Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/pCUFeCn6tzbGWT_UP8_zxJP-Yk4.roa
File: pCUFeCn6tzbGWT_UP8_zxJP-Yk4.roa (raw, json)
Hash identifier: WzF/WfF45Obg31kzxZkBWAhoIFmtMD0YOeSLoinMmPU=
Subject key identifier: A4:25:05:78:29:FA:B7:36:C6:59:3F:D4:3F:CF:F3:C4:93:FE:62:4E
Certificate issuer: /CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Certificate serial: 019121DB49457DF29DEBCD29B57FD73E12C5
Authority key identifier: F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/pCUFeCn6tzbGWT_UP8_zxJP-Yk4.roa
Signing time: Mon 05 Aug 2024 09:25:04 +0000
ROA not before: Mon 05 Aug 2024 09:25:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204203
IP address blocks: 37.32.41.0/24 maxlen: 24
178.239.147.0/24 maxlen: 24
178.239.148.0/23 maxlen: 24
178.239.150.0/24 maxlen: 24
185.243.51.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 26 Aug 2024 05:51:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:21:db:49:45:7d:f2:9d:eb:cd:29:b5:7f:d7:3e:12:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f13533399f55eb52e6b2200c7cae4272b74d6464
Validity
Not Before: Aug 5 09:25:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a425057829fab736c6593fd43fcff3c493fe624e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:68:e8:b5:ca:9e:25:66:73:98:40:89:ba:4a:
59:7d:f8:55:90:62:d6:e9:38:a4:5b:05:98:5d:2e:
8e:9b:27:e7:63:97:81:85:47:72:88:10:61:7c:c2:
52:de:e7:58:10:b8:2b:d1:5f:33:88:df:9b:1b:d2:
1e:5e:36:1c:f8:2f:1d:4d:ce:bf:4b:f3:4d:73:7b:
60:af:25:88:2d:12:7a:9c:f2:ab:dd:8e:c3:00:b6:
72:4e:38:f9:56:53:3a:9b:05:f5:a2:54:ba:12:96:
7c:92:ab:6c:3d:02:43:72:37:85:82:88:b7:88:99:
7c:4b:b3:e5:be:03:de:17:94:a8:0e:f5:00:cf:74:
c1:20:0e:bb:07:d8:3a:50:af:c1:fe:23:5b:8b:81:
27:51:e1:ac:05:3a:be:34:b2:f7:61:84:52:16:94:
3a:a2:df:f6:80:d1:38:85:92:54:37:0c:91:45:44:
12:69:b7:9c:3e:86:6f:c1:b1:ad:19:41:1d:17:23:
33:2a:0c:d0:ae:13:2f:de:91:4a:88:19:e7:31:04:
9f:32:18:a1:2c:78:64:ff:0a:a8:5e:01:f1:41:7c:
14:2f:db:e1:0f:3a:62:7a:40:af:22:7d:5b:28:91:
69:02:62:1d:d0:c7:fd:2e:8c:5d:bd:52:03:44:f3:
39:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:25:05:78:29:FA:B7:36:C6:59:3F:D4:3F:CF:F3:C4:93:FE:62:4E
X509v3 Authority Key Identifier:
keyid:F1:35:33:39:9F:55:EB:52:E6:B2:20:0C:7C:AE:42:72:B7:4D:64:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/pCUFeCn6tzbGWT_UP8_zxJP-Yk4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/844eeb-cdf1-47f1-bcfa-989166881969/1/8TUzOZ9V61LmsiAMfK5CcrdNZGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.32.41.0/24
178.239.147.0-178.239.150.255
185.243.51.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:2e:c9:85:f0:2d:72:59:06:c4:d9:d8:f5:a0:1f:07:78:73:
8f:d3:94:1f:34:33:95:4e:3d:72:b4:f9:ba:51:70:1b:ba:25:
29:33:0d:07:e6:d1:c6:b2:70:50:c7:24:b5:ce:8d:0e:71:69:
c0:fc:ac:4e:e6:ca:e4:c4:96:17:cb:94:de:2d:b5:cb:5c:49:
75:38:6d:b6:ad:41:56:ef:cd:08:c8:87:54:2e:d9:98:fe:52:
23:96:9b:b5:1d:d8:4d:08:88:55:82:70:b5:a4:e5:4e:8f:c1:
3c:a2:f8:71:eb:b6:0a:8b:15:f7:4d:b7:82:f4:fa:78:50:09:
e1:7d:9d:74:f7:f1:b9:8d:6f:17:5a:e2:07:51:55:68:39:a8:
ee:34:3a:3e:fa:e1:c3:6c:6b:09:88:94:e6:16:ab:04:cf:66:
e3:bb:11:5f:84:16:3f:e8:48:7a:fa:2a:2a:50:bb:98:56:b2:
01:cc:9d:21:84:da:7f:9f:16:4d:ae:bd:7e:e3:62:42:11:d6:
d2:3e:fc:b0:74:cb:fc:f1:ba:e3:34:88:cc:53:ac:ec:f0:a4:
d8:54:63:8c:b4:f5:7a:b1:89:b7:80:b1:3a:a5:10:55:03:10:
0b:c0:e6:0f:d0:d2:a1:be:05:e4:b5:46:48:fa:31:53:35:07:
fa:fa:26:06
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZEh20lFffKd680ptX/XPhLFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxMzUzMzM5OWY1NWViNTJlNmIyMjAwYzdjYWU0MjcyYjc0
ZDY0NjQwHhcNMjQwODA1MDkyNTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDI1MDU3ODI5ZmFiNzM2YzY1OTNmZDQzZmNmZjNjNDkzZmU2MjRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2jotcqeJWZzmECJukpZffhVkGLW
6TikWwWYXS6OmyfnY5eBhUdyiBBhfMJS3udYELgr0V8ziN+bG9IeXjYc+C8dTc6/
S/NNc3tgryWILRJ6nPKr3Y7DALZyTjj5VlM6mwX1olS6EpZ8kqtsPQJDcjeFgoi3
iJl8S7PlvgPeF5SoDvUAz3TBIA67B9g6UK/B/iNbi4EnUeGsBTq+NLL3YYRSFpQ6
ot/2gNE4hZJUNwyRRUQSabecPoZvwbGtGUEdFyMzKgzQrhMv3pFKiBnnMQSfMhih
LHhk/wqoXgHxQXwUL9vhDzpiekCvIn1bKJFpAmId0Mf9LoxdvVIDRPM52wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKQlBXgp+rc2xlk/1D/P88ST/mJOMB8GA1UdIwQY
MBaAFPE1MzmfVetS5rIgDHyuQnK3TWRkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEt
OTg5MTY2ODgxOTY5LzEvcENVRmVDbjZ0emJHV1RfVVA4X3p4SlAtWWs0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi84NDRlZWItY2RmMS00N2YxLWJjZmEtOTg5MTY2ODgxOTY5
LzEvOFRVek9aOVY2MUxtc2lBTWZLNUNjcmROWkdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAJSApMAwD
BACy75MDBACy75YDBAC58zMwDQYJKoZIhvcNAQELBQADggEBAKEuyYXwLXJZBsTZ
2PWgHwd4c4/TlB80M5VOPXK0+bpRcBu6JSkzDQfm0caycFDHJLXOjQ5xacD8rE7m
yuTElhfLlN4ttctcSXU4bbatQVbvzQjIh1Qu2Zj+UiOWm7Ud2E0IiFWCcLWk5U6P
wTyi+HHrtgqLFfdNt4L0+nhQCeF9nXT38bmNbxda4gdRVWg5qO40Oj764cNsawmI
lOYWqwTPZuO7EV+EFj/oSHr6KipQu5hWsgHMnSGE2n+fFk2uvX7jYkIR1tI+/LB0
y/zxuuM0iMxTrOzwpNhUY4y09XqxibeAsTqlEFUDEAvA5g/Q0qG+BeS1Rkj6MVM1
B/r6JgY=
-----END CERTIFICATE-----
Generated at Mon May 12 21:02:41 2025 by rpki-client