Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/IQ63PVCcdnNEeaCzWpShEM_KIJU.roa
File: IQ63PVCcdnNEeaCzWpShEM_KIJU.roa (raw, json)
Hash identifier: Srk/3hVay2W1NrCwEx/w+Nz/ln0lDwx30QsmH1og6GU=
Subject key identifier: 21:0E:B7:3D:50:9C:76:73:44:79:A0:B3:5A:94:A1:10:CF:CA:20:95
Certificate issuer: /CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Certificate serial: 01857270F726299FD7E269C13D73073DCCD1
Authority key identifier: E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/IQ63PVCcdnNEeaCzWpShEM_KIJU.roa
Signing time: Mon 02 Jan 2023 12:24:44 +0000
ROA not before: Mon 02 Jan 2023 12:24:44 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 34373
IP address blocks: 37.143.37.0/24 maxlen: 24
37.143.36.0/24 maxlen: 24
Validation: Failed, certificate revoked on Fri 10 Feb 2023 08:17:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:85:72:70:f7:26:29:9f:d7:e2:69:c1:3d:73:07:3d:cc:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e138ec242a43e9c9d4ceb25dc90e5453373d3f46
Validity
Not Before: Jan 2 12:24:44 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=210eb73d509c76734479a0b35a94a110cfca2095
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:e0:19:47:5a:9c:ae:63:73:e5:b1:0f:57:12:
aa:2c:fe:4f:5d:4c:5c:dd:64:77:c5:e5:55:03:bd:
ba:da:24:6c:68:b4:37:17:fe:b9:9e:6e:93:6b:4a:
93:3c:3a:44:13:26:27:c0:05:83:61:13:6b:53:bf:
97:14:71:a0:00:d0:79:b7:fb:40:08:37:51:c4:02:
0f:0e:67:e2:26:5e:14:cd:0a:32:84:8c:c7:66:6d:
ae:2f:05:45:5e:6c:a1:28:86:b6:ee:0c:67:b0:90:
e9:69:08:03:f7:fb:a3:44:1a:27:03:24:61:0a:10:
4d:75:35:c7:62:2d:26:5b:0a:aa:92:79:a1:6e:bb:
8f:9d:35:b5:c5:56:78:b5:6b:6a:05:86:0c:0f:28:
bd:79:a3:b9:a1:22:c4:55:14:6e:2e:50:98:46:d9:
1c:5d:1c:82:44:00:ef:7a:6d:55:47:a1:3c:83:ad:
52:91:7e:42:a0:85:20:82:8f:78:5b:b3:47:01:52:
cc:ca:8f:2e:45:7d:0d:e6:71:72:cc:1d:97:e8:23:
0b:f2:48:67:f5:f7:83:50:d7:52:20:38:54:02:2a:
38:bc:7d:0a:0d:4d:df:dd:f9:8c:b0:e7:d5:37:0d:
8c:ec:46:b5:1e:1a:93:c5:9c:32:73:36:90:df:87:
39:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:0E:B7:3D:50:9C:76:73:44:79:A0:B3:5A:94:A1:10:CF:CA:20:95
X509v3 Authority Key Identifier:
keyid:E1:38:EC:24:2A:43:E9:C9:D4:CE:B2:5D:C9:0E:54:53:37:3D:3F:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/IQ63PVCcdnNEeaCzWpShEM_KIJU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/0b7fd3-90f0-45d1-8a58-6785cd456871/1/4TjsJCpD6cnUzrJdyQ5UUzc9P0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.36.0/23
Signature Algorithm: sha256WithRSAEncryption
ad:69:5b:c9:7b:c5:0b:7a:37:c4:31:28:dc:6a:f3:f9:93:fb:
b6:3b:d1:5f:11:97:42:42:ce:ac:b4:ad:60:d1:9e:21:9e:ca:
be:fc:7f:4b:1b:83:a9:6a:6e:cc:09:54:57:08:84:f2:72:92:
40:cc:2b:ae:17:fe:8b:55:1b:ca:77:71:dd:dd:9b:23:98:7d:
ef:a3:8e:d7:77:54:cb:0d:d9:7e:eb:7a:0c:2c:ca:20:ac:8d:
d6:50:38:52:c9:8f:29:fe:b5:ac:0e:d4:18:11:6b:0f:7b:aa:
ff:08:27:26:4e:1a:e8:46:8f:0b:65:b5:54:9e:cd:03:97:11:
ab:f9:87:89:c4:50:e6:a4:c7:6d:d3:84:5e:b2:65:8a:a0:22:
2e:8c:df:0f:e7:9b:35:ce:04:13:4b:95:65:a4:59:fb:7f:ab:
60:6b:11:29:62:b0:39:2a:5d:40:73:71:06:2e:91:ba:0e:87:
ff:7a:70:f4:7b:26:58:2f:39:38:7f:f0:02:32:84:f6:bc:97:
a8:9b:36:76:1a:82:6c:b5:15:d4:b4:cd:80:e8:df:d2:49:a7:
42:3b:fd:d2:51:8e:a8:75:95:9b:86:32:1b:a7:49:52:4d:22:
dd:e7:1b:30:0c:02:f9:a4:b3:8e:b1:87:ce:d3:a6:bc:c6:89:
dd:ee:23:bb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYVycPcmKZ/X4mnBPXMHPczRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMzhlYzI0MmE0M2U5YzlkNGNlYjI1ZGM5MGU1NDUzMzcz
ZDNmNDYwHhcNMjMwMTAyMTIyNDQ0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTBlYjczZDUwOWM3NjczNDQ3OWEwYjM1YTk0YTExMGNmY2EyMDk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAneAZR1qcrmNz5bEPVxKqLP5PXUxc
3WR3xeVVA7262iRsaLQ3F/65nm6Ta0qTPDpEEyYnwAWDYRNrU7+XFHGgANB5t/tA
CDdRxAIPDmfiJl4UzQoyhIzHZm2uLwVFXmyhKIa27gxnsJDpaQgD9/ujRBonAyRh
ChBNdTXHYi0mWwqqknmhbruPnTW1xVZ4tWtqBYYMDyi9eaO5oSLEVRRuLlCYRtkc
XRyCRADvem1VR6E8g61SkX5CoIUggo94W7NHAVLMyo8uRX0N5nFyzB2X6CML8khn
9feDUNdSIDhUAio4vH0KDU3f3fmMsOfVNw2M7Ea1HhqTxZwyczaQ34c5VwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCEOtz1QnHZzRHmgs1qUoRDPyiCVMB8GA1UdIwQY
MBaAFOE47CQqQ+nJ1M6yXckOVFM3PT9GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgt
Njc4NWNkNDU2ODcxLzEvSVE2M1BWQ2Nkbk5FZWFDeldwU2hFTV9LSUpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wYjdmZDMtOTBmMC00NWQxLThhNTgtNjc4NWNkNDU2ODcx
LzEvNFRqc0pDcEQ2Y25VenJKZHlRNVVVemM5UDBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBJY8kMA0G
CSqGSIb3DQEBCwUAA4IBAQCtaVvJe8ULejfEMSjcavP5k/u2O9FfEZdCQs6stK1g
0Z4hnsq+/H9LG4Opam7MCVRXCITycpJAzCuuF/6LVRvKd3Hd3ZsjmH3vo47Xd1TL
Ddl+63oMLMogrI3WUDhSyY8p/rWsDtQYEWsPe6r/CCcmThroRo8LZbVUns0DlxGr
+YeJxFDmpMdt04ResmWKoCIujN8P55s1zgQTS5VlpFn7f6tgaxEpYrA5Kl1Ac3EG
LpG6Dof/enD0eyZYLzk4f/ACMoT2vJeomzZ2GoJstRXUtM2A6N/SSadCO/3SUY6o
dZWbhjIbp0lSTSLd5xswDAL5pLOOsYfO06a8xond7iO7
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:18:58 2024 by rpki-client on console-fra.rpki-client.org