b6:b4:64:64:26:31:2a:e7:9e:30:e5:13:4b:6e:dc:af:6a:59:
3d:ad:1e:90:a2:c6:b6:bf:f9:82:d0:3e:1d:4a:81:ea:e9:46:
86:94:ff:3a:61:2a:f5:df:86:69:62:99:70:96:da:62:f7:4d:
33:20:03:42:ed:f1:55:91:97:27:4e:83:00:8e:47:b3:1c:73:
2d:7d:c8:97:9e:27:63:07:ee:10:13:35:05:be:44:aa:3c:0d:
24:1e:bf:0d:95:c7:18:e3:87:4c:9e:0d:f1:6f:fd:b4:86:1f:
9b:a6:0b:f9:39:a1:02:14:5a:7c:20:a9:d4:cb:cd:5a:75:f8:
35:76:ff:ec:cc:59:a8:f6:16:ea:9e:06:1c:d2:6f:01:84:9b:
f5:a2:90:94:76:5f:19:99:1c:3f:29:e9:a7:89:ef:0e:79:6b:
d9:8e:27:66:f1:34:0c:3f:7e:d9:16:4b:67:73:bd:a8:f9:b2:
a2:17:68:e8:60:bc:cf:f9:bf:a4:3e:94:fa:64:ff:4a:66:c9:
0b:64:8a:4b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQNCeHCZlavNvyC1FsXLldmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OTZmMGRjMTY1YjdjZDIwOTAyMmIyOTY0ODM0YzQ1ZTc0
ZDIxMmMwHhcNMjQxMjI4MTEzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NmU1OTA1YzUyMjM1YTljMDU5ZWU5MGU5OTUzYWZjMDNiZjc2ODRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdtcWaWRekjB/AYyDmg02u+9ZJly
DTSX2mg7GMFs5FKwXt27xmp86KfL6ixAxrTX5dtbE3G5RwZFZdSNGF5FurvFE68q
vGv0L28sl83JgsYzQGQcjna4g+A123rozmFfUxIqm5y5PWIAgf8Aopx8pabg6ImO
Ok9MVQgIsXmIDksRULaiFyMvPmvQEptbRc4aLVx3xEHI5TpkK76BKibezJ1KLP3X
5VxUOuQIc2mmPH0qAzfzeQvBV6MwCHykGVAbE68Jzw8gjqCDyTMPLpOwQi1Ub83q
/C1o9naiE9hPdKGGuGCvMWtqyJuF3GBUXoMHsNPj7qeBYG1ZSA7fDnE/GwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJblkFxSI1qcBZ7pDplTr8A792hOMB8GA1UdIwQY
MBaAFGWW8NwWW3zSCQIrKWSDTEXnTSEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYt
MmQxM2NmOWI0NWMwLzEvbHVXUVhGSWpXcHdGbnVrT21WT3Z3RHYzYUU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC85OTA0YjMtOGNhMC00OTQ2LTg3NjYtMmQxM2NmOWI0NWMw
LzEvWlpidzNCWmJmTklKQWlzcFpJTk1SZWROSVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAJZitMA0G
CSqGSIb3DQEBCwUAA4IBAQA5SkkbHX8hnBPenXS7iwzfMA9pRpfygLMkhDUMtgyC
MrzsQImOwxd++ld+Of555VDoivyKbg22tGRkJjEq554w5RNLbtyvalk9rR6Qosa2
v/mC0D4dSoHq6UaGlP86YSr134ZpYplwltpi900zIANC7fFVkZcnToMAjkezHHMt
fciXnidjB+4QEzUFvkSqPA0kHr8NlccY44dMng3xb/20hh+bpgv5OaECFFp8IKnU
y81adfg1dv/szFmo9hbqngYc0m8BhJv1opCUdl8ZmRw/Kemnie8OeWvZjidm8TQM
P37ZFktnc72o+bKiF2joYLzP+b+kPpT6ZP9KZskLZIpL
-----END CERTIFICATE-----
Generated at Sun Apr 20 12:40:48 2025 by rpki-client