Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/2XIZOjMtQgV1gseCEQW-TwaT47Q.roa
File: 2XIZOjMtQgV1gseCEQW-TwaT47Q.roa (raw, json)
Hash identifier: H56pBlpyFS9gZXKoMDY3FogCJ1SlCt63jyp/5MU5biY=
Subject key identifier: D9:72:19:3A:33:2D:42:05:75:82:C7:82:11:05:BE:4F:06:93:E3:B4
Certificate issuer: /CN=4456c14cd8724f9a909627b94e006cf69d12307b
Certificate serial: 0191B6F03BAD45C34A206735C2E555496C98
Authority key identifier: 44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/2XIZOjMtQgV1gseCEQW-TwaT47Q.roa
Signing time: Tue 03 Sep 2024 08:11:22 +0000
ROA not before: Tue 03 Sep 2024 08:11:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44654
IP address blocks: 37.252.208.0/23 maxlen: 23
37.252.208.0/24 maxlen: 24
37.252.209.0/24 maxlen: 24
37.252.210.0/23 maxlen: 23
37.252.210.0/24 maxlen: 24
37.252.211.0/24 maxlen: 24
37.252.212.0/23 maxlen: 23
37.252.212.0/24 maxlen: 24
37.252.213.0/24 maxlen: 24
37.252.215.0/24 maxlen: 24
109.205.8.0/21 maxlen: 24
185.36.124.0/22 maxlen: 24
185.36.124.0/23 maxlen: 23
185.36.124.0/24 maxlen: 24
185.36.127.0/24 maxlen: 24
2a02:d8::/32 maxlen: 48
2a02:d8:8::/48 maxlen: 48
2a02:d8:9::/48 maxlen: 48
2a02:d8:a::/48 maxlen: 48
Validation: Failed, certificate revoked on Thu 12 Sep 2024 13:33:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b6:f0:3b:ad:45:c3:4a:20:67:35:c2:e5:55:49:6c:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4456c14cd8724f9a909627b94e006cf69d12307b
Validity
Not Before: Sep 3 08:11:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d972193a332d42057582c7821105be4f0693e3b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8e:62:7c:9b:f8:5b:bf:1b:19:ab:bd:37:54:
89:bf:24:ff:22:ca:82:e1:2d:f7:7d:a5:0c:cf:53:
36:6c:de:8c:c5:3d:8a:1c:7b:80:81:8c:a4:29:4d:
6c:66:4e:4a:19:5e:32:84:3c:65:48:a8:ad:8c:c6:
11:26:56:2d:3e:9f:c5:91:1e:d3:7d:43:9d:c3:a9:
46:e9:f1:29:94:25:e7:e1:f3:81:e2:8f:7d:d4:10:
5c:11:36:e4:5d:80:c5:b4:2a:11:ad:eb:63:22:c4:
8b:0b:6b:4f:05:9f:15:ea:05:f7:03:6b:84:20:d4:
8c:4b:af:a9:83:b5:a9:be:58:b2:38:8f:e1:41:e2:
87:b7:60:54:15:4b:61:d1:40:fa:e4:90:18:55:39:
6e:ec:ba:b3:5e:e6:63:86:48:00:0f:c7:2e:0b:71:
7e:9e:f9:c2:42:58:6f:ba:bf:a0:af:de:2e:d4:e8:
0a:27:9f:0e:25:78:9e:c3:7c:41:fc:d3:d6:f4:b9:
e9:4b:e3:72:aa:77:90:98:78:f5:f9:95:48:62:ea:
e8:13:fe:5f:78:35:51:d0:26:61:7e:68:60:9a:13:
20:33:33:52:41:de:1d:2f:59:0e:6d:f2:1b:bb:07:
09:e4:8d:9e:b6:8f:66:6a:a5:08:0e:cb:af:a6:f1:
84:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:72:19:3A:33:2D:42:05:75:82:C7:82:11:05:BE:4F:06:93:E3:B4
X509v3 Authority Key Identifier:
keyid:44:56:C1:4C:D8:72:4F:9A:90:96:27:B9:4E:00:6C:F6:9D:12:30:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFbBTNhyT5qQlie5TgBs9p0SMHs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/2XIZOjMtQgV1gseCEQW-TwaT47Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/5ecfc2-da70-4333-8f96-5b87825c07ee/1/RFbBTNhyT5qQlie5TgBs9p0SMHs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.208.0-37.252.213.255
37.252.215.0/24
109.205.8.0/21
185.36.124.0/22
IPv6:
2a02:d8::/32
Signature Algorithm: sha256WithRSAEncryption
94:8a:0c:c8:7d:82:c6:93:27:ff:da:2d:ec:96:31:fd:f1:76:
6e:ef:7c:46:9f:d7:06:23:30:e5:36:e4:9f:47:4f:77:b1:e8:
d1:16:d3:79:00:4d:98:87:35:d6:63:dd:08:20:3c:e0:7b:c9:
50:18:80:86:fb:98:ce:de:f2:83:92:99:04:d9:4c:57:a5:15:
a8:d5:07:7e:52:f0:e0:d7:57:bf:59:1f:a2:81:28:ab:fd:45:
2e:6f:17:23:48:9d:95:35:bd:33:6c:77:f9:ec:83:c9:7a:e9:
1d:08:b9:ea:42:07:6e:f9:5d:3b:49:97:80:5a:4c:22:b0:33:
a0:14:12:43:dd:c0:fa:63:fb:d0:a3:5d:95:9b:0a:98:b2:f6:
31:ba:8c:95:6e:cf:be:67:d0:32:f7:82:4e:08:63:d0:5b:31:
2e:21:8a:a0:7f:2f:b1:4c:1a:de:00:31:f9:5c:2d:16:c1:f7:
bd:c0:1b:b3:fa:83:58:42:ca:a2:29:47:6d:ae:7b:8e:89:78:
5b:d7:e1:e5:56:18:e6:9e:8e:f0:dc:e1:2e:00:53:60:71:4a:
e0:3a:3e:65:b5:9c:a8:5b:99:2a:e5:f7:3d:92:e3:eb:3d:2b:
e1:b6:64:2d:60:d0:32:6d:9e:74:2e:65:33:2f:9a:5d:a9:87:
7c:2a:bc:c7
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZG28DutRcNKIGc1wuVVSWyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTZjMTRjZDg3MjRmOWE5MDk2MjdiOTRlMDA2Y2Y2OWQx
MjMwN2IwHhcNMjQwOTAzMDgxMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTcyMTkzYTMzMmQ0MjA1NzU4MmM3ODIxMTA1YmU0ZjA2OTNlM2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiY5ifJv4W78bGau9N1SJvyT/IsqC
4S33faUMz1M2bN6MxT2KHHuAgYykKU1sZk5KGV4yhDxlSKitjMYRJlYtPp/FkR7T
fUOdw6lG6fEplCXn4fOB4o991BBcETbkXYDFtCoRretjIsSLC2tPBZ8V6gX3A2uE
INSMS6+pg7WpvliyOI/hQeKHt2BUFUth0UD65JAYVTlu7LqzXuZjhkgAD8cuC3F+
nvnCQlhvur+gr94u1OgKJ58OJXiew3xB/NPW9LnpS+NyqneQmHj1+ZVIYuroE/5f
eDVR0CZhfmhgmhMgMzNSQd4dL1kObfIbuwcJ5I2eto9maqUIDsuvpvGE8wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFNlyGTozLUIFdYLHghEFvk8Gk+O0MB8GA1UdIwQY
MBaAFERWwUzYck+akJYnuU4AbPadEjB7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYt
NWI4NzgyNWMwN2VlLzEvMlhJWk9qTXRRZ1YxZ3NlQ0VRVy1Ud2FUNDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS81ZWNmYzItZGE3MC00MzMzLThmOTYtNWI4NzgyNWMwN2Vl
LzEvUkZiQlROaHlUNXFRbGllNVRnQnM5cDBTTUhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgMAwDBAQl/NAD
BAEl/NQDBAAl/NcDBANtzQgDBAK5JHwwDQQCAAIwBwMFACoCANgwDQYJKoZIhvcN
AQELBQADggEBAJSKDMh9gsaTJ//aLeyWMf3xdm7vfEaf1wYjMOU25J9HT3ex6NEW
03kATZiHNdZj3QggPOB7yVAYgIb7mM7e8oOSmQTZTFelFajVB35S8ODXV79ZH6KB
KKv9RS5vFyNInZU1vTNsd/nsg8l66R0IuepCB275XTtJl4BaTCKwM6AUEkPdwPpj
+9CjXZWbCpiy9jG6jJVuz75n0DL3gk4IY9BbMS4hiqB/L7FMGt4AMflcLRbB973A
G7P6g1hCyqIpR22ue46JeFvX4eVWGOaejvDc4S4AU2BxSuA6PmW1nKhbmSrl9z2S
4+s9K+G2ZC1g0DJtnnQuZTMvml2ph3wqvMc=
-----END CERTIFICATE-----
Generated at Thu Sep 12 16:40:44 2024 by rpki-client on console-fra.rpki-client.org