Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/GIff8lZttr86bLC9LqOQziMuYLc.roa
File: GIff8lZttr86bLC9LqOQziMuYLc.roa (raw, json)
Hash identifier: jUSCg5yAx3i5X7IQmfy+KINpnjgi1HQKNBlCXVeEJak=
Subject key identifier: 18:87:DF:F2:56:6D:B6:BF:3A:6C:B0:BD:2E:A3:90:CE:23:2E:60:B7
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 0195F39F2C82C213AC2647EDE94A176BBEE6
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/GIff8lZttr86bLC9LqOQziMuYLc.roa
Signing time: Tue 01 Apr 2025 23:10:49 +0000
ROA not before: Tue 01 Apr 2025 23:10:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
46.37.117.0/24 maxlen: 24
185.92.44.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 03 Apr 2025 12:45:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:f3:9f:2c:82:c2:13:ac:26:47:ed:e9:4a:17:6b:be:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Apr 1 23:10:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1887dff2566db6bf3a6cb0bd2ea390ce232e60b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2a:77:33:3f:a2:e8:ba:90:70:31:c3:63:92:
d2:d8:11:63:5f:c6:41:c1:4f:dd:65:7d:96:02:40:
94:1c:18:83:96:27:47:23:36:10:d2:f5:ec:85:37:
a3:d1:0e:54:2b:55:6c:ac:7b:82:83:e8:7f:d4:95:
a8:f6:8e:8f:9a:47:1c:16:78:51:14:b9:6b:54:fc:
e3:07:ff:46:f1:a0:f3:72:ff:20:80:23:e4:36:fc:
c4:ed:7f:d8:3a:8b:df:1c:79:e7:1f:7d:ef:74:ee:
b5:66:e7:dc:ee:2d:0b:41:07:01:2c:c3:66:3b:84:
ce:26:15:ee:5e:8e:ee:3f:18:f3:da:f6:b9:ad:3c:
f1:94:24:02:b8:03:51:46:b3:00:31:2d:da:1a:09:
20:66:95:e4:82:fd:bc:72:68:aa:a4:9b:41:30:ee:
89:b8:25:cb:c4:f5:54:ac:cc:60:2d:e6:86:1d:8d:
98:ff:05:ff:c5:19:d9:85:38:0b:37:1a:87:d0:1a:
a9:71:10:c8:47:d7:9e:a9:19:f6:d5:b8:1f:53:48:
08:61:7c:cf:14:d9:82:f2:b0:9a:20:d3:52:b9:31:
df:7e:e9:e8:cb:ab:33:4f:91:4d:06:a3:52:97:84:
04:46:2a:a1:19:01:58:c6:80:fd:7f:34:7b:43:48:
ee:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:87:DF:F2:56:6D:B6:BF:3A:6C:B0:BD:2E:A3:90:CE:23:2E:60:B7
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/GIff8lZttr86bLC9LqOQziMuYLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
46.37.117.0/24
185.92.44.0/24
Signature Algorithm: sha256WithRSAEncryption
49:33:6c:f2:6e:0b:fb:b8:b1:a5:53:39:50:ac:8d:fe:2e:da:
21:5d:76:5d:8c:a8:8f:ff:d2:09:dd:c1:64:6e:a1:2a:ab:df:
fa:e8:0c:56:a3:cf:5b:0f:66:05:02:75:0e:eb:42:94:f9:a8:
6a:40:8c:a1:17:83:16:56:d3:99:84:4d:5a:c7:42:51:8e:81:
43:6e:db:84:c0:c5:ae:9a:4c:94:dd:f3:40:de:40:ea:ef:0c:
fb:a0:b3:6f:fd:3d:f2:d6:d9:07:53:57:7a:cb:82:39:5a:5e:
c9:e7:c8:64:db:2a:dd:a0:dc:e7:6c:b2:68:a6:86:a9:ab:b0:
2d:5a:7e:3e:34:86:d7:e9:f8:fa:dd:c5:f8:71:a7:05:75:e1:
18:fe:29:22:f0:11:59:12:80:57:a6:a4:0a:28:9a:25:c4:23:
75:52:44:2e:ab:ab:dd:aa:1f:c2:4d:3a:57:96:8f:e8:1f:f8:
d0:fe:c6:71:6f:ab:9c:b6:e4:5b:3b:10:f1:61:8b:fa:c1:30:
e3:d2:f6:30:b1:4e:00:fb:a6:73:f9:51:28:d4:2b:7e:60:73:
b9:84:5c:b0:50:2e:f7:73:31:93:7b:22:cd:0e:1c:b7:6d:f4:
5f:0f:15:bd:19:87:08:e8:4c:96:df:b6:ec:49:10:70:04:2a:
62:d8:22:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZXznyyCwhOsJkft6UoXa77mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwNDAxMjMxMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg3ZGZmMjU2NmRiNmJmM2E2Y2IwYmQyZWEzOTBjZTIzMmU2MGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyp3Mz+i6LqQcDHDY5LS2BFjX8ZB
wU/dZX2WAkCUHBiDlidHIzYQ0vXshTej0Q5UK1VsrHuCg+h/1JWo9o6PmkccFnhR
FLlrVPzjB/9G8aDzcv8ggCPkNvzE7X/YOovfHHnnH33vdO61Zufc7i0LQQcBLMNm
O4TOJhXuXo7uPxjz2va5rTzxlCQCuANRRrMAMS3aGgkgZpXkgv28cmiqpJtBMO6J
uCXLxPVUrMxgLeaGHY2Y/wX/xRnZhTgLNxqH0BqpcRDIR9eeqRn21bgfU0gIYXzP
FNmC8rCaINNSuTHffunoy6szT5FNBqNSl4QERiqhGQFYxoD9fzR7Q0juqwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBiH3/JWbba/OmywvS6jkM4jLmC3MB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvR0lmZjhsWnR0cjg2YkxDOUxxT1F6aU11WUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALiViAwQA
LiVxAwQALiV1AwQAuVwsMA0GCSqGSIb3DQEBCwUAA4IBAQBJM2zybgv7uLGlUzlQ
rI3+LtohXXZdjKiP/9IJ3cFkbqEqq9/66AxWo89bD2YFAnUO60KU+ahqQIyhF4MW
VtOZhE1ax0JRjoFDbtuEwMWumkyU3fNA3kDq7wz7oLNv/T3y1tkHU1d6y4I5Wl7J
58hk2yrdoNznbLJopoapq7AtWn4+NIbX6fj63cX4cacFdeEY/iki8BFZEoBXpqQK
KJolxCN1UkQuq6vdqh/CTTpXlo/oH/jQ/sZxb6uctuRbOxDxYYv6wTDj0vYwsU4A
+6Zz+VEo1Ct+YHO5hFywUC73czGTeyLNDhy3bfRfDxW9GYcI6EyW37bsSRBwBCpi
2CJh
-----END CERTIFICATE-----
Generated at Fri Apr 18 02:00:30 2025 by rpki-client